Are you making the same mistake at the start of your pentest?

It's not the security tester's responsibility to know the in's and out's of your system on day one.

Set your pentester up for success by giving them access to historical context, vulnerability history, architecture development etc, so they don't waste time testing for things you already know.

What else would you make sure your tester understood before kickoff?