ISO 42001 cost calculator

What each part of the calculator means

The estimate is built from a few inputs and broken down into clear cost lines. Here is what each one represents.

New certification vs re-certification

New certification models a first-time project: building the management system from your chosen starting point, then paying for the initial two-stage audit. Re-certification assumes the system already exists and models the ongoing cycle — two years of surveillance audits followed by the full re-certification audit in year three.

Organisation size (employees)

The single biggest driver of the audit fee. UKAS-accredited bodies set audit duration using the mandatory IAF rules, which scale with headcount. More employees means more audit days, and each day is charged at a certification-body day rate (we model around £1,300/day, ex-VAT).

Management-system maturity

How much you already have in place. "Starting from scratch" assumes no documented system, so the most implementation effort. "Some processes documented" and "Already running an ISO-style system" progressively reduce the build effort — often the difference between a cheap project and an expensive one.

Implementation approach

The trade-off between external fees and your own team's time. Consultant-led minimises internal disruption but adds consultancy fees (modelled near £950/day). In-house avoids most fees but uses far more internal staff time (valued at a loaded rate around £280/day). Hybrid sits between the two.

Additional sites in scope

Each site beyond your main location adds both audit time and implementation effort. Certification bodies may apply a multi-site sampling approach that softens the audit increase, but more sites still cost more overall.

Optional add-ons

Common extras that are not strictly required but are widely bought: a formal gap analysis before you start, an outsourced internal audit where you lack in-house capacity, and training for a lead implementer or internal auditor. Toggle these to see their effect.

Integrate with an existing certification

If you already hold another ISO certification (for example ISO 9001), a new standard can share documentation and combined audit days through an integrated management system, cutting both build and audit cost.

Implementation total

The cost of building the system before any audit: consultant fees plus the value of your internal staff time. Shown only for new certification, since a re-certification assumes the system is already built.

Initial certification audit

The fee paid to the certification body for the two-stage initial assessment (Stage 1 documentation review and Stage 2 on-site audit). This is what earns you the certificate.

Annual surveillance audit

A shorter audit the body carries out in the years between full assessments (typically years one and two of each cycle) to confirm your system is still working. Modelled at roughly a third of the initial audit fee.

Re-certification (year 3)

At the end of each three-year cycle the certificate expires and a fuller re-certification audit is required to renew it. Modelled at around 70% of the initial audit fee — less than the first time, because the system is established.

3-year cost of ownership

The headline planning figure: the total across a full three-year cycle. For a new certification that is year-one build and audit plus two surveillance years plus the year-three re-certification. It is the most realistic number to budget against, because certification is an ongoing commitment, not a one-off purchase.