Skip to content

Insurance Form Questions

This directory contains extracted questions from various cyber insurance application forms. These questions provide valuable insights into what insurers consider important risk indicators, which helps inform our platform's assessment design.

Contents

Data Files (Ready for Post-Planning Import)

  • insurance-questions.json - Structured data file containing all 113 extracted questions with full metadata, ready for import into the unified question bank after planning phase
  • insurance-questions.csv - Spreadsheet format of the same data, useful for manual review and analysis

Documentation Files

  • insurance-questions.md - Human-readable format listing all questions organized by insurance company and form
  • extraction-summary.md - Statistical analysis of the extracted questions including distribution by risk pattern, answer type, and framework mapping

Extraction Details

Extraction Date: 2025-06-13 (Updated)
Total Questions: 127
Source Forms: 7 PDFs from AIG, Blue Zebra, Chubb, Liberty, and others

Companies and Forms Processed

  1. AIG - CyberEdge Ransomware Supplemental (35 questions)
  2. Blue Zebra - Cyber Proposal Form (19 questions)
  3. Chubb - 3 forms with 46 questions total:
  4. Cyber ERM Small Business Proposal (5 questions)
  5. Cyber ERM Mid-Market Proposal (27 questions)
  6. Forefront Portfolio Proposal (14 questions)
  7. Liberty - Ransomware Addendum (6 questions)
  8. Combined - Cyber Combined Application v2.3 (21 questions)

Question Tagging Schema

Each question has been tagged with the following metadata:

  1. Insurance Company - The insurer who created the form
  2. Form Type and Version - Specific form identification
  3. Risk Pattern Association - Categories like data_breach, ransomware, third_party, etc.
  4. Framework Mapping - Alignment to frameworks (Essential Eight, ISO27001, NIST, Privacy Act)
  5. Answer Type Required - yes_no, text_short, text_long, numeric, multi_choice, dollar_amount

Key Insights for MVP Planning

Most Common Question Topics

  • Technical security controls (firewalls, MFA, patching) - 18%
  • Incident response capabilities - 15%
  • Data breach preparedness - 7%
  • Third-party vendor management - 7%

Answer Type Distribution

  • Short text responses - 48%
  • Yes/No questions - 22%
  • Multiple choice - 15%
  • Numeric values - 8%

Framework Coverage

  • General compliance - 80%
  • ISO27001 specific - 11%
  • Essential Eight - 6%
  • NIST framework - 2%
  • Privacy Act - 1%

Usage Notes

  1. For Planning Phase: Use the markdown files to understand what questions insurers ask and identify patterns
  2. For Implementation Phase: Use the JSON/CSV files to import into the unified question bank
  3. Quality Considerations: Some questions were fragmented during PDF extraction and may need manual cleanup

Next Steps

  • Cross-reference with existing compliance frameworks to identify gaps
  • Use insights to design MVP question sets
  • Consider answer type distribution when designing form interfaces
  • Map insurance requirements to our risk pattern taxonomy