Cyber Insurance Readiness

Check 12 common cyber insurance requirements. See your gap score and get specific advice.

DRAFT — Not insurance advice. Requirements vary by insurer and policy type. Work with a qualified broker for actual coverage decisions.

Your Insurance Readiness Score

0/12

🔴 Very High Risk — Most insurers will decline or heavily limit coverage

Fix these 12 gaps to improve your insurability.

Access ControlsMulti-Factor Authentication (MFA)

MFA enabled for all privileged accounts and remote access.

Access ControlsLeast Privilege Access Policy

Employees only have access to data they need for their role.

Data ProtectionData Encryption at Rest and in Transit

All sensitive data encrypted using industry-standard algorithms.

Data ProtectionData Backup and Recovery

Regular automated backups with tested recovery procedures.

Incident ResponseIncident Response Plan (IRP)

Written plan covering detection, containment, notification, and recovery.

Incident ResponseIncident Response Testing

Tabletop exercise or simulation conducted within last 12 months.

Vendor ManagementThird-Party Risk Assessment

Key vendors assessed for security and data handling practices.

Vendor ManagementData Processing Agreements (DPAs)

DPAs signed with all vendors processing personal data.

Employee TrainingSecurity Awareness Training

All employees trained on phishing, password hygiene, and incident reporting within last 12 months.

Employee TrainingAI Usage Policy

Written AI acceptable use policy distributed and acknowledged by all employees.

Technical ControlsVulnerability Scanning / Patch Management

Regular scanning for vulnerabilities; critical patches applied within 30 days.

Technical ControlsSecurity Logging and Monitoring

Security events logged; logs retained for minimum 90 days; alerts configured for suspicious activity.

ComplianceIQ provides guidance only. Not insurance or legal advice. Back to Tools