EVIDENCE TEMPLATES
Evidence Templates
Download pre-built evidence templates for each underwriting control. Get started faster with examples that match your business.
Showing 15 templates
Incident Response Plan Template
A structured incident response plan covering detection, containment, eradication, recovery, and post-incident review. Aligned to carrier expectations.
Business Continuity Plan Template
Business continuity and disaster recovery plan template with RTO/RPO targets, critical function prioritization, and testing schedules.
Wire Transfer Verification Procedure
Step-by-step procedure for verifying wire transfer requests, including callback verification, dual approval, and out-of-band confirmation.
MFA Enforcement Policy
Policy template requiring multi-factor authentication across all user accounts, remote access, email, and administrative systems.
Patch Management Policy
Defines patching cadence for critical/high/medium vulnerabilities, testing procedures, and exception management.
Backup & Recovery Procedure
Backup scheduling, retention, offsite replication, immutability settings, and documented restore testing procedure.
Security Awareness Training Program
Annual training program outline covering phishing recognition, password hygiene, data handling, and social engineering prevention.
Access Review Procedure
Quarterly access review procedure for critical systems, including role-based access audit, deprovisioning checklist, and privileged account inventory.
EDR Deployment Checklist
Checklist for validating endpoint detection and response agent deployment across all managed devices with coverage verification.
Encryption Policy
Policy covering encryption at rest (BitLocker/FileVault), in transit (TLS), and for sensitive data stores. Includes key management guidelines.
Remote Access & VPN Policy
Policy governing VPN usage, zero-trust access requirements, MFA for remote sessions, and internet-exposed service minimization.
Vendor Risk Assessment Template
Third-party vendor security assessment questionnaire and scoring framework for evaluating vendor risk.
Data Classification Policy
Data classification taxonomy with handling procedures for public, internal, confidential, and restricted data categories.
Email Security Configuration Guide
Step-by-step guide for configuring SPF, DKIM, and DMARC records with enforcement policies and email gateway filtering.
Privileged Access Management Guide
Implementation guide for privileged access management including admin account inventory, MFA enforcement, and activity logging.
Want to customize templates for your business?
Create Free Account →