With small or routine projects, the project scope can be straightforward. But for large or complex projects with many people and resources involved, questionnaires provide a way to gather necessary information about the environment in order to proceed with the project.

Questionnaires contain a list of questions to identify key information about the project, such as what needs to be scanned or tested. Questionnaires are assigned to team members capable of providing this information. Example questions could include:
  • What are the range of IP addresses that need to be scanned?
  • What URLs need to be scanned?
  • Which repositories contain source code files that need to be scanned?
  • Who is in charge of maintaining these systems or devices?
  • Are there certain times of the day where scanning or penetration testing should or should not be done?
  • What are the credentials needed for basic access to a system or application?

The content of questionnaires will likely vary from project to project, especially for different project types such as a network scan or an application test.

You can add as many questions as you need to a questionnaire and you can tailor the answer type for individual questions. Multiple answer types are supported, including text fields, check boxes, and radio buttons.

Questionnaire templates and assigned questionnaires

Use questionnaire templates when you need to create a new questionnaire. Configure questions and supporting information within the template. When you assign the template to team members, an instance of that template is created as an assigned, interactive questionnaire. The questions in the assigned questionnaire are static — if you make changes to the template, the assigned questionnaire remains the same. This way if a user saves an incomplete questionnaire and returns to it later, there is no risk of their assigned questionnaire changing in the mean time. If you need to use an updated template, reassign the template.