Insurance Form Question Extraction Summary¶
Extraction Date: 2025-06-13 (Updated) Total Questions Extracted: 127 (was 113)
Summary by Insurance Company¶
| Company | Forms | Total Questions |
|---|---|---|
| AIG | 1 | 35 |
| Blue Zebra | 1 | 19 |
| Chubb | 3 | 46 (+14) |
| Liberty | 1 | 6 |
| Unknown (Combined) | 1 | 21 |
Question Categories by Risk Pattern¶
| Risk Pattern | Count | Percentage |
|---|---|---|
| general | 91 | 71.7% |
| incident | 9 | 7.1% |
| governance | 8 | 6.3% |
| employee | 7 | 5.5% |
| third_party | 7 | 5.5% |
| technical | 6 | 4.7% |
| data_breach | 2 | 1.6% |
| business_interruption | 1 | 0.8% |
| ransomware | 1 | 0.8% |
Question Types Distribution¶
| Answer Type | Count | Percentage |
|---|---|---|
| text_short | 80 | 63.0% |
| numeric | 15 | 11.8% |
| yes_no | 12 | 9.4% |
| date | 10 | 7.9% |
| multi_choice | 5 | 3.9% |
| text_long | 4 | 3.1% |
| dollar_amount | 1 | 0.8% |
Framework Mapping¶
| Framework | Count | Percentage |
|---|---|---|
| general | 117 | 92.1% |
| essential_eight | 4 | 3.1% |
| nist | 3 | 2.4% |
| privacy_act | 2 | 1.6% |
| iso27001 | 1 | 0.8% |
Key Observations¶
-
Question Quality: Some questions were fragmented due to PDF extraction challenges. Manual review recommended for:
-
Questions that appear incomplete (e.g., "are documented.")
-
Questions missing their beginning (e.g., starting mid-sentence)
-
Coverage Areas: The forms heavily focus on:
-
General compliance questions (72%)
- Technical security controls
- Incident response capabilities
- Governance and policy questions
-
Employee and third-party management
-
Answer Types: Majority require short text responses (63%), with numeric (12%) and yes/no (9%) following.
-
Framework Alignment: Most questions are general compliance (92%) rather than specific framework-aligned, suggesting opportunity for framework mapping enrichment.
New Chubb Form Analysis¶
The Chubb Forefront Portfolio form added 14 questions focusing on:
- Employment practices liability
- Crime controls and social engineering fraud
- Privacy compliance (Australian Privacy Principles)
- Backup and security fundamentals
Files Generated¶
- insurance-questions.json - Full structured data for import
- insurance-questions.csv - Spreadsheet format for review
- insurance-questions.md - Human-readable format with all questions
Next Steps¶
- Manual review to fix fragmented questions
- Enhance framework mapping with more specific control references
- Add severity/criticality scoring to questions
- Cross-reference with existing question bank to identify duplicates
- Create category-based question sets for different business types
Notes for Import¶
- All questions have been tagged with the 5 required attributes as specified in outstanding-work-tracker.md
- Risk patterns and framework mappings are stored as arrays to support multiple values
- Source file and extraction date included for traceability
- Page numbers preserved for reference back to original documents