Pricing is provided as ‘from’ values based on a defined baseline scope suitable for small to mid-sized organisations. Final fees are confirmed following scope validation.

Defined scope, senior consultant involvement, agreed deliverables, and remote delivery as standard.

Organisation size, complexity, systems in scope, regulatory exposure, assurance depth, stakeholders, and delivery timelines.

No. Pricing is region-agnostic and applies globally. Engagements are delivered remotely by default.

Pricing is adjusted proportionately based on the size of your organisation:

• Small (foundational)

• Growth (expanding)

• Mature (complex)

No. External audit fees, tooling, testing, and legal services are excluded unless stated.

All work is delivered under a Statement of Work (SoW) defining scope, deliverables, assumptions, and change control.

All changes are assessed, documented, and agreed upon before proceeding.

Typically milestone-based or monthly invoicing, aligned to the Statement of Work (SoW).

Senior GRC practitioners with recognised framework experience.

All engagements are conducted in accordance with contractual confidentiality and applicable data protection obligations. Meridian GRC Consulting Ltd is registered with the UK Information Commissioner’s Office (ICO) as a data controller, demonstrating compliance with UK data protection registration requirements and ongoing regulatory oversight.

We start with a focused discussion to understand your objectives, regulatory context, and assurance needs. From there, scope, deliverables, and timelines are clearly agreed to ensure alignment before work begins.