Pentesting Providers
IT Governance logo

IT Governance

Established Ely-based compliance and cybersecurity consultancy offering CREST-approved penetration testing as part of a comprehensive governance, risk management, and compliance portfolio.

Founded
2002
Team Size
201-500
Geography
Global
Markets
UK, Europe, Global
Last verified: Feb 2026
Review IT GovernanceWrite a Review

About

IT Governance is a well-established UK cybersecurity and compliance consultancy founded in 2002 by Alan Calder, headquartered in Ely, Cambridgeshire. The company is part of GRC International Group PLC, an AIM-listed company, and has grown to employ between 201-500 staff. IT Governance has built a strong reputation as a one-stop shop for governance, risk management, and compliance solutions, with penetration testing forming a key part of their broader security and compliance service portfolio.

IT Governance provides CREST-approved penetration testing services delivered by a certified team of UK-based consultants. Their testing capabilities include web application penetration testing, external and internal infrastructure penetration testing, and PCI-specific penetration testing for payment card environments. Their proprietary security testing methodology is aligned with established frameworks including SANS, OSSTMM, and OWASP.

Beyond penetration testing, IT Governance offers an extensive range of compliance-focused services spanning ISO 27001 implementation and certification, PCI DSS compliance, GDPR advisory, Cyber Essentials certification, SOC 2 reporting, AI governance, training and e-learning, and managed security services.

Services

Web Application Penetration TestingNetwork Penetration TestingVulnerability AssessmentConfiguration Review

Accreditations

CRESTISO 27001PCI QSACyber Essentials

Compliance Expertise

ISO 27001PCI DSSGDPRSOC 2Cyber EssentialsNIS 2NIST CSF

Best For

SMBMid-MarketEnterprise
Industries
Financial ServicesHealthcareTechnologyRetail & E-commerceLegalEducationManufacturing

Methodologies

OWASPOSSTMMCREST

Compare With

Reviews

Be the first to share your experience with IT Governance.

Be the first to review IT Governance
Is this your company? Claim this profile

Related Providers

Pen Test Partners logo

Pen Test Partners

The UK's largest independent security testing firm, renowned for IoT/OT research, CBEST red teaming, and CHECK/CREST-accredited penetration testing across all sectors.

Buckingham, United KingdomContact for pricing
Web ApplicationNetworkMobile AppIoT+10
CRESTCHECKCBESTSTAR+4
Verified Feb 2026
ProfileCompare
Top UK ProviderElite TestersResearch-Driven
SECFORCE logo

SECFORCE

Leading UK offensive security consultancy based in Canary Wharf, delivering CREST-accredited penetration testing and adversary simulation to organisations with the most demanding security requirements.

London, United KingdomContact for pricing
Web ApplicationNetworkMobile AppIoT+9
CRESTISO 27001Cyber Essentials
Verified Feb 2026
ProfileCompare
Best UK ProviderBest for EnterpriseResearch Leaders
NCC Group logo

NCC Group

Global cybersecurity consultancy with CREST, CHECK, and CBEST accreditation, renowned for deep technical research and comprehensive penetration testing services.

Manchester, United KingdomContact for pricing
Web ApplicationNetworkMobile AppIoT+12
CRESTCHECKCBESTISO 27001+5
Verified Feb 2026
ProfileCompare
Dionach logo

Dionach

Global enterprise cybersecurity consultancy founded in 1999 in Oxford, holding rare CREST STAR-FS accreditation and delivering penetration testing, red and purple teaming, and PCI QSA services across five international offices.

Oxford, United KingdomContact for pricing
Web ApplicationNetworkRed TeamingPurple Teaming+7
CRESTCHECKSTARISO 27001+2
Verified Feb 2026
ProfileCompare