Cyber Risk
Quick Quote
2 | Cyber Risk Insurance
Cyber Risk Insurance
Application (for UK businesses with a Turnover of less than £50M)
Name of Proposer
Company number Charity Registration number
Business Description
Registered Address
Post Code
Policy wording: The policy wording, policy summary and our Cyber Risk Insurance Brochures can be found on our website at
Guidelines to help you complete this Application
If any of the answers provided in this Statement of Fact are “NOT TRUE” the Proposer must provide the relevant additional information and where
this is provided, this will need to be reviewed and authorised by RSA. Provided upon review the risk is acceptable to RSA, RSA will endorse the
disclosure for reference. Where the additional information provided or requested is unacceptable to the Insurer, the risk will be ineligible for Quick
Quote and a full proposal form will be required.
The proposer should keep a copy of this application and any other information supplied to RSA in connection with this quote.
By accepting this declaration to bind this Policy you will be confirming that the information provided is the correct and true position.
Please check your Statement of Fact, Schedule and Policy carefully to ensure you have the required cover and the information is correct.
Cyber Risk Insurance - Statement of Fact
RSA is unable to provide this cover for businesses involved in the following activities:
Government entities (central and local government, regional authorities and councils)
Online gaming
Crypto-currency or services associated with crypto-currency
Adult entertainment industry
Nuclear risks
3 | Cyber Risk Insurance
If you are in any doubt as to whether any information is something that should be disclosed to RSA please contact Your Insurance Adviser
immediately. The following business activities are not eligible for the Cyber Risk Quick Quote. Please complete the Cyber Risk Proposal form and
submit to RSA.
Your business activities do NOT include any of the following;
Airlines & Air Traffic Conrol
Critical National Infrastructure (CNI)
(Critical National Infrastructure - Defined as Power Generation & Distribution, Water Supply & treatment, Sewage treatment.)
Financial Institutions/Financial Services/Accountants/Law Firms
Internet Service Providers & Cloud Service Providers
TV & Broadcasting, Newspaper and other publications
If you are in any doubt as to whether any information is something that should be disclosed to RSA please contact Your Insurance Adviser
Please Tick – This
statement is TRUE
Please Tick – Additional
Information provided
1. Your Company is domiciled in the UK and has no assets, subsidiaries or operations
outside of the United Kingdom.
2. No more than 25% of your turnover is derived from the USA.
3. The annual income, turnover or annual revenue of Your Company in the last
12 months is LESS than £50M.
4. You have NOT been declared bankrupt or insolvent or been the subject of
bankruptcy proceedings in the previous 6 years.
5. In the last financial year You have had a positive net worth and You have made a
profit before tax.
6. You process, transmit or store LESS than 1,000,000 financial transactions
(Credit card payments) per year.
7. You process, transmit or store LESS than 1,000,000 records containing an
individual’s personal information per year.
8. You operate commercially licenced and purchased firewalls to prevent, detect and
monitor intrusions across Your network.
9. You operate commercially licenced and purchased anti-virus software across Your
10. You encrypt all mobile devices, including laptops, tablets, smartphones and memory
11. Your Company is GDPR compliant.
12. All personal identifiable information is adequately protected in compliance with the
You back up Your Critical business systems operating systems, programs and data
on a regular basis.
14. You maintain at least one copy (back up) isolated from your main computer system
with restricted access to authorised personnel only.
15. Please confirm You regularly apply patches and updates in accordance with the
suppliers’ recommendations and always apply critical system patches immediately.
Cyber Essentials is a Government-backed and industry supported scheme to guide businesses in protecting themselves against cyber threats.
Cyber Essentials documents are FREE to download and any organisation can use the guidance to implement essential security controls. Details
can be found on the
4 | Cyber Risk Insurance
Comprehensive Breach Response Management
Together with our partners, Crawford, a global leader in Cyber incidents and crisis management; we provide a 24/7/365 response that will:
Immediately triage the issue and advise on the best course of action;
Provide a panel of experts to help, advise and assist You in dealing with a cyber incident.
Help return business operations to pre-incident levels as quickly as possible.
This pricing table is valid until date to 30/06/2021.
Prices exclude IPT. Please note that Sub limits may apply.
For full details of all limits and sub limits please refer to your policy.
Limit of Indemnity
Turnover £100,000 £250,000 £500,000 £1,000,000 Applicable
Waiting Period
<£1m £293 £511 £772 £1,100 £1,000 8 hours
£1m-5m £481 £839 £1,180 £2000 £1,000 8 hours
£5m-10m £700 £1,284 £1,902 £2,750 £1,000 8 hours
£10m-20m £1,027 £1,712 £2,463 £3,500 £2,500 8 hours
£20m-35m £1,522 £2,536 £3,595 £5,100 £2,500 8 hours
£35m-50m £1,902 £3,170 £4,460 £6,550 £2,500 8 hours
5 | Cyber Risk Insurance
Cyber Risk Insurance - Quotation Summary
PCI compliance level?
(delete as appropriate)
None / Level 1 / Level 2 / Level 3 / Level 4
Date of last assessment
Total Turnover in the last 12 months (please provide a break down of
turnover for each European territory as local taxes may apply)
Turnover breakdown:
Rest of World - Scandinavia
- Australia
- New Zealand
- Latin America
- Asia Pacific
- Other
Number of Employees?
Percentage of turnover generated on-line
Limit Required
Premium applicable
Retro Active Date 90 days prior to Period of Insurance start date
Cover Start Date
Your policy runs for 12 months from the start date shown on
your schedule.
Gross Revenue or Gross Profit
(*delete one option as appropriate)
*Gross Revenue / *Gross Profit
Cyber Essentials Certification (if known)
Other RSA Policy Number (if applicable)
6 | Cyber Risk Insurance
Important Notice Concerning Disclosure
Before your Cyber Risk Insurance takes effect you have a duty to make a fair presentation of the risks to be insured under your Cyber Risk
Insurance Policy. A fair presentation of the risk is one:
discloses to Us every material circumstance which You know of or ought to know of; or
gives Us sufficient information to put Us on notice that We will need to make further enquiries for the purpose of revealing those material
which makes that disclosure referred to above in a manner which is reasonably clear and assessable to Us; and
in which every material representation as to a matter of fact is substantially correct, and every material representation as to a matter of
expectation or belief is made in good faith.
A material circumstance is one that would influence Our decision as to whether or not to insure You and, if so, the terms of that insurance. If You
are in any doubt as to whether a circumstance is material you should disclose it to Us. A copy of the proposal should be retained by you for your
own records.
Financial or Trade Sanctions
Please note that Royal & Sun Alliance Insurance plc is unable to provide insurance in circumstances where to do so would be in breach of any
financial sanctions imposed by the United Nations or any government, governmental or judicial body or regulatory agency. Full details will be
provided in Your policy documentation.
Fair Processing Notice
RSA will treat your personal information fairly and lawfully in accordance with the EU General Data Protection Regulation 2018 (GDPR).
7 | Cyber Risk Insurance
Declaration and Undertaking
I/We are NOT aware of any matter that is reasonably likely to give rise to any loss or claim for cover being requested in this application.
I/We have NOT had any investigation or information request concerning any handling of personally identifiable information.
I/We have NOT suffered any Cyber loss or any Cyber claim including but not limited to a regulatory, governmental or administrative action.
No Insurer has ever cancelled, withdrawn or non-renewed a policy or coverage therein that provided the same or similar coverage as the insurance
I/We declare that every statement and particular contained within this proposal form:
which is a statement of fact, is substantially correct, and
which is matter of expectation or belief, is made in good faith.
If any such facts, expectations and/or beliefs materially change before this Cyber Risk insurance policy takes effect I/we undertake to provide
details of all such changes to Us in order to comply with my/our obligation to provide a fair presentation of the risk to be insured under the Cyber
Risk insurance policy.
For the purposes of making this proposal for insurance, I/we agree that the Intermediary (which I/we have appointed to advise in relation to this
policy) is acting on my/our behalf and not as an agent of RSA.
Signature (on behalf of the Proposer)
Print Name of the Signatory Position Held / Title
For and on behalf of (Insert name of the Proposer)
Additional Information
click to sign
click to edit
Royal & Sun Alliance Insurance plc (No. 93792).
Registered in England and Wales at St Mark’s Court, Chart Way, Horsham, West Sussex, RH12 1XL
Authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority.
UKC04826J November 2020