How much PI insurance cover do I need as an IT consultant in the UK?

~2 min read

Reviewed by Matthew Bartlett, Director · Last reviewed 2026-07-08

IT consulting has no statutory regulator prescribing minimum limits. Sizing is driven by three things: client contract requirements, the PI-and-cyber overlap for consultants handling data, and the scale of project delivery exposure. This entry sets out how IT consultancies should size PII, where cyber cover should sit alongside, and the specific triggers that push sizing up.

Short answer — market ranges

Client contract requirements — the primary driver

The PI/cyber overlap

IT consultants sit in the intersection of professional negligence (PI) and cyber events (cyber insurance). A single incident — a consultant misconfigures access controls, leading to a client data breach — can trigger both. Sizing needs to cover both dimensions with clean policy coordination.

GDPR / data processor exposure

Any IT consultant handling client personal data is a data processor under UK GDPR Article 28. Article 82 provides direct liability to data subjects. Consultancies with material data-processing work should size PII with the ICO enforcement exposure in view.

Project delivery claim triggers

  1. Scope creep without formal change control
  2. Missed acceptance criteria at UAT or in production
  3. Technology choice failure — recommended stack unsuitable
  4. Delivery methodology failure — waterfall/agile unsuited to client context

Worked example

Illustrative only. An eight-consultant boutique cloud migration and data engineering firm serving mid-market financial services. Fee income £3.8m. Cyber Essentials Plus. Client contracts require £5m PI + £2m cyber. Broker recommendation: £5m primary + £2m top-up for £7m tower; separate £2m cyber; contract limitation-of-liability provisions reviewed.

Ready to size your cover properly?

Pick your profession on our proposal form and a named broker will come back with structured options.

Get a quote →

Related reading

See IT consultants regulatory framework, PI vs cyber insurance, GDPR and ICO exposure, and the IT consultants PI insurance guide 2026.

Apex Insurance Brokers Limited is authorised and regulated by the Financial Conduct Authority. Firm reference number 724952. This entry is general information, not advice on any particular policy.