Cyber Insurance Readiness Audit | North Star IT
← All Services
SVC · 14 · Compliance

Your insurer says
fix it or no coverage.

Your cyber liability renewal landed with a questionnaire. MFA, EDR, immutable backups, written incident response plan. We work through the questions, show what is already in place, fix what is not, and hand your broker a clean answer.

Book a readiness audit See the deliverables
// WHY THIS MATTERS

Carriers are tightening every year.

Most BC and Alberta SMBs got renewal questionnaires in 2025 that were not there in 2022. Premiums double if you cannot show controls. Claims get denied if you stated something on the application that turns out to be untrue. Brokers want a partner they can call.

// 01

Premium goes up

Carriers are charging anywhere from 30 to 200 percent more on renewals when controls are weak. Fixing the gaps usually pays for itself inside the first year.

  • RENEWAL
  • PREMIUM
// 02

Coverage gets cut

Ransomware sublimits, social engineering sublimits, contingent business interruption limits. The cheap policy can have a $25k sublimit on the one thing you actually need.

  • SUBLIMITS
// 03

Claims get denied

If the application says MFA is on everything and it is not, a claim can be denied for material misrepresentation. We document what is actually in place.

  • MISREP
  • EVIDENCE
// DELIVERABLES

What you get from the audit.

A weekend of structured work that gives your broker the answers they need and gives you a real picture of where you stand. Everything documented. Nothing left to memory.

// 01

Completed questionnaire

We answer every question on your insurer's application, in their language, with evidence references. Broker-ready.

  • CARRIER FORMAT
// 02

Gap report

Plain-English list of what is missing, what risk each gap creates, and what it costs to close. Sorted by carrier weight.

  • PRIORITIZED
// 03

Remediation plan

Timeline, owner, and dollar cost for each fix. Some you can do in an hour, some take a quarter. We tell you which is which.

  • BUDGETED
// 04

Evidence pack

Screenshots, policy excerpts, configuration exports. The artefacts your carrier or auditor will ask to see.

  • AUDIT TRAIL
// 05

Broker letter

One-page summary your broker can attach to the submission. Saves them work, makes them look good to underwriting.

  • BROKER READY
// 06

12-month watch plan

Quarterly check-ins so the controls do not drift. Renewal next year is a confirmation call, not a panic.

  • ONGOING
// HOW IT WORKS

From questionnaire to broker-ready answer.

Five business days end to end. Most of the work happens on our side. We need about three hours of your time spread across the week.

// STEP · 01

Send us the questionnaire

Forward the carrier's application or renewal questionnaire. We sign an NDA on request.

// STEP · 02

Discovery call (60 min)

We walk through your environment together: identity, endpoints, email, backups, vendors, incident history.

// STEP · 03

Evidence collection

We pull configuration and policy artefacts from Microsoft 365, your endpoint agent, your firewall, and your backup tool. Read-only, no agents installed.

// STEP · 04

Gap report and fixes

Draft answers, gap list, remediation cost estimate. You review. We adjust.

// STEP · 05

Hand-off to broker

Final questionnaire, evidence pack, and a one-page broker letter. You submit. Renewal happens.

// WHAT WE CHECK

The controls carriers ask about.

Every major carrier in Canada is converging on roughly the same control set. We score each one on a four-step scale: in place, partial, missing, or not applicable.

// 01

Multi-factor authentication

Across email, remote access, VPN, admin consoles, financial systems. Phishing-resistant for privileged accounts.

  • MFA
  • PRIVILEGED
// 02

Endpoint detection and response

EDR or XDR with active monitoring. Not just antivirus. Microsoft Defender for Business counts when configured.

  • EDR
  • MONITORED
// 03

Backups

Off-site, encrypted, tested, and immutable. We confirm a restore actually works, not just that backups run.

  • 3-2-1
  • IMMUTABLE
// 04

Email security

DMARC, anti-phishing, attachment sandboxing, link rewriting. Plus user training that has actually happened.

  • DMARC
  • TRAINING
// 05

Patching and asset inventory

Are workstations and servers actually patched within carrier-required windows? Do you know what you own?

  • PATCH
  • INVENTORY
// 06

Incident response plan

Written, current, with named contacts. Tested at least once a year. Many carriers require this in writing.

  • WRITTEN
  • TESTED
// 07

Privileged access management

Separate admin accounts, no shared logins, just-in-time admin where possible. Audit logs retained.

  • LEAST PRIV
// 08

Vendor and supply chain

Third-party access reviewed. MSP and SaaS contracts in place. Breach notification clauses present.

  • THIRD PARTY
// 09

Logging and monitoring

Critical systems logging to a place that survives a ransomware event. Alerts go somewhere a human reads.

  • SIEM
  • ALERTING
// PRICING

Fixed fee. No surprises.

Audit is a fixed-price engagement. Remediation is quoted separately so you can choose what to fix in-house and what to outsource.

// TIER · SMALL

Up to 25 users

One office, one Microsoft 365 tenant, one firewall. Most professional firms and trades sit here.

  • $2,450
  • 5 BUSINESS DAYS
// TIER · MEDIUM

26 to 75 users

Multiple offices, a couple of business systems, more vendor sprawl. Most regional businesses.

  • $4,200
  • 7 BUSINESS DAYS
// TIER · LARGE

76 to 200 users

Multi-site, on-prem servers in play, regulated industry. Quoted after a 15-minute scoping call.

  • FROM $6,800
  • 10 BUSINESS DAYS
// QUESTIONS

Things people ask us.

If your question is not here, ask. We answer email within a business day.

Do you work with my broker?
Yes. Most of our audits start with a broker referral. We can talk directly with your broker or you can be the channel, whatever you prefer.
What if we are not your client yet?
That is fine. The audit is a stand-alone engagement. If you want us to handle the remediation afterward we will quote it. If you want to use your existing IT person, the gap report is theirs to work.
Can you guarantee renewal?
No, and nobody who tells you they can is being straight. We can guarantee that your application is complete, accurate, and supported by evidence, which is what underwriters actually want.
What carriers do you see most?
Beazley, Coalition, At-Bay, CFC, Chubb, and the Canadian carriers like Northbridge and Intact. The questionnaires overlap roughly 80 percent.
How long is the audit valid?
Twelve months. Controls drift, vendors change, staff turn over. We re-check the high-impact items quarterly under the watch plan.
Do you sign an NDA?
Yes. Standard mutual NDA on request before discovery.

Your renewal is closer than you think.

Most policies renew in a 60-day window. Start the audit at least 30 days out and you walk into the renewal call with answers, not panic.

Book a scoping call Email Keegan directly

More Services Services

Back to Services

See all Services services.

Cybersecurity Assessment for SMBs

Two-week scored cybersecurity assessment for small businesses in BC, Alberta, and Yukon. Identity, endpoints, email, network, backup, and people. Fixed price.

Remote & Local Deployments · North Star IT

Set up new offices, job sites, and remote workers properly. Local in BC, remote anywhere. A managed service from North Star IT.

Device Procurement · North Star IT

We source, configure, and ship the right laptops, phones, and tablets for your team. No retail markup, no random configs.