Insurance Documentation | Municipal Focus
Insurer Evidence Pack
Clear, organized artifacts aligned to common questionnaires—built in ~15 business days after assessment.
Proof over promises — documentation that insurers expect
Ransomware aware — focus on identity, backups, logging, response
Town-size friendly — sized for small teams and budgets
What’s inside
1) Access Control (MFA)
- M365/Google admin report showing MFA enforcement
- VPN/firewall MFA screenshot & policy note
- Privileged account review and exceptions register
2) Backups & Recovery
- Backup job success screenshot & retention note
- Restore test summary (who/what/when/duration)
- Recovery checklist (roles, steps, contacts)
3) Logging & Audit
- Log retention policy (30–90 days baseline)
- Sample exported log with timestamp
- List of sources enabled (OS, M365, firewall)
4) Incident Response & TTX
- IR Plan PDF tailored to the agency
- Tabletop agenda & after-action notes
- Escalation call sheet (insurer, legal, forensics)
5) Vulnerability Snapshot
- Executive summary of findings (CVSS spread)
- Top fixes with owners and target dates
- Optional patch verification screenshots
6) Policies & Awareness
- Acceptable Use, Data Handling, IRP sign-offs
- Training attendance log
- One-page staff guide (phishing, reporting)
Process
- Discovery — 60–90 min call and light questionnaire
- Control setup/validation — MFA, backup test, logging baseline
- Tabletop — 1–2 hour session with leadership
- Evidence build — binder compiled and delivered securely
Language avoids absolute guarantees. Controls aim to lower exposure and support claims review.
Pricing
Evidence Pack (stand-alone)
For agencies that want the documentation now.
$4,000 typical
Quarterly Refresh
Backup test, log check, short vuln update, mini-AAR.
$900–$1,200/qtr