This website uses cookies. View our cookie policy
United Kingdom
Select regional store:

Why Choose IT Governance?

IT Governance is a world leader in the field of IT GRC (governance, risk management and compliance) solutions.

We offer a complete set of products and services, including information and advice, books and tools, consultancy and technical services, and training and staff awareness for IT GRC and information security.

Our exclusive mix of consultancy expertise, training and tools means you can find all you need for your project in one place.

Our consultancy services

Our knowledge and experience can accelerate your projects, wherever you are in the world. We’re independent of vendors and certification bodies, and encourage our clients to select the best fit for their needs and objectives.

IT Governance is recognised by UKAS-accredited certification bodies as a leading consultancy.

We can deliver face-to-face consultancy wherever and however you need it and, thanks to our unique Live Online consultancy and packaged solutions, we can provide our expertise to clients anywhere in the world.

Click here for more information on our global consultancy delivery >>

Global delivery

Our wide range of consultancy delivery methods are guaranteed to suit all budgets, timescales and preferred project approaches – all over the world.

100% guarantee of successful certification

We offer a no-quibble 100% guarantee of successful certification for any certification project we work on.

Ongoing support

IT Governance believes that serving you well means helping you to develop the skills and knowledge necessary to run your own management systems and compliance programmes. We will help you develop your skills and confidence up to and beyond certification. Our value-for-money approach aims to help clients take ownership of their management systems and use them to improve performance across the organisation.

More than 15 years’ experience

IT Governance has substantial real-world experience designing and implementing IT GRC-related management systems. Founded in 2002, IT Governance originally focused on information security standards – notably ISO 27001, which we have been implementing since its inception. We are now a professional services company with a wealth of consultancy skills.

Hundreds of satisfied customers

We have helped more than 600 consultancy clients gain ISO 27001 certification, proving their compliance with one of the most demanding management system standards.

Click here for our consultancy case studies >>

Click here for our consultancy FAQs >>

Free, no-obligation advice

We provide free advice to point you in the right direction – without any obligation to buy.

Call us on +44 (0)333 800 7000 or email

Flexible service packages

Our range of flexible and cost-effective delivery options mean that, whatever your resources, knowledge or preferred project approach, we can provide a solution that will make the most of your assets.

We will provide the level of support that you require, in the context of the resources and project plan we have agreed with you. This is true whether you seek certification to international standards based on the findings of an initial scoping project, to follow best practice, or simply to become compliant.

We understand that no two situations are identical, and tailor our services and solutions to meet your needs, from fixed-price packages to bespoke consultancy.

Security Testing

Our experienced CREST-accredited consultants assess your data security by applying robust methodologies. Our threat-based approach delivers a realistic appraisal of the current state of your security and the risks attackers pose to your business. We will provide a detailed breakdown of all your results in an easily interpreted format based on the damage potential, reproducibility, exploitability, number of affected users and discoverability of each finding. Detailed output means you can replicate the issue, and specific remediation advice will leave you in no doubt of how to fix the issue.

Benefits of our security testing services:

  • The flexibility to choose the level of penetration test to meet your budget and technical requirements.
  • Penetration testing services accredited to exacting criteria set by CREST provide you with the technical assurance you need from an information security partner.
  • Whether testing your applications, networks, employees or your team, you’ll be armed with new ways to strengthen your organisation against cyber threats.
  • Our consultants can produce a structured framework to achieve all your compliance requirements, ensuring effective use of in-house resources and expenditure control.
  • We’ll communicate any issues or remediation recommendations in a clear and jargon-free format so that they can be understood by your engineering and senior management teams alike.
  • Based on the test results, we will discuss the findings with all relevant audiences and provide a customised course of action for both leadership and technical audiences.

Our security testing services include:

Training courses

IT Governance delivers a unique portfolio of training courses and examinations leading to internationally recognised accredited qualifications awarded by BCS Professional Certification, (ISC)2®, ISACA®, APMG International and the International Board for IT Governance Qualifications (IBITGQ).

Training courses are delivered in classroom, Live Online and in-house formats.

Benefits of our training courses:

  • We are an acknowledged leader in ISO 27001, information security and business continuity management training.
  • Our trainers are experienced practitioners who take a practical, hands-on approach.
  • Fully integrated and structured learning paths accommodate attendees with all levels of knowledge.
  • Courses are delivered at our public training centres, Live Online or as in-house training sessions.
  • Your booking is guaranteed – we never cancel a course.

Our training courses include:


We supply a range of documentation toolkits to help save you time and resources as you implement best practice and achieve certification.

Our toolkits have been designed and written by subject matter experts, ensuring that our customers benefit from real-world practices.

With fully customisable templates and guidance on how to use them, our toolkits cover information security, data protection, quality management, business continuity, energy management and many other disciplines. Our range includes:

Click here to find out more about toolkits >>

Speak to an expert

As specialists in cyber security, data protection, GDPR compliance, ISO 27001 implementation and risk management, we have an extensive range of products and services. Whether you’d like support to improve staff awareness and understanding within in your organisation, guidance and advice from our consultative service, or you wish to update your policies and procedures with a documentation toolkit, we have the solution for you.

Speak to one of our team members for more information or support with implementing a security standard or regulatory compliance project.