Audit Prerequisites should include
- Clear definition of the scope of the project to be assessed typically in the form of a specific commit hash of project files/folders on a github repository
- Public/private repository
- Public/anonymous team
- Specification of the project’s design and architecture
- Documentation of the project’s implementation and business logic
- Threat models and specific areas of concern
- Prior testing, tools used, other audits
- Timeline, effort and costs/payments
- Engagement dynamics/channels for questions/clarifications, findings communication and reports
- Points of contact on both sides
- Clear Scope
- Repository
- Team
- Specification
- Documentation
- Threat Model
- Prior Reviews
- Timeline/Effort
- Engagement Mode
- Point of Contact