This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Find out more here

United Kingdom

Select your regional store:


Penetration Testing (Pen Testing) Packages

IT Governance’s recurring penetration test packages provide a complete solution for routine security testing of your websites and IT systems. IT Governance is a pioneer in making penetration testing easy to understand and buy. While significant sophisticated skills are required for effective penetration testing, we believe that our customers should be able to quickly understand what they are buying and how much it will cost.

IT Governance penetration tests


Maintain your cyber security – year in and year out!

Save 15% with our recurring penetration testing packages.

ITG recurring penetration testing packages

These repeat packages are designed to identify vulnerabilities in your systems, networks and/or applications, and to provide advice and recommendations for any corrective measures required. When a remedial activity has been completed, IT Governance recommends that the original testing is repeated to ensure that the system is now fully secure. Our recurring penetration test packages are offered on a single , biannual or quarterly test basis.


As a CREST member company, IT Governance has been verified as meeting the rigorous standards mandated by CREST. Our clients can rest assured that we offer vulnerability scanning and assessment services of the highest standards. In addition, IT Governance is a CREST-accredited certification body for the Cyber Essentials scheme.

The benefits of ITG recurring penetration testing packages:

  • A recurring package or contract provides a complete solution for the efficient and routine testing of your IT system.
  • A package helps you to lock the price down now and avoid any future price increases.
  • You are assured that your networks and applications are secure against cyber attacks.
  • Get peace of mind in the knowledge that all your testing requirements have been taken care of for a specific period, helping achieve compliance with the PCI DSS and ISO 27001.
  • Many of our solutions are designed to offer smaller organisations a cost-effective method of testing their network's security.
  • Regular testing ensures that your networks and applications remain secure over a period of time.
  • If you are required to be PCI DSS compliant at Level 1, you are required to conduct BOTH an annual penetration test and quarterly automated scans from an approved scanning vendor (ASV).
  • The IT Governance PCI Compliance Penetration Testing package is designed to provide an organisation with all the tests required for compliance for a one-, two- or three-year period, and is offered at a significant discount on the cost of the respective tests.

ISO 27001 and penetration testing

If you are implementing ISO 27001, a penetration test is crucial during these ISMS implementation stages:

  • As part of the risk assessment process: uncovering vulnerabilities in any Internet-facing IP addresses, web applications, or internal devices and applications, and linking them to identifiable threats.
  • As part of the performance evaluation, ensuring that controls actually work as designed.
  • As part of the ongoing continual improvement processes, ensuring that controls continue to work as required.
  • Whenever significant changes are made to your network infrastructure

PCI DSS and penetration testing

Pen testing is an essential element of PCI DSS compliance.

Requirement 11 of the PCI DSS states that “system components, processes, and custom software should be tested frequently to ensure security controls continue to reflect a changing environment.”

PCI DSS testing requirements:

IT Governance provides all of the penetration testing requirements for PCI DSS compliance.

15 reasons to use IT Governance for your penetration testing needs


  1. We uniquely offer a combination of fixed-price and bespoke penetration testing solutions.
  2. Our clients benefit from the vast knowledge and deep experience of our penetration testing team.
  3. We are a CREST member company, which means that clients can rest assured in the knowledge that the work will be carried out to rigorous standards by qualified and knowledgeable individuals.
  4. Our clients are involved in a detailed consultation session prior to any testing to identify the depth and breadth of the tests required.
  5. Our penetration tests combine a number of automated vulnerability scans with a range of advanced manual tests by expert in-house penetration testers.

Click for more >>

To book your penetration testing service or to discuss your requirements, please call us now on +44 (0) 845 070 1750 or email

BUY Pen Test Books

Penetration Testing: Protecting Networks and Systems

Buy now