Many customers describe strong, practical support that helps them meet compliance and training goals. Reviews often praise the course content and the company’s compliance tools. A small number mention poor delivery and internal communication problems. Overall, feedback mixes clear day-to-day wins with a few isolated service failures.
Examples from available reviews (Nov 2021 – Feb 2026).
Nick Orchiston's advice was invaluable in securing client's ISO9001 certification.
“was invaluable to ensuring that my client passed their ISO9001 certification.”
Cybercomply enabled quick, efficient centralised policy management and document generation.
“it is fully featured and comprehensive it is easy to navigate”
Company took payment but did not deliver the promised certification.
“they took a payment for auto renewal and we did not receive Cyber Essential Certification”
Former employee reports toxic management culture and poor communication.
“persistent sense of blame rather than support”
Several reviewers mention helpful assessors and responsive staff who supported certification and audits. Some describe smooth audit preparation and ongoing help. A small set say promised services were not delivered or that payments were taken without completion.
Reviews often highlight training features and admin reporting that help with compliance work. Customers frequently call the courses and advisory support worthwhile for audit and certification preparation. Negative value comments mainly come from isolated billing or delivery disputes.
Users praise the compliance tools for easy navigation and for speeding up policy and risk work. Many attendees say booking and buying training is straightforward. A minority report overpacked workshops or difficulty reaching phone support.
Course materials get repeated praise for practical coverage of standards such as PCI DSS and ISO changes, with examples. Trainers are often described as knowledgeable and engaging. A few reviewers mention uneven trainer quality or ask for more everyday examples.
Some reviews single out staff for clear pre-sales guidance and set-up help. Other comments point to slow responses, limited phone access, and concerns about internal management culture. These issues appear less often than the praise for staff support.
Most accounts describe successful compliance results and helpful training. A smaller group report major problems such as certification that never arrived or poor internal communication. Feedback therefore splits between high satisfaction and a few serious incidents.
For each review, the core experience based on original source reviews.
Sources: Trustpilot (23) · Collected.reviews (1) · Quotes shortened · As of: February 2026
Former employee reports toxic management culture and poor communication.
“persistent sense of blame rather than support”
Nick Orchiston's advice was invaluable in securing client's ISO9001 certification.
“was invaluable to ensuring that my client passed their ISO9001 certification.”
Reviewer found the service excellent and highly recommends the company.
“Execllent service, the help and advice was second to none I would highly recommend to any company.”
Trainer delivered an engaging, practical C-DPO course with useful examples.
“Matthew was incredibly helpful, experienced, and knowledgeable.”
Cybercomply enabled quick, efficient centralised policy management and document generation.
“it is fully featured and comprehensive it is easy to navigate”
Company took payment but did not deliver the promised certification.
“they took a payment for auto renewal and we did not receive Cyber Essential Certification”
Reviewer states 'This is best'.
“This is best”
Workshop improved risk assessment understanding but felt rushed and overpacked.
“too much content for the time allowed”
PLUS certification took extra effort but assessor and support were helpful.
“James the Assessor was very friendly and helpful in the build up to the PLUS assessment”
Course comprehensively covered PCI DSS v4.0 and felt timely.
“comprehensive coverage of the latest PCI DSS v4.0”
IT Governance provided prompt pre-sales help and excellent Cyber Essentials support.
“The whole process from receving the product once purchased right through to compliance is excellent.”
Reviewer found IT Governance great for purchasing training.
“Great company to purchase training from. Definitely my first choice.”
Course was well presented but lacked practical, day-to-day examples.
“I expected to receive more examples used in day-to-day activity”
Course provided useful insight into ISO27001 changes; instructor was engaging.
“Very useful insight into changes from 27001:2013 to the new version 27001:2022.”
Team helped secure Cyber Essentials Plus easily and simply.
“Compliance made easy !”
Course covered essentials and trainer used real-world examples effectively.
“Really happy with the course, covered all of the essentials”
Cybercomply tool enabled completion of risk assessments effectively.
“Cyber comply is a great tool that allows you to complete risk assessment.”
Course content was good but the trainer's quality was subpar.
“The content of the course was good but the quality of trainer was subpar.”
Completed self-paced Lead Auditor training and praised staff support.
“A special thanks to Donna for her exceptional support in setting up my access and ensuring everything ran smoothly.”
GDPR training and admin reporting proved useful for staff compliance.
“The back end admin reporting features are very useful for compliance.”
IT Governance provided ongoing support for PCI DSS compliance and audits.
“They provide year round support when requested as well as annual auditing”
Team helped transition to PCI-DSS v4.0 with a smooth audit.
“We completed our transition audit smoothly.”
Trainer and materials were excellent and supported candidate participation.
“Excellent trainer who fully understood the course and related materials”
I bought the Cyber Security as a Service from "IT Governance" and I regret it. They don't answer their phone! When they do, they cite the economic climate and say that they will get back to you before the end of business. They don't! That's very annoying when you want to complain or cancel your contract and the support won't even bother. The software is also full of glitches and has a range of bugs, don't even talk about customer service, if any existed. Other companies have far better products at a better price, so try going through one of them rather than these!
This page combines submitted experiences with public reviews from platforms such as Google, Trustpilot, etc. Recurring points are summarised without changing the content of reviews.
IT Governance offers consultancy and training in information security, data protection, and compliance. It runs classroom and online courses to help organisations prepare for standards and regulatory requirements. The company also provides advisory work, audit support, and resources for governance frameworks. Organisations use these services to build policies, carry out risk assessments, and get ready for external assessments.