Your renewal is a negotiation — and every "no" on the insurer's questionnaire, every untested control you attest to, costs you money or coverage. We get you to the table with a costed improvement roadmap and evidence that stands up after an incident.
Book a conversation See the engagementAnswer "no" to the insurer's best-practice controls and a risk multiplier lands on your premium. Most organisations never get shown what closing each gap would cost — or save.
Attest to controls you haven't properly tested and your insurer can deny a claim after the incident investigation — exactly when you need the policy most.
Aggregate limits, sub-limits and exclusions buried in the schedule decide what actually pays out. Few policies are ever checked against real business impact.
A focused consulting engagement — around five consulting days across three months, timed to land before your renewal date.
Your policy schedule, terms and questionnaire analysed. Every obligation identified, with gap recommendations delivered in an actionable memo.
Key business processes, supporting systems and the real cost of short, medium and long-term disruption — the foundation for right-sized cover.
Sub-limits, aggregate limits and exclusions tested against your BIA, with recommendations to take into policy negotiations.
For every control gap: a costed one-pager with actions, timeline and conceptual architecture — ammunition for premium negotiations.
Your posture assessed against CSA's CCM Lite — 91 foundational controls mapped to ISO, NIST and CIS, with implementation guidance so your team can self-improve.
GRC best practice for your IT team: framework selection, statements of applicability, sample sizes and evidence retention.
Complete the insurer's due diligence questionnaire accurately and defensibly — no accidental misrepresentation of your security posture.
Your team upskilled at close of engagement, and the outcomes presented directly to your board.
Three months, workshop-driven, built around your renewal date.
We review your policy, terms and previous questionnaire, and deliver an obligations memo with recommendations.
BIA, control testing education and a facilitated posture assessment — half-day sessions with your team.
Coverage memo plus costed project one-pagers ready for premium and coverage negotiations.
Board presentation, knowledge transfer, and support while you negotiate the renewal.
Independent advice from people who've sat on every side of the table.
No vendor arrangements, no products to sell. Free to recommend re-using what you already own where it fits your risk appetite.
25+ years in cyber security, Big 4 professional services background, lead security architect on major government programs. The person you meet does the work.
Minimal overheads, focused scope, weekly memos so value lands as observations are made — not just in a report at the end.
No proprietary black-box methodology — your assessment maps to a framework your team can keep using.
Cloud Security Alliance CCM Lite — a streamlined set of 91 foundational controls from the Cloud Controls Matrix v4, designed for organisations of any size or maturity. It maps to more than 15 security standards including ISO, NIST and CIS, and ships with implementation guidance, so improvements made for this renewal keep paying off at every renewal after it.
A short conversation now is enough to work out whether your questionnaire, your policy and your posture are ready — and what they're costing you.
Email us Download the flyer (PDF)