CREST Marketplace

IT Governance Ltd, trading as GRC Solutions, is a specialist consultancy delivering Penetration Testing, and practical evidence-based support across Governance, Risk and Compliance.

We help organisations understand their risk position, strengthen cyber resilience, and build frameworks that stand up to regulatory, operational, and customer expectations.

Our team brings together deep GRC expertise and hands-on technical capability. We focus on creating solutions that work in practice, from developing governance structures and risk frameworks to delivering security testing, improving controls, and supporting standards implementation.

Our services include:
– Penetration Testing, Attack Simulation, and AI Red Teaming
– NCSC CHECK Assured Service Provider
– NCSC Cyber Reliance Audit Scheme (CRA)
– NCSC Cyber Resilient Test Facilities (CRFT)
– NCSC Assured Cyber Security Consultancy (ACSC)
– Product Testing (CAPSS, AACS), IoT Testing, OT/ICS Testing
– Governance, Risk, and Compliance Advisory
– Cyber and Risk Assessments
– Standards implementation (ISO 27001, SOC 2, PCI DSS, NIS2 readiness)
– Incident Readiness and Response
– Supplier Assurance and Third-Party Risk Management
– Cyber Essentials and Cyber Essentials Plus Assessments
– UK’s leading providers of books, training courses, staff awareness e-learning

We are committed to raising professional standards and supporting organisations in building trusted, resilient, and well-governed digital environments.