Predictable, procurement-friendly pricing. Final numbers follow a short discovery. Formula: Fixed/Monthly = Platform + People.
Small: ~$35k–$60k | Mid: ~$60k–$100k | Enterprise: ~$110k–$180k
Deliverables: scope/context, risk method & register, SoA, core policies, improvement plan.
Small: ~$20k–$35k/mo | Mid: ~$35k–$55k/mo | Enterprise: ~$60k–$95k/mo
TPM-led follow-through with product teams; control owners assigned; evidence maintained.
Scope-based package (~$15k–$40k). Includes internal audit, management review pack, and CB coordination.
Fixed for ISMS build and internal audit; monthly for ongoing evidence. Hourly only for pre-approved surges.
ISMS scope, # of product teams, cloud/IaC complexity, evidence velocity, and regions.
People (TPM/SecEng/Analyst), evidence packs, liaison work, and light automations.
Optional 10–15% tied to audit readiness and certification outcomes.