By /

ISO 22301 Certification Cost: What You Really Need to Know

When you start looking into ISO 22301 certification, one of the first questions that comes up is:

“How much will this actually cost us?”

It’s a fair question. After all, implementing a business continuity management system (BCMS) is a big decision. You’re not just ticking a box – you’re showing customers, regulators, and stakeholders that your organisation is prepared for the unexpected. Whether it’s cyber-attacks, natural disasters, or supply chain issues, ISO 22301 proves you have the systems in place to keep things running.

But like any investment, cost is a key factor. And the truth is, there’s no one-size-fits-all figure. The total spend can vary significantly depending on your company’s size, industry, and how much of the work you do in-house.

So let’s break it down.

What Drives the Cost of ISO 22301 Certification?

Think of the total cost as a mix of five main components. Some are optional, some are ongoing, and some depend on how much outside help you bring in.

1. Gap Analysis (Optional but Recommended)

A gap analysis is like an MOT for your business continuity processes. It shows you where you currently stand and highlights what needs fixing before going for certification.

  • Typical cost: £1,000 – £3,000
  • Who needs it? Organisations with no prior experience in ISO standards often find this invaluable.

2. Consultancy and Implementation Support

This is usually the biggest cost driver. While some companies have the in-house expertise to develop their BCMS, many bring in consultants for guidance.
Consultants can help with:

  • Risk and impact assessments
  • Writing policies and procedures
  • Building recovery strategies
  • Training staff
  • Preparing for the audit

Cost range: £800 – £1,200 per day
Total project cost: £5,000 – £25,000 depending on company size and complexity.

3. Training and Staff Awareness

Certification isn’t just about documents – your people need to understand and follow the system. Training ensures everyone knows what to do if disruption strikes.

  • Awareness training: £150 – £300 per person
  • Internal auditor training: £500 – £1,000 per person
  • Typical spend for a team: £2,000 – £5,000

4. Certification Body Fees

This is the official audit cost, paid to an accredited certification body. The process is split into two stages:

  • Stage 1 Audit: Review of documentation and readiness.
  • Stage 2 Audit: On-site (or remote) audit to verify implementation.

The fee depends on the number of audit days, which is linked to your organisation’s size and scope.

  • Typical cost: £3,000 – £7,000

5. Surveillance Audits (Ongoing Costs)

Certification isn’t a one-off. To stay certified, you’ll need annual surveillance audits from your certification body.

  • Typical cost: £2,000 – £5,000 per year

Example Breakdown: Medium-Sized Business

Let’s put all this into perspective with an example of a 150-person company going for ISO 22301:

  • Gap Analysis: £2,000
  • Consultancy (10–15 days support): £12,000
  • Training for 5 staff: £3,000
  • Certification Audit: £5,000
  • Annual Surveillance: £3,000

👉 Total Initial Cost: ~ £22,000
👉 Ongoing Annual Cost: ~ £3,000 – £5,000

How to Keep Costs Under Control

ISO 22301 certification can feel expensive, but there are smart ways to reduce the burden without cutting corners:

  • Use a phased approach – Spread the implementation over several months to manage budgets.
  • Train internal champions – Invest in training a few staff to handle internal audits and maintenance instead of relying heavily on consultants.
  • Shop around for certification bodies – Prices vary, and not all providers have the same level of support.
  • Leverage digital tools – Business continuity software can streamline documentation and cut down on manual admin.

Is ISO 22301 Worth the Investment?

It’s easy to focus on the cost, but think about the flip side: what would downtime or disruption cost your business? For many organisations, a single day of downtime can run into tens of thousands of pounds in lost revenue. Add reputational damage and regulatory issues, and the risk is far greater than the price of certification.

ISO 22301 is more than a certificate on the wall – it’s peace of mind. It shows customers and partners that you’re prepared, resilient, and committed to protecting what matters.

So yes, there’s a cost. But it’s an investment in resilience, credibility, and long-term business survival.

Bottom line: For most organisations, ISO 22301 certification costs between £15,000 and £30,000 initially, with ongoing costs of £2,000 – £5,000 per year. The exact figure depends on your size, complexity, and how much outside support you need.

Want To Discuss Your Personal Quote?

Request your free quote with us today


Get A FREE Quote Now!
close slider

Scroll to Top