Depends. Some certifications lay out specific requirements for pentesting. In general, I would mirror many certifications and say annually. If you make major changes to your network, I would think it would be wise to conduct penetration tests. One thing to keep in mind if you use AWS or other cloud service, you probably need to get approval first and make sure that you don't violate your TOS by conducting penetration testing out of the blue.
Answer
Depends. Some certifications lay out specific requirements for pentesting. In general, I would mirror many certifications and say annually. If you make major changes to your network, I would think it would be wise to conduct penetration tests. One thing to keep in mind if you use AWS or other cloud service, you probably need to get approval first and make sure that you don't violate your TOS by conducting penetration testing out of the blue.