IT Governance Achieves NCSC Certification for Audit and Review Consultancy

IT Governance, the leading provider of information security and cybersecurity expertise, has achieved National Cyber Security Centre (NCSC) certification for its Audit and Review consultancy service.

The Audit and Review service provides an in-depth and detailed evaluation of an organisation’s cybersecurity posture in relation to its compliance with UK government security objectives, policies, standards and processes, such as the HMG Security Policy Framework (SPF), National Cyber Security Strategy, 10 Steps to Cyber Security, IA Maturity Model (IAMM), and relevant industry or private-sector standards and schemes such as ISO 27001, Cyber Essentials and the PCI DSS.

The NCSC Certified Cyber Security Consultancy scheme is primarily aimed at providing government, public sector and critical national infrastructure (CNI) organisations with consultancy support on a wide and complex range of cybersecurity issues. The initiative allows private-sector companies to be certified to provide consultancy services to the above-mentioned organisations.

The scheme focuses on certifying consultancy companies rather than individuals, and seeks to establish the credentials of cybersecurity consultancy services providers in delivering high-quality, tailored and expert cybersecurity advice.

The NCSC works in partnership with the Crown Commercial Service (CCS) to establish a central route for the public sector to procure certified consultancy services. Consultancies registered under the scheme can apply to be listed as an approved supplier to the CCS.