Skip to Main Content
Learn for less: Save 10% on high-quality foundation and auditor training. Find out more
Social engineering penetration test

Social engineering penetration test

SKU: 5090
Format: Consultancy

This social engineering attack will test employees’ adherence to the security policies and practices defined by the management team. 

For more information about this service or to get a tailored quote for your organisation, please enquire below and one of our experts will be in touch shortly.Enquire about this service

IT Governance will conduct a thorough social engineering assessment to help model your real threats and provide actionable recommendations to improve your information security procedures and cyber security awareness. 

The scope of each engagement is tailored to your organisation’s requirements and goals. We can use both traditional and non-traditional techniques to test your resilience to an attack. These might include assessing the following:

  • Open source intelligence gathering.
  • Phishing and social engineering attacks against agreed targets.
  • Perimeter and internal surveillance attacks. 
  • Staff procedure bypasses.
  • Data exfiltration, acquiring assets and intellectual property rights.
  • Assessing staff and management training.

These engagements are designed to identify gaps in security practices. Testing will focus on identifying the potential harm that a social engineering attack could achieve, and serve as a tool to train staff.

Your challenge

Social engineering is a proven attack vector for attackers to gain access to your organisation. Cyber criminals use social engineering techniques to influence employees into giving up privileged information or access to an organisation.

Social engineering is popular among criminal hackers because it can be easier to exploit people than to find a network or software vulnerability. By gaining access to the building or the network, an attacker can access data, steal assets or even harm people.

Our service offering:

  • A consultation to determine the extent of the social engineering engagement.
  • Design and development of an optimal social engineering attack. Our social engineering team might mimic a threat actor, copy common industry attacks or pursue an entirely bespoke attack vector.
  • Carefully designed non-destructive social engineering attacks that aim to gain access to the systems and/or buildings that hold the target information defined by you.
  • Our experienced consultants interpret the results to provide trend analysis and highlight problem areas such as department or location.
  • If required, we can run a workshop that will help internal staff identify and respond to the cyber threats conducted during the exercise.


Our social engineering penetration test will help you:

  • Establish the information that an attacker could obtain about your organisation that is freely available in the public domain;
  • Establish how susceptible your employees are to social engineering attacks;
  • Determine the effectiveness of your information security policy and your cyber security controls to identify and prevent social engineering attacks; and
  • Develop a targeted awareness training programme.

COVID-19: remote delivery options

We would like to reassure our clients that all training and consultancy services will go ahead as scheduled during the current COVID-19 situation. As a company that fully embraces flexible and remote working, we are adjusting our delivery methods to allow us to provide consultancy services, penetration tests and training remotely where necessary. Please also refer to our COVID-19 policy.


Service conditions

  • An on-site presentation of report findings and remedial consultations can be provided upon request at an additional cost.
  • Travel and transportation costs related to work conducted at the client’s premises will be billed separately.
Why IT Governance?

Why choose us?

  • Penetration tests should only be carried out by experienced consultants with the necessary technical skill set and qualifications. Our consultants have strong technical knowledge and a proven track record in finding security vulnerabilities. They can carry out exploits in a safe manner and advise on appropriate mitigation measures to ensure that your systems are secure.
  • Our CREST-certified penetration testing team will provide you with clarity, technical expertise and peace of mind knowing that your wireless network has been reviewed by experienced testers in line with your business requirements.
  • For Azure clients, our penetration tests comply with the Microsoft Rules of Engagement . This means we take care to limit all penetration tests to your assets, thereby avoiding unintended consequences to your customers or your infrastructure.

Customer Reviews

This website uses cookies. View our cookie policy
SAVE 10%