It really depends on what type of testing. If we are talking about load, automation, etc. Then we have to have stable environment where the scripts can be executed. Also those requirements have to be defined to some extend to create baselines. Security testing is something that can be executed even if not all the functionality is available.