When compiling a status report in the context of an ongoing penetration testing engagement, which of the following elements is most appropriate to include?
An attestation of findings similar to the final report
Detailed remediation steps for all discovered vulnerabilities
Final analysis of the business impact for each finding
Progress against planned milestones
A full risk rating of every finding
Comprehensive debrief on the tester's tactics and tools