Re: There's more..
"It would be good if security auditors could get the status of lawyers re. client confidentiality. Now I'm the first to admit I havent' quite worked through all the negative implications of that (after all, you could be hired by what turns out to be the front of something rather dodgy), but I think security people could do with more protection."
If you are a pentester for hire, you should seriously look into ensuring that you are directly hired by a law-firm acting for the corporation you are to test. That can provide, in some circumstances, complete confidentiality as your work, is legal work-product. If the corporation has no ongoing litigation, or problems with its security, this may not work. But even the fact of being hired by the lawyers, with sign-off from the corporation to be tested (warranty and indemnity agreements, contractual scope of work etc), will be a big CYA in the case of problems.
Long ago, I was present, as a very junior not-to-be-heard-from minion, when a 'pentester' stated that he could get from the outside hall, to the President's office in less than 3 minutes, without tripping the existing alarm. (30th floor of office tower). The President told him to do ahead, so he did. What he did, was to kick a hole in the drywall from the hall, into, as it happened, a storage room, and then mosey down the hall to an office just outside of the range of the motion detecting alarms in reception, and proceed to kick his way through 3 more walls to the President's office. Made it by about 6 seconds.
Took about 2 weeks to get everything repaired. The building management was NOT amused. A LOT of finger pointing and recriminations ensued. He was not hired. But the alarm system was somewhat enhanced thereafter!