Subscribe to our mailing list
For business updates, blog posts and all things concerning business and ISO systems.
For one standard, a typical ISO support agreement might be in the order of £4-£6k for the year, usually payable in quarterly instalments – £1000 to £1500 per quarter. A lot cheaper than a quality, health and safety, environmental manager or information security manager!
Many organisations have more than one standard and the price “per standard” decreases significantly as other standards are added. This is because there are quite a lot of common elements and, your core operational processes are your core operational processes, regardless of which standards we are looking at!
As a ballpark, given that you had three standards (let’s say quality, environmental and health and safety), you’d probably be looking at £8-£12k for the year, also typically paid in quarterly instalments.
A typical single standard ISO project for organisations of the above description might be £8-£12k payable over the duration of the implementation period, say 6-9 months.
That’ll give you a rough idea, but of course there are many variables. In different instances, it could be more or it could be less. But that’s certainly a half decent “ballpark figure”.
So, what are the variables that might affect the final fixed price?
As you might imagine there are a number, and they include:
Some standards are more complex to implement than others. ISO 27001, the information security standard is probably the most complex, so would typically be more.
Many companies already have well established and documented business plans, objectives and targets. They may also have well established and documented processes and practises that describe how their work works.
Other companies may already be registered to health and safety focused schemes like SSIP, Exor, Achilles, CHAS, Construction Line or something similar.
If existing procedures are well established and codified, they would obviously not need to be reinvented, so this would normally produce any implementation cost.
Most, but not all, standards these days are organised around something called Annex SL. This means the structure of the standard is very similar, but the operational emphasis would be different depending on the focus of the standard.
Therefore, the more standards being worked towards, the easier and simpler much of the integration would become, as all the common elements would only need to be done once.
Obviously, there would be a difference in implementing any ISO standard in a company where the existing processes and practises were both slick and consistent, as opposed to a different company where existing processes and practises were clunky and inconsistent.
The better, quicker and slicker the processes are in an organisation, the quicker and easier ISO implementation is likely to be.
The degree of risk is a key criterion for determining how long implementation might take and how much work is required.
Just imagine the difference between undertaking an ISO implementation for a nuclear power station or chemical refinery against, let’s say, an accountant’s office or marketing agency. They each have significantly different risk profiles and that would impact the degree of control required and the levels of documentation.
Imagine you had two different companies both of 20 people. The first had 20 people all doing 20 fundamentally different things. The second had 2 or 3 people doing different things, but the remaining 17 or 18 people all doing the same thing.
In the first example, you’d have a lot more processes that need to be defined and documented, so the process is likely to take longer and cost more.
The same logic applies to different offices – is each office doing different things or are they doing the same thing?
One way to think about ISO implementation is that you are guardians of how your work works and Statius would be guardians of the relevant standard requirements. As a result, there are two typical implementation approaches taken, both of which have upsides and downsides. Each approach also impacts the cost and likely duration of your ISO project.
The two approaches are:
Most people we find prefer the hands on approach – staff already have a day job to do, and whilst it’s slightly more expensive, the deadline is less likely to slip.
As might be expected for a UKAS approved ISO certification, UKAS being the ISO governing body in the UK, there needs to be a differentiation between the driving instructor, essentially the consultant, in this case us (hopefully) and the driving examiner. A UKAS approved certifying body.
So, Statius teach you how to drive the ISO bus, but the driving test needs to be undertaken by a UKAS approved agency, who usually also want playing!
For a typical company of the above size and complexity, initial assessment might typically cost somewhere between £2k-£4k.
However, there is significant variation in the pricing structures of some of the major players in the certification market.
Consequently, the above is a ballpark figure and at Statius we would certainly get at least two or three quotes from different players before you made your final decision.
But it doesn’t end there – UKAS demand that there is an ongoing annual certification visit and that the whole system is re-certified after three years. All UKAS approved certification bodies have to adhere to this process.
As a result, the annual surveillance visit is likely to be in the order of £1k-£2k and the three-year recertification slightly less than the original initial assessment.
Feel free to book a free 1 hour consultation with one of our expert consultants. Or, if you're a little old fashioned like us, give us a call! We're here to help you with all your ISO needs to help you build:
- Better strategies
- Better systems
- Better measurement
- Engaged people delivering
- Better results
Book hereContact usSubscribe to our mailing list
For business updates, blog posts and all things concerning business and ISO systems.
© 2025 ISO Consultants by Statius
All Rights Reserved