Any course delivered by IT Governance is a pleasure to attend. All the staff are fantastic - from enrollment all the way through to completion. The trainers know their stuff inside out and the learnin... See more
Company replied
While we don't verify specific claims because reviewers' opinions are their own, we may label reviews as "Verified" when we can confirm a business interaction took place. Read more
To protect platform integrity, every review on our platform—verified or not—is screened by our 24/7 automated software. This technology is designed to identify and remove content that breaches our guidelines, including reviews that are not based on a genuine experience. We recognise we may not catch everything, and you can flag anything you think we may have missed. Read more
Any course delivered by IT Governance is a pleasure to attend. All the staff are fantastic - from enrollment all the way through to completion. The trainers know their stuff inside out and the learnin... See more
Company replied
We have been using IT Governance for over 5 years now for our Cyber Essentials Plus accreditation and the service has always been faultless. Excellent support from the team throughout the process,... See more
Company replied
Pretty bad customer experience so far. Very painful to buy online courses with multiple failed attempts trying to pay online. Eventually succeeded. Once the account is created it's just not intui... See more
Company replied
I found this course really helpful and the trainer was great. He would use everyday examples to break down some of the really complicated parts and took each stage slowly to ensure everyone understood... See more
Company replied
No history of asking for reviews
This company hasn't invited their customers, so reviews may not be representative
Hasn’t replied to negative reviews
How this company uses Trustpilot
See how their reviews and ratings are sourced, scored, and moderated.
I had GDPR foundation and practitioner courses with Matt P, he was fantastic, no complaints.
Working at IT Governance / GRC Solutions was a frustrating experience overall. While the company presents itself externally as a professional cyber security organisation, the internal reality did not reflect this.
I worked in Marketing, and from summer 2025 there was a lack of clear direction from the CMO. Expectations and priorities changed frequently, making it difficult to do the role effectively or feel confident in performance. Feedback often felt reactive rather than constructive, and there was a persistent sense of blame rather than support, which created ongoing anxiety about job security.
Communication from senior leadership lacked transparency. Decisions were often attributed to external ownership without meaningful explanation, leaving teams unclear on strategy or long-term goals.
Workloads were consistently unrealistic, with tight deadlines and minimal support. Burnout appeared common, yet concerns raised by staff were rarely addressed in a meaningful way. There were no clear career development opportunities, and progression felt limited unless you were already favoured by management.
The culture within Marketing felt particularly difficult. Management style relied heavily on criticism and pressure, which contributed to a toxic environment, low morale, and unnecessary stress. Positive recognition was rare, while criticism was frequent and often poorly delivered.
While the role was fully remote, this was undermined by negative communication through internal messaging tools.
Overall, I would not recommend IT Governance / GRC Solutions to anyone seeking a supportive, well-structured workplace or long-term career development.
The advice, guidance and support I received from Nick Orchiston, was invaluable to ensuring that my client passed their ISO9001 certification.
Execllent service, the help and advice was second to none I would highly recommend to any company.
Matthew was incredibly helpful, experienced, and knowledgeable. He delivered an excellent C-DPO course with examples for everything, really helping to not only provide knowledge but also the ability for us to apply that knowledge to the real world. Matthew was able to keep me engaged the whole time (hard to do sometimes for the topic)

Reply from GRC Solutions
Using the Cybercomply toolkit has enabled us to quickly and efficiently switch our policy management and compliance functions to a centralised platform - not only is it fully featured and comprehensive it is easy to navigate and generate documents.

Reply from GRC Solutions
I have sent several emails asking why they took a payment for auto renewal and we did not receive Cyber Essential Certification. This is a bogus scamming company and it’s disgraceful that they take money and do nothing for what they claim. This company refuses to answer emails and when you call them the person you need to speak to is unavailable and you then get an email asking for you to repay. Please avoid this scamming and scrupulous business scamming small businesses out of money. If you need a Cyber Essential Certification please go to one of the governing bodies ie ISAME. I will be reporting this company for their disgraceful service

Reply from GRC Solutions
I did enjoy the workshop and it helped to increase my understanding of risk assessment and management within ISO 27001. However, I did feel that there was too much content for the time allowed, and that at some parts the course leader rushed through where I would have liked some further explanations, etc.
I found the risk assessment examples very useful, and enjoyed this experience - a pity we couldn't do more.
Although it wasn't necessary, I was unable to log into the account as the system did not recognise my phone number which was a shame. Maybe for these sessions this can be removed so delegates can join the session, as I noticed other people had trouble logging in as well.
Overall though, I found this beneficial to my work in ISO 27001.

Reply from GRC Solutions
This was Bluegrass Digital's first time doing the certification and we opted for the PLUS certification, which was extra effort but worth it. James the Assessor was very friendly and helpful in the build up to the PLUS assessment and on the day he walked us through exatcly what to do.
The entire process was well managed and the support team were helpful along the way in supporting our questions, and providing feedback.

Reply from GRC Solutions
The PCI DSS Lead Implementer Training Course is an exceptional educational offering prepares participants for the intricate task of implementing the PCI DSS v4.0 standards. One of the course's most significant strengths is its comprehensive coverage of the latest PCI DSS v4.0, which is crucial given the evolving cybersecurity landscape. This ensures that learners are up-to-date. It was a very good experience and special thanks to trainer for regulations, making the course highly relevant and timely.

Reply from GRC Solutions
IT Goverance are an excellent partner to help acheive Cyber Essentials. This has helped our business no end in assisitng our endusers to acheive compliance.
The pre-sales team are informative and very prompt in providing answers.
The whole process from receving the product once purchased right through to compliance is excellent.
If you require Cyber Essentials, this is the company to partner with

Reply from GRC Solutions
Great company to purchase training from. Definitely my first choice.

Reply from GRC Solutions
It was easy to access the training program.
The course was well presented although I expected to receive more examples used in day-to-day activity, sharing experiences and any other practical rather than theoretical example. I felt like the only information I got was how the text is now updated in the standard. I don`t think anyone need paid training to compare wording from two documents.

Reply from GRC Solutions
Very useful insight into changes from 27001:2013 to the new version 27001:2022. Instructor was engaging and informative. Would recommend.

Reply from GRC Solutions
Compliance made easy !
Great team helped us secure our Cyber Essentials Plus certification very easily and simply, thank you.

Reply from GRC Solutions
Really happy with the course, covered all of the essentials and the trainer (Andy) was able to bring the course content to life with real world examples.

Reply from GRC Solutions
Great service,
Cyber comply is a great tool that allows you to complete risk assessment.

Reply from GRC Solutions
The content of the course was good but the quality of trainer was subpar.

Reply from GRC Solutions
I am thrilled to share that I successfully completed the self-paced online training for Lead Auditor ISO27001:2022 and passed the exam today. A special thanks to Donna for her exceptional support in setting up my access and ensuring everything ran smoothly. I highly recommend IT Governance as a training provider due to their dedicated staff and unwavering commitment to customer satisfaction.

Reply from GRC Solutions
Anyone can write a Trustpilot review. People who write reviews have ownership to edit or delete them at any time, and they’ll be displayed as long as an account is active.
Companies can ask for reviews via automatic invitations. Labeled Verified, they’re about genuine experiences.
Learn more about other kinds of reviews.
We use dedicated people and clever technology to safeguard our platform. Find out how we combat fake reviews.
Learn about Trustpilot’s review process.
Here are 8 tips for writing great reviews.
Verification can help ensure real people are writing the reviews you read on Trustpilot.
Offering incentives for reviews or asking for them selectively can bias the TrustScore, which goes against our guidelines.