Any appointed insurance broker can quote and bind a Coalition cyber insurance or technology errors & omissions policy online in under four minutes. During this process you'll be asked a few simple questions about the insured (see below), with little-to-no preparation required. Need to change an answer later on? No problem. Responses can be changed at any time. It’s literally as easy as riding a bicycle.
All the same, if you want to be prepared (some of us were Boyscouts too), here’s the information to have on hand:
Company Name (i.e., the named insured(s))
Number of employees (asked in ranges)
Estimated annual revenue, projected for the next 12 months (gross revenue or net revenue may also be requested for certain industries)
US or Canadian headquarters address
Cyber insurance Questions
Question 1: Within the last 3 years has company suffered a cyber incident resulting in a claim in excess of $25,000? (Yes/No answer)
Question 2: Is company aware of any circumstances that could give rise to a claim under this insurance policy? (Yes/No answer)
Question 3: Does company implement encryption on laptop computers, desktop computers, and other portable media devices? (Yes/No/Sometimes answer)
Question 4: Does company collect, process, store, transmit, or have access to any Payment Card Information PCI*, PII**, or PHI*** other than employees of company?
If Yes to #4, then two questions: What is the estimated annual volume of payment card transactions (credit cards, debit cards, etc.)? How many PII** or PHI*** records does company collect, process, store, transmit, or have access to?
Both answers are ranges: None / <100K / 100K-500K; 500K - 1M / over 1M needs number
Please select an effective date for company's policy.
Additional questions for cyber insurance may be asked based upon the coverages selected or the industry of the company, such as:
Within the last 3 years has company been subject to any complaints concerning the content of its website, advertising materials, social media, or other publications? (Yes/No answer)
Does company enforce procedures to remove content (including third party content) that may infringe or violate any intellectual property or privacy right? (Yes/No answer)
Does company maintain at least weekly backups of all sensitive or otherwise critical data and all critical business systems offline or on a separate network? (Yes/No answer)
Does company require a secondary means of communication to validate the authenticity of funds transfers (ACH, wire, etc.) requests before processing a request in excess of $25,000? (Yes/No answer)
Technology E&O questions
(can be added to any cyber policy and only needs to be answered if Technology E&O is quoted)
Question 1: Within the last 3 years has the company been subject to a dispute or claim arising from a technology error or omission in excess of $25,000? (Yes/No answer)
Question 2: Is the company operating as a managed service provider (MSP), or does the company participate directly in or sell technology products/services designed for any of the following industries?
- Adult Entertainment
- Financial Services
- Internet of Things
- Payment Processing
- Point of Sale (POS) Software/Hardware/Reseller
- Professional Services (Legal,Medical, A&E, or other licensed professional services)
Question 3 : Please describe the company’s use of technology in delivering its product and/or services.
Question 4: How often are the company's services provided by written agreement or contract? (Select the option most accurately describing the company)
a) 100% of agreements or contracts
b) 50% or more of agreements or contracts
c) Less than 50% of agreements of contracts
d) 0% of agreements or contracts
Question 5: Identify the standard risk mitigating clauses or methods contained within the company's agreements or contracts (select those that apply):
- Customer acceptance / final sign off
- Disclaimer of warranties
- Hold harmless agreements that benefit the company
- Limitation of liability
- Exclusion of consequential damages
- Indemnification clause
- Binding mandatory arbitration
- Project phases / milestones
If you'd like to gather the cyber information from your client before completing the application, feel free to download the questionnaire below (both US and Canadian versions available).
* PCI = Payment Card Information
** PII = Personally Identifiable Information
*** PHI = Protected or Personal Health Information