John Strand (Blackhills Information security) and Paul Asadoorian (Paul's Security Weekly Podcast) are hosting a webcast about this.
If you are unaware of these two, I would suggest you just Google or You Tube them, their reputations in all things IT security is up there with the best of the best. BTW, John strand is not the model John Strand!
I've seen many posts on here about Pen Testing and how to go about it, I would strongely suggest that this webcast is certainly a good investment of your time!
https://attendee.gotowebinar.com/register/1805013634081876994