Select regional store:

Consultancy for the public sector

Whether you are a public-sector organization or a private-sector business that works with the public sector, you will have a number of regulatory and compliance obligations to fulfil, such as PCI DSS Security Standards and the EU General Data Protection Regulation (GDPR).

The GDPR will be one of the main obligations for organizations with an international reach, that processes or share EU residents’ personal data. Organizations have less than 18 months to comply with the Regulation.

Ignoring the GDPR or getting compliance wrong could have costly repercussions: Organizations found to be in breach of the Regulation face administrative fines of up to 4% of their annual global turnover or €20 million (approximately $21.3 million) – whichever is the greater.

Click here to find out more about the GDPR >>

IT Governance’s experienced in-house consultants have a deep understanding of the range of cyber risks facing organizations today, enabling you to implement the best possible security solutions for your budget and requirements. Please note consultant services are subject to availability.


Contact us

For more information, or to speak to a member of our team about how IT Governance can help your project, email or call 1 877 317 3454.


Services include:

ISO 27001 consultancy

ISO 27001 is the international standard that defines best practice for an ISMS (information security management system). It is the only independently auditable information security management standard in the world, and it is globally recognized as the most comprehensive solution to achieving an enhanced cybersecurity posture.

Accredited certification to the Standard enables you to meet numerous information security-related legal and regulatory compliance requirements.

We’ve helped more than 400 organizations achieve accredited certification to the Standard, and we provide implementation support to suit every budget, timescale, or location. From fixed-price packages to custom consultancy, we can supply everything you need to implement an ISO 27001-compliant ISMS.

Click here to find out more about our wide range of ISO 27001 implementation solutions >>

Cyber Health Check

The two-day Cyber Health Check combines on-site consultancy and audit with remote vulnerability assessments to assess your cyber risk exposure. Our four-step approach will identify your actual cyber risks, audit the effectiveness of your responses to those risks, analyze your real risk exposure, and then create a prioritized action plan for managing those risks in line with your business objectives.

Click here for more information about our Cyber Health Check service >>


NHS IG Toolkit

The NHS Information Governance (IG) Toolkit enables NHS suppliers and partners to assess themselves against the Department of Health’s information governance policies and standards.

Produced by the Health and Social Care Information Centre (HSCIC), the IG Toolkit ensures that the integrity and confidentiality of patient data is protected and enables organizations to supply NHS clients and connect to the N3 network.

Our consultancy team offers a broad range of services that are tailored to meet your exact needs.

Click here for more information about our IG Toolkit consultancy service >>

Cyber incident response management

The speed at which you identify a breach, combat the spread of malware, prevent unauthorized access to data and remediate the threat will make a significant difference in controlling risk, costs, and exposure during an incident. Effective incident response processes can reduce the risk of future incidents occurring.

With an effective incident response plan, you will be able to detect incidents at an earlier stage and develop an effective defense against the attack.

IT Governance’s cybersecurity incident response consultancy service is based on best-practice frameworks ISO 27001, ISO/IEC 27035 (the international standard for cyber incident response), and those developed by CREST, and it can help you develop the resilience to protect against, remediate, and recover from a wide range of cyber incidents.

Click here for more information about cyber incident response management >>


Security plans

Government departments are asking providers to set out their security plan before or shortly after being awarded a contract. IT Governance’s consultants can help you complete your security plan and meet government requirements.

Click here for more information about security plans >>


For more information about IT Governance’s other consultancy services, please visit our consultancy homepage >>


Contact us

For more information, or to speak to a member of our team about how IT Governance can help your project, email or call 1 877 317 3454.

This website uses cookies. View our cookie policy