ISO consultant or compliance software? An honest comparison for UK construction SMEs
The short version. An ISO consultant is the right call when you have no in-house HSQE capacity, an audit emergency, or a one-off complex implementation. Compliance software is the right call when you have someone running compliance internally, multiple ISO standards, and a multi-year horizon. Most established UK construction SMEs end up using both: software for the everyday, a consultant for the periodic stretch. The honest comparison, with real cost ranges, is below.
If you’re a UK construction SME pursuing or holding ISO 9001, 45001 and 14001, you’ve probably faced the same fork in the road that every certified business hits. Do you pay an ISO consultant to manage your compliance, or do you buy software and run it in-house?
The honest answer is that it depends on your situation, and most of the content you’ll find on this question is written by one side trying to win you. Consultancies publish “why software can’t replace expert guidance”. Software vendors publish “why you’re wasting money on consultants”. Both are selling.
This guide is written to help you choose well, including choosing neither us nor a consultant if that’s the right answer for your business. We’ll give you real cost ranges, the honest case for each route, and a decision matrix at the end.
The two routes UK construction SMEs take
There are really only two ways a UK construction SME gets and stays ISO certified, with a hybrid in the middle.
Route one: the consultancy retainer. You engage an ISO consultant (independent practice or the consulting arm of a certification body) to do the compliance work for you. They run the gap analysis, write the documentation, conduct internal audits, prepare for the surveillance audit, and hold your hand through the certification body visit.
Route two: software-supported in-house. You buy a compliance platform, your HSQE manager runs the management system through it, and the software handles evidence capture, clause mapping, gap surfacing and audit-pack production. No external practitioner manages your compliance day to day.
The hybrid: software for the everyday plus a consultant for the periodic technical stretch (initial implementation, a tricky transition, a major audit). Most established UK construction SMEs land here over time.
What an ISO consultant actually does for the money
Worth being specific, because “ISO consultant” covers a wide range of engagements.
A full-service ISO consultancy retainer for a UK construction SME typically includes:
- Initial gap analysis against the relevant standards
- Writing or rewriting the documented information (quality manual, procedures, forms)
- Setting up the management system structure
- Conducting or supporting internal audits (Clause 9.2)
- Facilitating management review (Clause 9.3)
- Pre-audit preparation before each surveillance visit
- On-the-day support during the certification body audit
- Corrective action support after any nonconformities
A lighter engagement might be gap-analysis-only, with the SME doing the rest in-house. A heavier engagement might include ongoing monthly compliance management across multiple standards and sites.
The value of a good consultant is real. They’ve seen many audits, they know what your specific certification body looks for, and they can spot a gap that an in-house HSQE manager who only sees one audit a year would miss.
The real cost of an ISO consultant in 2026
UK ISO consultancy pricing in 2026, for a construction SME:
| Engagement type | Typical annual cost |
|---|---|
| Gap analysis only (one-off) | £500-£1,500 |
| Full implementation support (first certification, single standard) | £3,000-£8,000 |
| Full implementation support (trio: 9001 + 45001 + 14001) | £6,000-£15,000 |
| Ongoing retainer (maintenance, surveillance support) | £1,000-£4,000/year |
| Audit-week emergency support (one-off) | £500-£2,000 |
Two things worth knowing about consultancy cost patterns. First, the surge: costs spike around audit time and around recertification (every three years), so the average annual figure understates the audit-year cost. Second, the dependency: the longer you retain a consultant for routine work, the less internal capability you build, which makes leaving harder over time.
For comparison, compliance software for a UK construction SME sits at £75-£300 per month (£900-£3,600 per year). Our full buyer’s guide covers the software cost tiers in detail.
What you get versus what you keep
The most important distinction between the two routes, and the one most cost comparisons miss.
With a consultant, you get a result and keep little. The certification gets achieved. The documentation gets written. The audit gets passed. But the expertise lives with the consultant. When the contract ends, the knowledge walks out of the door. Next year you re-engage, or you struggle.
With software, you get a slower start and keep the capability. The first certification takes more internal effort. But the management system lives in your business, your HSQE manager builds genuine competence, and the audit-readiness compounds year on year rather than resetting each audit cycle.
For a UK construction SME planning to hold ISO certification for the long term (which is most of them, since the tenders that require it recur), the keep matters more than the get.
The compliance software approach
What software-supported in-house compliance actually looks like for a UK construction SME:
Evidence is captured continuously, at the moment activities happen, rather than reconstructed before each audit. Documents, records, certificates, toolbox talks, inspections and training records are structured against the relevant ISO clauses automatically, so the answer to “show me your evidence for Clause 8.4” is one click rather than one week of folder-hunting.
Gaps surface continuously. The HSQE manager sees what’s missing in the normal run of work, not on the morning of the audit. Management review inputs collate automatically. The audit trail is built as a by-product of operating the system, not assembled for the auditor.
The trade-off is honest: software needs someone in-house to run it. It doesn’t replace the HSQE manager. It makes the HSQE manager substantially more effective and removes the annual scramble. If you have nobody internal who can own compliance, software alone won’t carry you.
The hybrid most SMEs end up with
In practice, the most common pattern for an established UK construction SME is:
- Software for the everyday: continuous evidence, clause mapping, gap surfacing, audit-pack production, run by the in-house HSQE manager
- A consultant for the periodic stretch: initial implementation if starting from scratch, a tricky standards transition, or expert review before a high-stakes recertification audit
This pattern keeps the day-to-day cost low, builds internal capability, and brings in external expertise only when the marginal value of the expert is highest. It’s usually the most cost-effective route over a three-year certification cycle.
The honest case for a consultant
A consultant is genuinely the better choice when:
- You have zero in-house HSQE capacity. Nobody internal can own the management system. Software needs an owner; a consultant brings their own.
- You have an audit emergency. Surveillance audit in six weeks, evidence in disarray, no time to build a system. A consultant can triage faster than you can implement software.
- You’re doing a one-off complex implementation. First-time certification in a complex multi-standard, multi-site context where expert structure-setting pays for itself.
- Your audit cycle is genuinely low-touch. A very small business with ISO 9001 only and minimal change year to year may find a light annual consultant retainer cheaper than software.
If two or more of those describe you, talk to a good UK ISO consultancy before you talk to a software vendor.
The honest case for software
Software is the better choice when:
- You have an HSQE manager in-house. Someone owns compliance and wants to be more effective rather than outsource the responsibility.
- You hold or are pursuing multiple ISO standards. The 9001 + 45001 + 14001 trio benefits from a single structured system rather than three parallel consultant workstreams.
- You’re pursuing recurring framework or tender work. The audit-readiness needs to be continuous, not a once-a-year event, because clients increasingly ask for live evidence.
- You’re planning a multi-year horizon. The capability you keep compounds, where the consultant result resets.
If two or more of those describe you, software is likely the better long-term economics.
The Slab Principle in this debate
There’s a deeper reason the software-versus-consultant question matters, and it goes to what compliance actually is for your business.
The Slab Principle is that compliance is the entire product, not a feature. A consultant who manages your compliance treats it as a service they deliver and withdraw. Generic software that bundles compliance as one module among twelve treats it as a feature. Both leave compliance as something adjacent to your business rather than embedded in it.
Audit-readiness embedded in your business, owned by your HSQE manager, supported by software built for that single job, is a different proposition. It’s the difference between renting compliance and owning it. We’ve written the full case for the principle at The Slab Principle: why compliance is the entire product, not a feature.
Decision matrix
| Your situation | What we’d recommend |
|---|---|
| No in-house HSQE capacity, audit emergency | ISO consultant |
| No in-house HSQE capacity, no urgency, planning to hire | Light consultant retainer now, software when you hire |
| In-house HSQE manager, single standard, stable | Software, optional gap-analysis consultant at the start |
| In-house HSQE manager, the 9001/45001/14001 trio | Software, with consultant for the initial trio implementation if starting cold |
| In-house HSQE manager, pursuing recurring framework or tender work | Software for continuous audit-readiness, consultant only for periodic stretch |
| Very small business, ISO 9001 only, minimal change | Spreadsheets plus light annual consultant retainer |
A note for ISO consultancies
If you’re a UK ISO consultancy reading this, the two routes aren’t necessarily in competition. Some UK consultancies now use compliance software on behalf of their own clients: the software handles the continuous evidence and audit-readiness, the consultant focuses on the high-value expert work. It lets a consultancy serve more clients to a higher standard in the same time. If that’s of interest, get in touch.
Frequently asked questions
Q: Is it cheaper to use a consultant or software for ISO 9001?
A: Over a single audit year with a one-off implementation, a consultant and software cost in a similar range. Over a three-year certification cycle, software-supported in-house is usually cheaper because the cost is flat while consultancy costs surge around audits and recertification. The bigger difference is what you keep: software builds internal capability, a consultant takes the expertise with them.
Q: Can compliance software replace an ISO consultant entirely?
A: For an SME with an in-house HSQE manager, yes for the ongoing work. Many SMEs still bring in a consultant for the initial implementation or a high-stakes recertification. Software replaces the routine compliance management, not necessarily the periodic expert review.
Q: Do we need an HSQE manager to use compliance software?
A: You need someone who owns compliance, whether that’s a dedicated HSQE manager, an operations director who carries the responsibility, or a quality lead. Software makes that person more effective. It doesn’t remove the need for an internal owner.
Q: We have a consultant already. Is it worth adding software?
A: Often yes. The hybrid pattern (software for the everyday, consultant for the periodic stretch) usually reduces total cost and builds internal capability while keeping expert input where it adds most value.
Q: What about audit week specifically?
A: Audit week is where the two routes feel most different. With a consultant, you rely on their preparation and presence. With continuous-evidence software, audit week is calmer because the evidence is already in order. We’ve written about what audit week actually costs UK construction SMEs.
Next steps
If you’re a UK construction or engineering SME with an HSQE manager in-house, and the software route fits your situation, the founding-client cohort is open until we reach 20 sign-ups: getslab.uk/foundation-client.
If you’re not sure which route fits, get in touch with two sentences about your business and we’ll give you an honest opinion, including telling you if a consultant is the better call.
Related reading:
- The best ISO compliance software for UK construction SMEs in 2026
- The Slab Principle: why compliance is the entire product, not a feature
- ISO 9001 for construction: the honest UK guide for civils contractors
Slab is an audit-readiness platform for UK construction and engineering SMEs. ISO 9001, 45001 and 14001. UK-built. UK-hosted Customer Data. Compliance is the entire product, not a feature. getslab.uk.