DISP
MEMBERSHIP
COST
The full cost breakdown for DISP membership in Australia — IRAP assessment fees, consultant costs, remediation, and ongoing compliance. No surprises.
FULL DISP MEMBERSHIP COST BREAKDOWN
All costs are indicative ranges for Australian market conditions in 2025–2026. Actual costs depend on organisation size, ICT complexity, and current security posture.
| Phase | Cost Item | Low Estimate | High Estimate | Notes |
|---|---|---|---|---|
| Initial | DISO Application Fee | $0 | $0 | No government fee charged |
| Initial | IRAP Assessment | $15,000 | $50,000 | Depends on ICT environment complexity |
| Initial | ICT Remediation (E8 ML2) | $10,000 | $80,000 | Depends on current posture and gaps |
| Initial | Security Plan Preparation | $8,000 | $25,000 | Consultant-prepared or template-based |
| Initial | Physical Security Upgrades | $5,000 | $40,000 | Access control, CCTV, secure storage |
| Initial | AGSVA Clearances (SO + FSO) | $1,000 | $4,000 | Per person; Baseline clearance |
| Ongoing | Annual Security Report (ASR) | $5,000 | $15,000 | Per year, outsourced preparation |
| Ongoing | E8 Monitoring & Maintenance | $10,000 | $30,000 | Per year, managed service |
| Ongoing | Security Consultant Retainer | $24,000 | $60,000 | Per year ($2k–$5k/month) |
| Ongoing | IRAP Re-Assessment | $15,000 | $50,000 | Every 2–3 years |
| Total Initial Cost (Baseline) | $39,000 | $199,000 | Highly variable — get a scoped estimate | |
HOW TO REDUCE YOUR DISP MEMBERSHIP COST
Beginning the compliance process 12 months before the DISP application deadline allows incremental remediation rather than a costly sprint. Early starters typically spend 30–40% less on remediation.
DISPulse automates ongoing compliance monitoring and ASR preparation, reducing the annual consultant fees from $24,000–$60,000 to as little as $8,000–$15,000 per year.
A specialist DISP consultant with a proven methodology and template library costs less than a general IT security firm that builds everything from scratch. Specialist firms also have higher first-attempt approval rates, avoiding costly re-submissions.
Only include ICT systems that genuinely process, store, or transmit classified Defence information. A tightly scoped assessment can cost 50% less than an over-scoped one.
Cloud services with existing IRAP assessments (such as Microsoft Azure Government or AWS GovCloud) can reduce the ICT remediation and IRAP assessment scope significantly.
DISPath offers a fixed-fee DISP application engagement with a guaranteed first-attempt approval or we re-submit at no additional cost. Fixed fees eliminate cost blowouts from scope creep and extended timelines.
DISP MEMBERSHIP COST — FAQs
5 key questions about the cost of DISP membership in Australia.
How much does DISP membership cost in Australia?
There is no application fee charged by DISO for DISP membership — the government does not charge organisations to apply. However, the total cost of achieving and maintaining DISP membership is significant. For a Baseline application with a typical starting point, organisations should budget $50,000–$150,000 for the initial compliance uplift (IRAP assessment, remediation, consultant fees, and Security Plan preparation). Ongoing annual compliance costs typically range from $20,000–$60,000 per year (ASR preparation, continuous monitoring, clearance renewals, and retainer fees).
Is there a DISO application fee for DISP?
No. DISO does not charge an application fee for DISP membership. The Australian Government does not charge organisations to apply for or maintain DISP membership. All costs associated with DISP membership are third-party costs — IRAP assessors, security consultants, ICT remediation, and internal staff time.
What does an IRAP assessment cost?
IRAP assessment costs vary significantly depending on the size and complexity of the ICT environment being assessed. For a small organisation with a simple, well-documented ICT environment, an IRAP assessment typically costs $15,000–$25,000. For medium-sized organisations with more complex environments, costs range from $25,000–$50,000. Large organisations with complex, multi-site ICT environments may pay $50,000–$100,000 or more. These figures are for the assessment only — remediation costs for any findings are additional.
What are the ongoing costs of DISP membership?
Ongoing DISP membership costs typically include: Annual Security Report (ASR) preparation ($5,000–$15,000 if outsourced); continuous Essential Eight monitoring and maintenance ($10,000–$30,000 per year for a managed service); security consultant retainer for advice and incident support ($2,000–$5,000 per month); AGSVA clearance renewals for personnel ($500–$2,000 per person); and periodic IRAP re-assessments (typically every 2–3 years, $15,000–$50,000). Total ongoing costs for a typical Baseline member range from $20,000–$60,000 per year.
How can I reduce the cost of DISP membership?
The most effective ways to reduce DISP membership costs are: (1) Start early — beginning the compliance process 12 months before the DISP application deadline gives time to remediate gaps incrementally rather than in a costly sprint; (2) Use a purpose-built GRC platform like DISPulse to automate ongoing compliance monitoring and ASR preparation, reducing the manual effort and consultant fees; (3) Engage a specialist DISP consultant who has a proven methodology and template library, rather than a general IT security firm that will build everything from scratch; (4) Scope the IRAP assessment carefully — only include systems that genuinely need to be in scope.
GET A SCOPED
COST ESTIMATE
IN 48 HOURS.
Book a free DISP Cost Assessment. We'll scope your specific situation and give you a fixed-fee estimate for the full compliance journey — no surprises, no hourly billing.