Cyber Insurance Readiness Checklist
Prepare practical evidence for your next policy application or renewal — LevoySec
Why this matters: Cyber insurance carriers have tightened their questionnaires and evidence expectations. Having these controls and proof ready before you apply helps you answer accurately, reduce back-and-forth, and show a credible remediation plan when gaps remain.
Identity & Access Management
- Multi-factor authentication (MFA) on all remote access
- MFA on email accounts (all users, not just admins)
- MFA on privileged/admin accounts
- Unique credentials for each user (no shared accounts)
- Documented admin-account ownership and exception handling
- Regular access reviews (quarterly recommended)
Endpoint Security
- Managed endpoint protection on company devices, with status reporting
- Automated patch management (OS and third-party)
- Full disk encryption on all laptops and portable devices
- Mobile device management (MDM) for company devices
- Application whitelisting or control on critical systems
Network Security
- Internet gateway or firewall rules reviewed and documented
- Network segmentation (separate guest, IoT, and production)
- Secure remote access with MFA and named-user accounts
- DNS filtering to block known malicious domains
- Wireless network security (WPA3, segmented SSIDs)
Email Security
- Email filtering for phishing, malicious links, and spoofing signals
- DMARC, DKIM, and SPF records configured
- Short security-awareness reminders and phishing reporting workflow
- Policies for handling sensitive information via email
Backup & Recovery
- Regular automated backups (at least daily)
- Offsite or cloud backup copies protected from normal user deletion
- Backup encryption
- Recent backup restoration test with date, scope, and result recorded
- Documented recovery time objectives (RTO) and recovery point objectives (RPO)
Incident Response & Governance
- Written incident response plan
- Incident response team identified (internal or outsourced)
- Tabletop or walkthrough (at least annually) for account compromise and ransomware response
- Written information security policies
- Annual risk review with owner, priority, and next action per finding
- Vendor/third-party risk management program
Documentation to Have Ready
- Most recent risk assessment report
- Security policy documents
- Incident response plan
- Business continuity / disaster recovery plan
- Employee training records
- Recent vulnerability scan, external exposure review, or documented exception list
- Prior claims history (if applicable)