Every Briggs IT engagement is a monthly program, not a project — predictable pricing, no multi-year lock-in, and the same named point of contact every time. The right level for your firm depends on the rules you answer to and the protection you want. Here’s how the three compare.
The tiers aren’t arbitrary bundles — each one is built to meet a specific level of regulatory obligation, and each builds on the one below it.
The first level is the floor: the essential security foundation that qualifies a smaller Texas firm for state safe-harbor protection. The second level adds the broader controls, training, and reporting that a larger firm — or any firm that wants more protection regardless of size — needs to meet a fuller set of frameworks. The third level adds the formal written programs, documentation, and examination-ready evidence that firms under federal regulators require.
A useful way to think about it: the lower levels keep you protected, and the higher levels prove it — in writing, to the people who can ask. And these levels are reference points, not rigid packages — we build the actual scope around what your firm already has and what you’re ready to hand off. Most firms find the right fit quickly once they’ve had a Compliance Readiness Review, because the answer comes straight from the rules that actually apply to them.
What you’re paying for at every level is the work, not the tools — the expertise to build and run your program, the availability to support your people, and the accountability to keep it all current and documented. Pricing is per user because that’s what drives the workload: every person is more to protect, support, and account for. Any third-party software your program needs is billed separately from the per-user price. All levels: 10-user minimum, 12-month term with a 60-day exit available after month six.
These three levels are reference points, not rigid packages. They show what a typical engagement looks like at each level of regulatory need — but every firm is different. Some already have pieces in place; some want to start with less and add over time; some need something between two levels. We build the actual scope around what your firm has, what it needs, and what you’re ready to hand off. The Compliance Readiness Review is where we figure that out together.
The essential foundation that qualifies your firm for state safe-harbor protection — set up, managed, and kept current by Briggs IT. We align you to the baseline security controls the law expects for a firm your size, keep your systems monitored and patched, make sure your data is backed up and recoverable, and give your team a direct line for support.
what this level includes:
Starting at $95 per user / month
what this level adds:
Starting at $175 per user / month
Everything we do at the Plus level, plus the formal written programs and examination-ready evidence a firm under a federal regulator — the SEC, the FTC — or facing AI-governance requirements needs to demonstrate compliance. A small firm can absolutely carry this exposure; this is the level built to stand up to a federal examiner.
what this level adds
Starting at $295 per user / month
what this level adds
Not sure which column describes your firm? That’s exactly what the Compliance Readiness Review answers — we map your firm to the level the rules actually require, and build from there.
Engagements run on a 12-month term, with a 60-day termination for convenience available after the sixth month. The reason for that six-month floor is straightforward: the heaviest work comes first. Setting up and deploying your program in the early months is the bulk of the effort, and the six-month minimum makes sure that front-loaded work is seen through before either side can walk. After that, termination for convenience is available — predictability and a real commitment on both sides, without a multi-year lock-in.
It’s a process, and it starts before anyone signs anything. Here’s the whole arc:
First, we gather the details — we come out and learn how your firm actually works, what systems you have, and where things stand. We don’t scope from a phone call; we look first.
Then we review your environment against the rules that apply to your firm, and we present what we found — a written report, in plain English, walking through what’s in place, what’s missing, and what it would take to close the gaps. This is the honest moment: now that we’ve looked, we can talk specifics. It’s a lot like a good repair shop — the inspection is free, but nobody quotes the out-the-door number until they’ve actually put it on the lift, because that’s the only number worth trusting.
If your environment needs prep work before we can deploy cleanly, we scope that with you — plainly, up front, before any ongoing engagement begins. Then we plan the engagement around what your firm needs, deploy your program across the firm, and document everything as we build it. From there, it settles into the ongoing rhythm: keeping your program current and handling the day-to-day.
You’ll know what’s happening at every step, and you’ll never get a surprise. The whole point is that nothing about working with us is a mystery — including what it costs and when.
You don’t have to figure that out on your own — that’s what the Review is for. The right level comes straight from the rules your firm actually answers to, and we’ll point you to it. Some firms know they’re under a federal regulator and land at Safe Harbor Federal; many start at Essential or Plus. After the Review, you’ll have a clear recommendation built on your firm’s real situation, not a guess.
Because an honest number doesn’t exist until we’ve looked. Every firm’s environment is different — some need real prep work before anything else, some are nearly ready. Quoting before the Review would mean either padding the number to be safe or lowballing to win the work, and we won’t do either. We give you a real number once we know what we’re actually dealing with. Same as that free inspection: the price comes after the look, not before.