The Security Auditing Framework and Evaluation Template for Advocacy Groups (SAFETAG) is a professional audit framework that adapts traditional penetration testing and risk assessment methodologies to be relevant to smaller non-profit organizations based or operating in the developing world.
The SAFETAG audit framework has been re-built in a new framework built around open source tools, hosted at github - watch for compiled versions of the framework documents in the Releases. If you're on Linux, you can follow the installation process to build PDF files out of the collection of markdown text documents and prepare audit reports.
You can download the overview, the full guide and the process map of the SAFETAG audit here:
SAFETAG resources are available under a Creative Commons Attribution-ShareAlike 3.0 Unported (CC BY-SA 3.0) License
Please see the full license for content attribution and a usage guide to referring to the "SAFETAG" wordmark.
We'd love to hear from you at info at safetag.org.
We have a global network of auditors trained in the SAFETAG framework available for independent work with small NGOs.
For updates or suggestions for the framework, please submit an issue.