INSTAQUOTE - Cyber Insurance iTOO GO

Name of Insured

Physical address

Postal code

Registration number

VAT number

Email Address

Contact number

Nature of operations

Details of products and services offered

URL / website

Number of employees

Annual revenue

Limit of indemnity

Premium Calculation

Annual Revenue (No item selected) Limit of Indemnity (per claim and in the annual aggregate) (No item selected) *Deductible -- Select a value first -- Premium -- Select a value first -- Annual premiums reflected; *Each and every claim

Should you answer No to any of the questions below, you may be required to complete a full proposal form instead. Upon receipt, your application will be reviewed and our advisors will revert.

1. Are you domiciled in South Africa with no operations outside South Africa to be covered under this policy?
Yes No

2. Do you collect, store or process less than all of the below:

100 000 personally identifiable records (name, ID number, contact details, address)
100 000 bank records or financial account details
100 000 unique payment cards per year (credit card, debit card)
50 000 medical records or health information

Yes No

3. Please confirm if you have implemented the following security controls:

Active, paid for Internet Security software on all Sensitive Systems e.g Anti-Virus / Anti-Malware
Apply patches and updates noted as being critical by the provider within 1 month of release and general security related patches and updates within 3 months of release
Password controls including:
1. Minimum 8 characters
2. Passwords which are not easy to guess e.g. not consisting of your name, the company name or well-known simple passwords such as Password!1
3. Passwords changed at least quarterly unless multi factor authentication is implemented or 14-character passwords are used
4. Accounts are locked out after at most 10 failed authentication attempts
Resiliency controls including:
1. Weekly backup generation or replication (process of copying or reproducing data to a separate location)
2. Having a backup copy which is separate to or protected from your production (live/working) environment so that the likelihood of one incident impacting live and backup data is mitigated e.g. backup to cloud, disconnected/offline storage or ransomware protection enabled backup generation software
3. Test the ability to restore or read from backups at least every 6 months

Yes No

Multi factor authentication to gain access to payment applications
Yes No

If you have a company network, please confirm that you have implemented all the following:

Firewalls to restrict access to Sensitive Information
Where enabled, remote access is exclusively via secured channels such as virtual private network (VPN)
Sensitive System activity logs such as firewall and Active Directory (as used in your environment) are stored for at least 3 months

Yes No Not Applicable

Terms and Conditions

The applicable policy wording is the iTOO Go Cyber Insurance policy wording, including:
1. Cyber Liability
2. First Party Expenses
3. Cyber Extortion
4. Theft of Funds
5. Crisis Management and Notification Expenses
6. Loss of Business Income
7. Digital Media Liability
8. Physical Damage
Loss of Business Income deductible is 12 hours and is sub limited to 50% of the annual limit of indemnity
Cyber extortion is sub limited to 50% of the annual limit of indemnity
Theft of Funds and Physical Damage is included as standard and is sub limited to R250 000
Premiums include 15% VAT and 20% Commission
Retroactive date as per inception date unless prior uninterrupted cyber insurance cover has been held. Please provide expiry schedule as proof.
Risk dependent iTOO reserves the right to review and adjust the above premiums

Optional Additional Endorsements

Please complete the relevant Annexure if looking for cover for the additional endorsement or a limit higher than R250 000 for Theft of Funds or Physical Damage cover.

Initial Response Phase Yes No

Theft of Funds Yes No

Outsourced Service Provider Yes No

Payment Card Industry Yes No

Phone Phreaking Yes No

Physical Damage Yes No

Privacy

In accordance with the applicable laws, we may be required to share your personal information with other insurers, industry bodies, credit agencies and service providers. This includes information about your insurance, claims and premium payments. We do this to provide insurance services, prevent fraud, assess claims and conduct surveys. We will treat your personal information with caution and have put reasonable security measures in place to protect it. By signing this application for insurance, you agree to the processing and sharing of your personal information.

Declaration

This application does not bind the Proposer to buy or the insurer to issue the insurance, but it is agreed that this form shall be the basis of the contract should a policy be issued. The Proposer declares that the statements set forth in this application are true. The Proposer further declares that if the information supplied on this application changes between the date of this application and the time when the policy is issued, the Proposer will immediately notify the insurer of such changes and the insurer may withdraw or modify the proposed terms of insurance.

Name

Position