IT Governance’s bespoke consultancy services deliver any combination of hands-on, in-house, or Mentor and Coach consultancy, through any combination of online channels and on-site activity, anywhere in the world, in line with a customised plan that is designed to get your organisation ready for accredited certification within an agreed timeframe.
Where independently accredited certification to a management systems standard is the intended outcome, we offer a 100% guarantee of success.
Click here for more reasons to engage IT Governance’s consultants >>
On this page
IT Governance bespoke consultancy services
NCSC Certified Cyber Security Consultancy scheme
IT Governance provides bespoke cyber security consultancy services aligned with the NCSC’s Certified Cyber Security Consultancy (CCSC) scheme.
Click for more information on the NCSC Certified Cyber Security Consultancy scheme >>
Cyber Essentials scheme
IT Governance is a certification body for the government’s Cyber Essentials scheme. Our range of consultancy services enables any organisation to cost-effectively gain certification to Cyber Essentials or Cyber Essentials Plus.
Click for more information on bespoke Cyber Essentials consultancy >>
Data protection, the DPA and the GDPR
IT Governance’s data protection consultancy can help you meet the requirements of the UK Data Protection Act (DPA) and prepare for the requirements introduced by the EU General Data Protection Regulation (GDPR).
Click for more information on bespoke data protection, DPA and GDPR consultancy >>
G-Cloud supplier assurance
The G-Cloud framework allows UK Government bodies to purchase Cloud services, and is aimed at making public-sector Cloud service acquisition quicker and more transparent. This selection process eliminates the need to go through a full tender process. IT Governance has the security expertise and industry knowledge to help Cloud service providers that want to apply to join the G-Cloud framework: we can provide expertise in the form of information assurance audits, ISO 27001 certification, and NCSC Certified Professionals (CCPs) to undertake the necessary assurance activities.
Click for more information on bespoke G-Cloud assurance consultancy >>
ISO 50001 (energy management) and ISO 14001 (environmental management)
IT Governance can help you demonstrate compliance with the ESOS regulations by implementing an energy management system (EnMS) compliant with ISO 50001. We can also help you implement an ISO 14001 environmental management system (EMS) to control the environmental impact of your activities, products and services, while demonstrating the continual improvement of their environmental performance.
Click for more information on bespoke ISO 50001 and ISO 140001 consultancy >>
ISO 9001 and quality management
IT Governance can help you implement a quality management system (QMS) compliant with ISO 9001. With over 1.1 million certifications worldwide, ISO 9001 is globally recognised as the best framework for helping organisations identify product or service deficiencies and make improvements quickly, resulting in less waste, less inappropriate or rejected work, and fewer complaints.
Click for more information on bespoke ISO 9001 and quality management consultancy >>
ISO 20000 and IT service management
IT Governance can provide whatever you need to help you achieve ISO 20000 certification for all or part of your service delivery organisation. Services can be provided in a flexible way to suit the needs of your organisation.
We also offer ISO 20000 FastTrack™ Consultancy, with which you can achieve certification in three months for a fixed price.
Click here for more information on bespoke ISO 20000 and IT service management consultancy >>
ISO 22301 and business continuity
IT Governance can provide a comprehensive solution to implementing a business continuity management system (BCMS) based on the international standard ISO 22301, and achieving certification in the shortest possible time. Our ISO 22301 and business continuity consultancy service includes assessing your current business continuity plans, policies and procedures, and developing an executive report and prioritised roadmap of recommended activities and solutions, aligned to ISO 22301. We also offer ISO 22301 FastTrack Consultancy, with which you can achieve certification in four months for a fixed price.
Click here for more information on bespoke ISO 22301 and business continuity consultancy >>
ISO 27001 and information security
We’ve successfully helped over 400 companies – from SMEs to FTSE 100 companies – to achieve ISO 27001 certification over the last 15 years. Whatever your ISO 27001 consultancy needs, we have the right level of service to help you implement an ISO 27001-compliant information security management system (ISMS) quickly and without hassle, whatever your size, sector or location. We also offer ISO 27001 FastTrack™ Consultancy, with which you can achieve certification in three months for a fixed price.
Click here for more information on bespoke ISO 27001 and information security consultancy >>
IT Health Check
Security testing provides an appropriate level of assurance that technical vulnerabilities have been identified and effectively controlled. An IT Health Check can include application testing, penetration testing, wireless network testing, security audit and an internal network vulnerability assessment.
Click here for more information on bespoke IT Health Checks >>
NHS IG Toolkit
The Information Governance (IG) Toolkit enables NHS suppliers and partners to assess themselves against the Department of Health’s Information Governance policies and standards. IT Governance can help your organisation develop your IG Toolkit improvement plan for the first time, or provide ongoing support to help facilitate continuous compliance with the requirements of the IG Toolkit, on time and within budget. We also offer IG Toolkit FastTrack Consultancy, with which you can achieve certification in three months for a fixed price.
Click here for more information on bespoke IG Toolkit consultancy >>
Penetration testing – infrastructure and web application
Penetration testing (pen testing) is the most effective way of demonstrating that exploitable vulnerabilities within your company’s internet-facing resources have been identified, allowing suitable patches to be applied. IT Governance provides a range of bespoke penetration tests that deliver cost-effective and practical solutions to help you meet your legal, regulatory and contractual requirements. IT Governance Ltd is a CREST member company. Clients can rest assured that IT Governance penetration tests will be carried out to the highest standards by qualified and knowledgeable individuals.
Click here for more information on bespoke penetration testing >>
PCI DSS compliance
IT Governance is a PCI Qualified Security Assessor (QSA) company. If your organisation is a merchant or service provider, IT Governance can help you improve your cyber security and comply with the requirements of the PCI DSS in the shortest timeframe and for the minimum cost. Whether you need help reducing your cardholder data environment (CDE) or completing a self-assessment questionnaire (SAQ), or your increased transaction volumes have seen you move up a level and you now need a QSA-led report on compliance (ROC), our QSAs and PCI DSS experts can help you find the right way forward.
Click here for more information on bespoke PCI DSS consultancy >>
PCI QSA services
In our capacity as an approved QSA company, our principle role is to ensure that an organisation is fully compliant with the requirements of the PCI DSS. Our status as an approved QSA company underpins our range of PCI DSS consultancy services which include project scoping, gap analysis, remediation support and audit.
Click here for more information on bespoke PCI QSA services >>
Government departments such as the Department for Work and Pensions are asking providers to set out their security plan before or shortly after being awarded a contract. IT Governance's consultants can help you complete your security plan and meet government requirements.
Click here for more information on bespoke security plans >>
Supplier audit and supply chain assurance
Our supplier audit and supply chain assurance service is non-sector-specific and includes both training and consultancy. It ensures you deliver the degree of assurance you and your stakeholders require with maximum efficiency. We ensure your supplier audit and monitoring regime is running efficiently and effectively by optimising the use of data collection, using remote and on-site auditing. Where appropriate, we recommend the use of ISO 28000, the management system standard for supply chain security.
Click here for more information on bespoke supplier audit and supply chain assurance consultancy >>
tScheme is the independent, industry-led, self-regulatory scheme designed to create strict assessment criteria for the approval of e-business and e-government Trust Services. Our free, no-obligation assessment will give you an overview of how you measure up against the current requirements of tScheme, and identify the steps you need to take to meet them. You can also take advantage of our additional support options, including a mentor and coach to your internal project team, and even the appointment of our team of experts to run your project for you.
Click here for more information on bespoke tScheme compliance consultancy >>
Return to the Consultancy homepage >>