CREST and CHECK Penetration testing

What is CREST?

CREST is an international accreditation and certification body for organisations and/or individuals within the technical information security market. IT Governance has achieved CREST accreditation within penetration testing and vulnerability scanning.

CREST ensures that accredited services are using the correct policies, processes and procedures to ensure quality of service and protection of client information. These organisations are assessed annually to ensure they are meeting the high standards.

What is CHECK?

CHECK is the term for NCSC (National Cyber Security Centre)-approved penetration testing organisations. CHECK was developed for government departments, public-sector bodies and the organisations forming the UK’s critical national infrastructure.

What accreditation body do you require?

CHECK is required for central government departments and their associated agencies:

  • All systems processing data protectively marked ‘OFFICIAL’ will be assessed by organisations approved under CHECK.
  • Requests for testing of systems processing data protectively marked ‘SECRET’ and above should be sent to the NCSC – we may recommend that the task be performed by a CHECK organisation.

CREST is recommended for all other penetration testing requirements.

Want to know more?

Enquire for CHECK penetration testing

If you would like to know more about the CHECK penetration testing services we can provide, please get in touch.

Get in touch

Enquire for CREST penetration testing

If you would like to know more about the CREST penetration testing services we can provide, please get in touch.

Get in touch

This website uses cookies. View our cookie policy
WIN £100