Reviews show consistent strengths in training delivery, assessor support and the Cybercomply toolkit, with many customers reporting successful certifications and useful course materials. Several reviewers specifically praise named staff for onboarding and access support, and multiple companies report smooth PCI‑DSS and Cyber Essentials transitions. However, a small but notable set of reviews reports unresponsive customer service, missing certification delivery and software glitches; these complaints focus on refunds, unanswered emails and phone calls. Prospective customers should weigh frequent positive feedback about courses and tool usability against the isolated reports of service or delivery failures, and consider contacting support beforehand to clarify certification and renewal processes.
Examples from available reviews (Nov 2021 – Feb 2026).
Company took payment but did not deliver the promised certification.
“they took a payment for auto renewal and we did not receive Cyber Essential Certification”
Cybercomply enabled quick, efficient centralised policy management and document generation.
“it is fully featured and comprehensive it is easy to navigate”
Completed self-paced Lead Auditor training and praised staff support.
“A special thanks to Donna for her exceptional support in setting up my access and ensuring everything ran smoothly.”
Workshop improved risk assessment understanding but felt rushed and overpacked.
“too much content for the time allowed”
Most reviewers praise helpful trainers, assessors and year‑round support; a minority report unresponsiveness and unresolved issues when disputing charges.
A small number of reviews report poor value due to missing deliverables or unexpected charges; many reviews do not discuss price.
Users commonly describe clear, practical courses and usable tools; occasional login problems and rushed sessions were reported by some delegates.
Toolkits and courses are frequently described as comprehensive and effective; isolated reports note software glitches or certification delivery failures.
Several reviews note prompt, informative pre‑sales and assessor communication; a minority describe unanswered emails and unavailable contacts.
Most reviewers report positive outcomes from training, tool use and certification support; a minority recount service failures and missing deliverables.
For each review, the core experience based on original source reviews.
Sources: Trustpilot (23) · Collected.reviews (1) · Quotes shortened · As of: February 2026
Former employee reports toxic management culture and poor communication.
“persistent sense of blame rather than support”
Nick Orchiston's advice was invaluable in securing client's ISO9001 certification.
“was invaluable to ensuring that my client passed their ISO9001 certification.”
Reviewer found the service excellent and highly recommends the company.
“Execllent service, the help and advice was second to none I would highly recommend to any company.”
Trainer delivered an engaging, practical C-DPO course with useful examples.
“Matthew was incredibly helpful, experienced, and knowledgeable.”
Cybercomply enabled quick, efficient centralised policy management and document generation.
“it is fully featured and comprehensive it is easy to navigate”
Company took payment but did not deliver the promised certification.
“they took a payment for auto renewal and we did not receive Cyber Essential Certification”
Reviewer states 'This is best'.
“This is best”
Workshop improved risk assessment understanding but felt rushed and overpacked.
“too much content for the time allowed”
PLUS certification took extra effort but assessor and support were helpful.
“James the Assessor was very friendly and helpful in the build up to the PLUS assessment”
Course comprehensively covered PCI DSS v4.0 and felt timely.
“comprehensive coverage of the latest PCI DSS v4.0”
IT Governance provided prompt pre-sales help and excellent Cyber Essentials support.
“The whole process from receving the product once purchased right through to compliance is excellent.”
Reviewer found IT Governance great for purchasing training.
“Great company to purchase training from. Definitely my first choice.”
Course was well presented but lacked practical, day-to-day examples.
“I expected to receive more examples used in day-to-day activity”
Course provided useful insight into ISO27001 changes; instructor was engaging.
“Very useful insight into changes from 27001:2013 to the new version 27001:2022.”
Team helped secure Cyber Essentials Plus easily and simply.
“Compliance made easy !”
Course covered essentials and trainer used real-world examples effectively.
“Really happy with the course, covered all of the essentials”
Cybercomply tool enabled completion of risk assessments effectively.
“Cyber comply is a great tool that allows you to complete risk assessment.”
Course content was good but the trainer's quality was subpar.
“The content of the course was good but the quality of trainer was subpar.”
Completed self-paced Lead Auditor training and praised staff support.
“A special thanks to Donna for her exceptional support in setting up my access and ensuring everything ran smoothly.”
GDPR training and admin reporting proved useful for staff compliance.
“The back end admin reporting features are very useful for compliance.”
IT Governance provided ongoing support for PCI DSS compliance and audits.
“They provide year round support when requested as well as annual auditing”
Team helped transition to PCI-DSS v4.0 with a smooth audit.
“We completed our transition audit smoothly.”
Trainer and materials were excellent and supported candidate participation.
“Excellent trainer who fully understood the course and related materials”
I bought the Cyber Security as a Service from "IT Governance" and I regret it. They don't answer their phone! When they do, they cite the economic climate and say that they will get back to you before the end of business. They don't! That's very annoying when you want to complain or cancel your contract and the support won't even bother. The software is also full of glitches and has a range of bugs, don't even talk about customer service, if any existed. Other companies have far better products at a better price, so try going through one of them rather than these!
This page combines submitted experiences with public reviews from platforms such as Google, Trustpilot, etc. Recurring points are summarised without changing the content of reviews.
IT Governance is a UK-based provider specialising in information security and compliance services, including training, certification support, toolkits and consultancy for standards such as ISO 27001, PCI DSS and Cyber Essentials. Customers researching IT Governance commonly look for training quality, certification delivery, managed services and software tool usability.