Starting prices, not one-size-fits-all packages.
Every compliance engagement has different scope — number of systems, regulatory overlap, audit timing, team maturity. Below are the floor prices; your actual quote is built after a 30-minute scoping call.
Quick Quote Form
Choose a service and add notes
Select the closest service, then add a short note about what you need.
Baseline engagement costs by service.
Prices assume a single-entity scope, one audit period, and a cooperative internal team. Complex environments (multiple entities, aggressive timelines, legacy infrastructure) adjust upward during scoping.
ISMS Certification
ISO 27001
Trust Services Criteria
SOC 2 (Type I / Type II)
Healthcare Privacy
HIPAA Compliance
Global Privacy
GDPR & Global Privacy
Education Data Privacy
FERPA & COPPA
Third-Party Risk
Vendor Risk Management
Policy Framework
Policy & Governance
Readiness Audits
Internal Audit Services
Privacy Management (PIMS)
ISO 27701 (Privacy)
What's always included
Every engagement comes with the same baseline.
- Kickoff workshop and scoping call
- Dedicated slack/channel for your engagement
- Weekly progress check-ins
- Auditor coordination where applicable
- 12 months of post-delivery support
- Access to our internal policy and evidence libraries
What's not included
The things we keep separate from our fees.
External auditor fees
Typically $15,000–$50,000 depending on framework and scope. We help you select and negotiate with qualified firms.
Third-party tooling
GRC platforms, SIEM, endpoint agents — billed direct by the vendor, no markup from us.
Significant scope changes mid-engagement
Rare. When they happen, we re-scope transparently with a change-order rather than surprise invoices.
Next Step
Want a real number instead of a range?
Share a few details about your team, current state, and target audit date. We reply within one business day with a scoped quote you can take to your board.