GRC Solutions Recenzje 287

Andrew Johnston
Strategy and MI Director previously worked as operations manager at Interserve Learning &
Employment. The company sent hundreds of job seekers to criminals, Environmental Concern Ltd Birmingham to work.
Environmental Concern Ltd were taken to court by the Environmental Agency for dumping hazard's waste and pleaded guilty. Andrew Johnson was informed at a meeting job seekers were made to dismantle LCD TV screens exposing them to inorganic mercury vapours and covered it up by not informing any of the job seekers breaking the duty of care law. Andrew Johnson was asking for photos the company had that would be used in a criminal investigation by the health and safety executive (HSE) and refused to give them. Arrangements were been made for Andrew to appear on a regional news programme to explain why but he left the company.

Working at IT Governance / GRC Solutions was a frustrating experience overall. While the company presents itself externally as a professional cyber security organisation, the internal reality did not reflect this.
I worked in Marketing, and from summer 2025 there was a lack of clear direction from the CMO. Expectations and priorities changed frequently, making it difficult to do the role effectively or feel confident in performance. Feedback often felt reactive rather than constructive, and there was a persistent sense of blame rather than support, which created ongoing anxiety about job security.
Communication from senior leadership lacked transparency. Decisions were often attributed to external ownership without meaningful explanation, leaving teams unclear on strategy or long-term goals.
Workloads were consistently unrealistic, with tight deadlines and minimal support. Burnout appeared common, yet concerns raised by staff were rarely addressed in a meaningful way. There were no clear career development opportunities, and progression felt limited unless you were already favoured by management.
The culture within Marketing felt particularly difficult. Management style relied heavily on criticism and pressure, which contributed to a toxic environment, low morale, and unnecessary stress. Positive recognition was rare, while criticism was frequent and often poorly delivered.
While the role was fully remote, this was undermined by negative communication through internal messaging tools.
Overall, I would not recommend IT Governance / GRC Solutions to anyone seeking a supportive, well-structured workplace or long-term career development.

The advice, guidance and support I received from Nick Orchiston, was invaluable to ensuring that my client passed their ISO9001 certification.

Execllent service, the help and advice was second to none I would highly recommend to any company.

Matthew was incredibly helpful, experienced, and knowledgeable. He delivered an excellent C-DPO course with examples for everything, really helping to not only provide knowledge but also the ability for us to apply that knowledge to the real world. Matthew was able to keep me engaged the whole time (hard to do sometimes for the topic)

Using the Cybercomply toolkit has enabled us to quickly and efficiently switch our policy management and compliance functions to a centralised platform - not only is it fully featured and comprehensive it is easy to navigate and generate documents.

I have sent several emails asking why they took a payment for auto renewal and we did not receive Cyber Essential Certification. This is a bogus scamming company and it’s disgraceful that they take money and do nothing for what they claim. This company refuses to answer emails and when you call them the person you need to speak to is unavailable and you then get an email asking for you to repay. Please avoid this scamming and scrupulous business scamming small businesses out of money. If you need a Cyber Essential Certification please go to one of the governing bodies ie ISAME. I will be reporting this company for their disgraceful service

This is best

I did enjoy the workshop and it helped to increase my understanding of risk assessment and management within ISO 27001. However, I did feel that there was too much content for the time allowed, and that at some parts the course leader rushed through where I would have liked some further explanations, etc.
I found the risk assessment examples very useful, and enjoyed this experience - a pity we couldn't do more.
Although it wasn't necessary, I was unable to log into the account as the system did not recognise my phone number which was a shame. Maybe for these sessions this can be removed so delegates can join the session, as I noticed other people had trouble logging in as well.
Overall though, I found this beneficial to my work in ISO 27001.

This was Bluegrass Digital's first time doing the certification and we opted for the PLUS certification, which was extra effort but worth it. James the Assessor was very friendly and helpful in the build up to the PLUS assessment and on the day he walked us through exatcly what to do.

The entire process was well managed and the support team were helpful along the way in supporting our questions, and providing feedback.

The PCI DSS Lead Implementer Training Course is an exceptional educational offering prepares participants for the intricate task of implementing the PCI DSS v4.0 standards. One of the course's most significant strengths is its comprehensive coverage of the latest PCI DSS v4.0, which is crucial given the evolving cybersecurity landscape. This ensures that learners are up-to-date. It was a very good experience and special thanks to trainer for regulations, making the course highly relevant and timely.

IT Goverance are an excellent partner to help acheive Cyber Essentials. This has helped our business no end in assisitng our endusers to acheive compliance.
The pre-sales team are informative and very prompt in providing answers.
The whole process from receving the product once purchased right through to compliance is excellent.
If you require Cyber Essentials, this is the company to partner with

Great company to purchase training from. Definitely my first choice.

It was easy to access the training program.
The course was well presented although I expected to receive more examples used in day-to-day activity, sharing experiences and any other practical rather than theoretical example. I felt like the only information I got was how the text is now updated in the standard. I don`t think anyone need paid training to compare wording from two documents.

Very useful insight into changes from 27001:2013 to the new version 27001:2022. Instructor was engaging and informative. Would recommend.

Compliance made easy !

Great team helped us secure our Cyber Essentials Plus certification very easily and simply, thank you.

Really happy with the course, covered all of the essentials and the trainer (Andy) was able to bring the course content to life with real world examples.

Great service,

Cyber comply is a great tool that allows you to complete risk assessment.

The content of the course was good but the quality of trainer was subpar.

I am thrilled to share that I successfully completed the self-paced online training for Lead Auditor ISO27001:2022 and passed the exam today. A special thanks to Donna for her exceptional support in setting up my access and ensuring everything ran smoothly. I highly recommend IT Governance as a training provider due to their dedicated staff and unwavering commitment to customer satisfaction.