Simple, transparent pricing for compliance teams
All prices exclude VAT. Minimum 50 employees per campaign.
| Model | Regulated (FCA/GDPR) | Non-regulated | Best for |
|---|---|---|---|
| Per employee | £8–12 / employee / campaign | £4–6 / employee / campaign | Growing companies scaling headcount |
| Flat project | £2,500–5,000 / campaign | £1,500–3,000 / campaign | Sub-100 employee companies |
| Annual retainer | £15,000–25,000 / year | £8,000–15,000 / year | Quarterly coverage + ad-hoc simulations |
Annual retainer includes quarterly campaigns + unlimited ad-hoc simulations. Regulated firms (FCA/GDPR) require documented evidence chains — prices reflect the additional reporting and audit-trail work.
| Service | Price | Notes |
|---|---|---|
| Per policy gap analysis | £500–1,500 | Per policy area (GDPR, DORA, FCA, etc.) |
| Full compliance pack | £5,000–15,000 | Project fee — all policies documented |
| Ongoing documentation | £1,000–3,000 / month | Updates included — regulatory changes covered |
Prices scale with regulatory complexity. FCA-regulated firms require DORA + FCA-specific policies. All projects include a gap assessment first — no commitment without knowing the full scope.
Good CISO provides compliance support and documentation guidance — not legal advice. Final regulatory sign-off remains the client's responsibility.
Advisory hours are non-transferable. Block hours expire 6 months from purchase.
Annual vCISO: Pay for 10 months, get 2 months free. All vCISO tiers available on annual contract.