Any appointed insurance broker can quote and bind a Coalition cyber insurance or technology errors & omissions policy online in under four minutes. During this process you'll be asked a few simple questions about the insured (see below), with little-to-no preparation required. Need to change an answer later on? No problem. Responses can be changed at any time. It’s literally as easy as riding a bicycle.
All the same, if you want to be prepared (some of us were Boyscouts too), here’s the information to have on hand:
- Company Name (i.e., the named insured(s))
- Website Domain(s)
- Number of employees (asked in ranges)
- Estimated annual revenue, projected for the next 12 months (gross revenue or net revenue may also be requested for certain industries)
- US or Canadian headquarters address
Cyber insurance Questions
- Question 1: Within the last 3 years has company suffered a cyber incident resulting in a claim in excess of $25,000? (Yes/No answer)
- Question 2: Is company aware of any circumstances that could give rise to a claim under this insurance policy? (Yes/No answer)
- Question 3: Does company enable disk encryption on laptops, desktops, and other portable media devices? (Yes/No/Sometimes answer)
- Question 4: Does company accept credit cards or collect PII* or PHI** from its customers? (This does not include employees of company.) (Yes/No answer).
- If Yes to #4, then two questions: How many payment card numbers (credit cards, debit cards, etc.) does company store, process, transmit, or have access to? How many customer PII* or PHI** records does the company have?
- Both answers are ranges: None / <100K / 100K-500K; 500K - 1M / over 1M needs number
- Please select an effective date for company's policy.
Additional questions for cyber insurance may be asked based upon the coverages selected or the industry of the company, such as:
- Within the last 3 years has company been subject to any complaints concerning the content of its website, advertising materials, social media, or other publications? (Yes/No answer)
- Does company have procedures to remove content (including third party content) that is libelous, infringing, or otherwise controversial? (Yes/No answer)
- Does company have procedures to back up, archive, and restore sensitive data and critical business systems? (Yes/No answer)
- Does company require dual control when transferring funds in excess of $25,000? (Yes/No answer)
Technology E&O questions
(can be added to any cyber policy and only needs to be answered if Technology E&O is quoted)
- Question 1: Within the last 3 years has the company been subject to a dispute or claim arising from a technology error or omission in excess of $25,000? (Yes/No answer)
- Question 2: Is the company operating as a managed service provider (MSP), or does the company participate directly in or sell technology products/services designed for any of the following industries?
- Adult Entertainment
- Financial Services
- Internet of Things
- Payment Processing
- Point of Sale (POS) Software/Hardware/Reseller
- Professional Services (Legal,Medical, A&E, ...etc.)
- Question 3 : Please describe the company’s use of technology in delivering its product and/or services.
- Question 4: How often are the company's services provided by written agreement or contract? (Select the option most accurately describing the company)
a) 100% of agreements or contracts
b) 50% or more of agreements or contracts
c) Less than 50% of agreements of contracts
d) 0% of agreements or contracts
- Question 5: Identify the standard risk mitigating clauses or methods contained within the company's agreements or contracts (select those that apply):
- Customer acceptance / final sign off
- Disclaimer of warranties
- Hold harmless agreements that benefit the company
- Limitation of liability
- Exclusion of consequential damages
- Indemnification clause
- Binding mandatory arbitration
- Project phases / milestones
If you'd like to gather the cyber information from your client before completing the application, feel free to download the questionnaire below (both US and Canadian versions available).
* PII = Personally Identifiable Information
** PHI = Protected or Personal Health Information