How much does ISO 27001 cost?

How much does ISO 27001 cost
How much does ISO 27001 cost

ISO 27001 Costs

Let’s shed some light on the ISO 27001 costs you can expect. You have 2 lots of cost being

  1. The cost of implementing ISO 27001
  2. The cost of the ISO 27001 certification

The costs are going to either be in money to pay someone to do some or all of it for you or in your time.

Implementation Costs

ISO 27001 implementation costs will vary considerably depending on if you employ someone full time, as a contractor or as a consultant. It is our experience that working with a consultant on a fixed price basis is the most cost effective way to implement ISO 27001. The benefits are

  • Fixed and know cost
  • Often includes all required documentation and policies

If you use a contractor or a full time employee the costs can soon mount up. The main reason being that you are paying for their time irrespective of the outcome. We often see projects that should take 10 days stretch to 3, 6 and even 12 months.

Consultant

Circa £5k to £15k

5 to 15 days duration

Comes with all policies

Track record of deliver and certification

Permanent Staff Member

min £40k per year

6 to 12 months duration

Needs to write all policies

Contractor

£39k to £160k

3 to 12 months duration

Will write all policies

Certification Costs

Certification costs are set by the certification body. To have meaning you will want a UKAS accredited certification. It is worth shopping around. The UKAS website lists all the accredited bodies and can be found here.

Expect to pay £6k to £8k typical as a year 1 cost.

Scroll to Top