Select regional store:

Penetration Testing (Pen Testing) Packages

IT Governance’s recurring penetration test packages provide a complete solution for routine security testing of your websites and IT systems. IT Governance is a pioneer in making penetration testing easy to understand and buy. While significant sophisticated skills are required for effective penetration testing, we believe that our customers should be able to quickly understand what they are buying and how much it will cost.

IT Governance penetration tests


Maintain your cyber security – year in and year out!

Save up to 20% with our recurring penetration testing packages.

ITG recurring penetration testing packages

These repeat packages are designed to identify vulnerabilities in your systems, networks and/or applications, and to provide advice and recommendations for any corrective measures required. When a remedial activity has been completed, IT Governance recommends that the original testing is repeated to confirm that the system is now fully secure. Our recurring penetration test packages are offered on a single , biannual or quarterly test basis. Discounts are offered when signing a multi-year penetration test contract with us.


As a CREST member company, IT Governance has been verified as meeting the rigorous standards mandated by CREST. Our clients can rest assured that we offer vulnerability scanning and assessment services of the highest standards. In addition, IT Governance is a CREST-accredited certification body for the Cyber Essentials scheme.

The benefits of IT Governance recurring penetration testing packages:

  • A recurring package or contract provides a complete solution for the efficient and routine testing of your IT system.
  • A package helps you to lock the price down now and avoid any future price increases.
  • You are assured that your networks and applications are secure against cyber attacks.
  • Get peace of mind with the knowledge that all your testing requirements have been taken care of for a specific period, helping achieve compliance with the PCI DSS and ISO 27001.
  • Many of our solutions are designed to offer smaller organisations a cost-effective method of testing their network's security.
  • Regular testing ensures that your networks and applications remain secure over a period of time.
  • If you are required to be PCI DSS compliant at Level 1, you are required to conduct BOTH an annual penetration test and quarterly automated scans from an approved scanning vendor (ASV).
  • The IT Governance PCI Compliance Penetration Testing package is designed to provide an organisation with all the tests required for compliance for a one-, two- or three-year period, and is offered at a significant discount on the cost of the respective tests.

ISO 27001 and penetration testing

If you are implementing ISO 27001, a penetration test is crucial during these ISMS implementation stages:

  • As part of the risk assessment process: uncovering vulnerabilities in any Internet-facing IP addresses, web applications, or internal devices and applications, and linking them to identifiable threats.
  • As part of the performance evaluation, ensuring that controls actually work as designed.
  • As part of the ongoing continual improvement processes, ensuring that controls continue to work as required.
  • Whenever significant changes are made to your network infrastructure

PCI DSS and penetration testing

Pen testing is an essential element of PCI DSS compliance.

Requirement 11 of the PCI DSS states that “system components, processes, and custom software should be tested frequently to ensure security controls continue to reflect a changing environment.”

PCI DSS testing requirements:

IT Governance provides all of the penetration testing requirements for PCI DSS compliance.

15 reasons to use IT Governance for your penetration testing needs


  1. We uniquely offer a combination of fixed-price and bespoke penetration testing solutions.
  2. Our clients benefit from the vast knowledge and deep experience of our penetration testing team.
  3. We are a CREST member company, which means that clients can rest assured that the work will be carried out to rigorous standards by qualified and knowledgeable individuals.
  4. Our clients are involved in a detailed consultation session prior to any testing to identify the depth and breadth of the tests required.
  5. Our penetration tests combine a number of automated vulnerability scans with a range of advanced manual tests by expert in-house penetration testers.

Click for more >>

To book your penetration testing service or to discuss your requirements, please call us now on 00 800 48 484 484 or email

This website uses cookies. View our cookie policy