Bespoke Consultancy


IT Governance’s bespoke consultancy services deliver any combination of hands-on, in-house, or Mentor and Coach consultancy, through any combination of online channels and on-site activity, anywhere in the world, in line with a customised plan that is designed to get your organisation ready for accredited certification within an agreed timeframe. All management system consultancy services come with a 100% guarantee of successful certification.

Why choose our consultants


IT Governance bespoke consultancy services:

Cyber Essentials scheme

IT Governance is a certification body for the government’s Cyber Essentials scheme. Our range of consultancy services enables any organisation to cost-effectively gain certification to Cyber Essentials or Cyber Essentials Plus.

Data protection and the GDPR

IT Governance’s data protection consultancy can help you prepare for the requirements introduced by the EU General Data Protection Regulation (GDPR).

ISO 50001 (energy management) and ISO 14001 (environmental management)

IT Governance can help you demonstrate compliance with the ESOS regulations by implementing an energy management system (EnMS) compliant with ISO 50001. We can also help you implement an ISO 14001 environmental management system (EMS) to control the environmental impact of your activities, products and services, while demonstrating the continual improvement of their environmental performance.

ISO 9001 and quality management

IT Governance can help you implement a quality management system (QMS) compliant with ISO 9001. With over 1.1 million certifications worldwide, ISO 9001 is globally recognised as the best framework for helping organisations identify product or service deficiencies and make improvements quickly, resulting in less waste, less inappropriate or rejected work, and fewer complaints.

ISO 20000 and IT service management

IT Governance can provide whatever you need to help you achieve ISO 20000 certification for all or part of your service delivery organisation. Services can be provided in a flexible way to suit the needs of your organisation. We also offer ISO 20000 FastTrack™ Consultancy, with which you can achieve certification in three months for a fixed price.

ISO 22301 and business continuity

IT Governance can provide a comprehensive solution to implementing a business continuity management system (BCMS) based on the international standard ISO 22301, and achieving certification in the shortest possible time. Our ISO 22301 and business continuity consultancy service includes assessing your current business continuity plans, policies and procedures, and developing an executive report and prioritised roadmap of recommended activities and solutions, aligned to ISO 22301.
We also offer ISO 22301 FastTrack Consultancy, with which you can achieve certification in four months for a fixed price.

ISO 27001 and information security

We’ve successfully helped over 400 companies – from SMEs to FTSE 100 companies – to achieve ISO 27001 certification over the last 15 years. Whatever your ISO 27001 consultancy needs, we have the right level of service to help you implement an ISO 27001 compliant information security management system (ISMS) quickly and without hassle, whatever your size, sector or location.
We also offer ISO 27001 FastTrack™ Consultancy, with which you can achieve certification in three months for a fixed price.

Penetration testing – infrastructure and web application

Penetration testing (pen testing) is the most effective way of demonstrating that exploitable vulnerabilities within your company’s internet-facing resources have been identified, allowing suitable patches to be applied. IT Governance provides a range of bespoke penetration tests that deliver cost-effective and practical solutions to help you meet your legal, regulatory and contractual requirements. IT Governance Ltd is a CREST member company. Clients can rest assured that IT Governance penetration tests will be carried out to the highest standards by qualified and knowledgeable individuals.

PCI DSS compliance

IT Governance is a PCI Qualified Security Assessor (QSA) company. If your organisation is a merchant or service provider, IT Governance can help you improve your cyber security and comply with the requirements of the PCI DSS in the shortest timeframe and for the minimum cost. Whether you need help reducing your cardholder data environment (CDE) or completing a self-assessment questionnaire (SAQ), or your increased transaction volumes have seen you move up a level and you now need a QSA-led report on compliance (ROC), our QSAs and PCI DSS experts can help you find the right way forward.

PCI QSA services

In our capacity as an approved QSA company, our principle role is to ensure that an organisation is fully compliant with the requirements of the PCI DSS. Our status as an approved QSA company underpins our range of PCI DSS consultancy services which include project scoping, gap analysis, remediation support and audit.

Supplier audit and supply chain assurance

Our supplier audit and supply chain assurance service is non-sector-specific and includes both training and consultancy. It ensures you deliver the degree of assurance you and your stakeholders require with maximum efficiency. We ensure your supplier audit and monitoring regime is running efficiently and effectively by optimising the use of data collection, using remote and on-site auditing. Where appropriate, we recommend the use of ISO 28000, the management system standard for supply chain security.


Contact us

Contact us for more information, or to speak to a member of our team about how IT Governance can help your project.

Return to the Consultancy homepage >>

SAVE 25%