Document your agent usage for cyber insurance renewal

Why this matters

Cyber insurance carriers added agent-exposure questions to renewal applications starting around 2024 and have been tightening them every year since. By 2026 you can expect a section that asks:

• What AI model providers are in use, and for what business functions?
• What data categories are sent to those providers?
• What controls are in place to prevent prompt injection, tool misuse, or unauthorized data exposure?
• How long are AI conversations retained?
• Have you experienced an AI-related incident in the last 12 months? If yes, describe.

Two failure modes lose money here. Answering too little (“we use AI but it’s not material”) signals to the underwriter that you do not know your own exposure; premiums go up, or the coverage gets a sublimit. Answering too much (“all AI traffic is encrypted with bank-grade security and reviewed by SOC 2 controls”) is fine for marketing copy and ruinous on a claim. When a real incident triggers a claim, the carrier reads your renewal answers as representations. If your stated controls did not exist or were not operating, the claim gets denied.

The honest packet is short and cites internal evidence. Auxot already centralizes most of it. Your subprocessor inventory (Map your subprocessors for procurement) names the providers. Your SOC 2 mapping (Build a SOC 2 control mapping for your Auxot deployment) names the controls. Your tabletop history (Run an incident tabletop exercise) shows your rehearsal cadence. Your audit logs (View your audit logs) show what actually happened.

This tutorial assembles that evidence into a packet the broker can hand the underwriter without you having to defend each line in a phone call.

Nothing answers itself: you name the providers, you confirm the controls, you describe the incidents honestly, you sign the application.

Quick start

1. Get the carrier’s agent section: the renewal application from your broker. Read it once before opening any tabs.
2. Pull the five evidence sources: subprocessor inventory, SOC 2 mapping, tabletop reports, retention playbook, audit-log summary (last 12 months of incident-relevant events).
3. Draft answers section by section: name specific providers, specific controls, specific retention numbers, specific incidents. No marketing adjectives. No hedge words the carrier will quote back on a claim.
4. Write the broker cover memo: one page. Summarize the agent program, point to the section answers, name the contact for follow-up questions.
5. Route legal + finance review: insurance answers are representations. Legal verifies the language; finance verifies anything that affects coverage limits.

Done? A packet your broker can submit, plus a copy your security lead can defend if the carrier comes back with followup questions.

The agent can do that?

1. Draft answers from your evidence sources

Chat → Admin Agent:

Draft answers to this cyber insurance agent section using ONLY these inputs:
- Carrier questions: [paste]
- Subprocessor inventory: [paste table or context-file title]
- SOC 2 mapping summary: [paste, or "in progress"]
- Tabletop history (last 12 months): [paste dates + scenarios + dates of fixes]
- Retention summary: [paste 3 sentences]
- Incident history (last 12 months): [paste actual incidents OR explicitly "none"]

For each question: one-paragraph answer citing which source supports it. Specific providers, specific controls, specific numbers. If you cannot answer from the sources, write "needs human review"; do not invent.

Why it’s non-obvious: Insurance answers default to vague when teams answer from memory. Forcing the agent to read named sources keeps the language defensible. You still verify every sentence against the source before legal sees it.

2. Flag answers that could expose you to a claim denial

After the draft exists:

Draft answers: [paste]. Flag every answer that contains: (a) a control we claim but cannot prove operated continuously over the policy period, (b) an "always," "never," or "all" statement without scope, (c) an omission that could be read as misrepresentation when the carrier compares the answer to a real incident. Suggest one specific edit per flag.

Why it’s non-obvious: Claim denials happen at the gap between the renewal application’s representations and the facts at the time of loss. The agent catches the most common gaps; you verify domain-specific ones.

3. Broker cover memo

Produce a one-page memo for our broker introducing the agent section of the renewal application. Audience: the broker, who will forward to the underwriter. Tone: factual, specific, no marketing. Structure: (1) what agents do in our business in 2 sentences, (2) which controls are in place and which are in progress (with dates), (3) incident history in 1 sentence (honest, even if "one tabletop exercise this quarter, no real incidents"), (4) named contact for followup questions.

Why it’s non-obvious: Brokers ferry the application without context. A short cover memo frames the agent program for the underwriter so the section answers read as part of a coherent program, not isolated rows.

Go deeper

The five evidence sources, mapped to the typical carrier questions

What insurance answers must NOT do

• Promise certifications you do not hold. “SOC 2 Type II certified” when you only have Type I: denial-ready.
• Use absolutes without scope. “All AI traffic is encrypted in transit”: fine if true and scoped to your Auxot deployment; problematic if a single edge case (a misconfigured worker, a deprecated path) breaks the statement.
• Omit a known incident. A real incident in the policy period, undisclosed at renewal, is the cleanest path to a denied claim. “One contained data-exposure event YYYY-MM-DD; remediated within 48 hours; full post-mortem available on request” is the right answer.
• Volunteer details the carrier did not ask for. This is not a sales call. Answer the question, cite the source, stop.

Where Auxot helps most directly

• CC6 controls (access, multi-team isolation, API key scoping) are visible in Settings and provable from Audit Logs.
• CC7 controls (continuous logging of every job, thread, and event) are visible in Audit Logs with a 12+ month retention window.
• CC8 controls (change tracking on agents, tool policies, providers) are visible in Audit Logs → Events.

For carriers that ask specifically about “AI governance,” the combination of Define a tool policy (what tools agents can use), Require human approval before risky actions (where humans gate the agent), and Red-team your agents against prompt injection (adversarial testing cadence) is the answer.

Where Auxot does NOT help

• Policy documents (acceptable use, data handling, incident response written policy): live outside Auxot in your wiki or policy management tool. Reference them; do not paste them into chat to draft from.
• Coverage history (prior claims, prior carriers, prior renewals): your finance team or broker has this; do not synthesize it.
• Cyber risk quantification (FAIR analysis, expected-loss modeling): specialized work that goes beyond evidence collection. Some carriers ask for it on larger policies; route to a specialist if so.

Refresh cadence

• Annual at renewal. Full packet, fresh evidence, signed by the named officer.
• On material change mid-policy. A new model provider, a new tool category, a real incident: notify the broker. Some policies require notification within 30 days of material change; missing the window can void coverage.
• Quarterly internal review. Same cadence as the subprocessor inventory and SOC 2 mapping. The annual renewal packet draws from current evidence, not stale evidence.

Owner change between renewals

The renewal packet has a named signer (usually the security or operations lead). When that person rotates between policy years, Hand off the audit narrative when your compliance lead changes covers the handoff motion: the packet and the reasoning behind each representation move to the next person without losing the connection to the underlying SOC 2 mapping, subprocessor inventory, and tabletop history it cites.

Troubleshooting

• The broker says the answer is too short. Brokers want to hand the underwriter a polished story. Sometimes a short, citation-backed answer reads as evasive to a non-technical broker. Provide the cover memo (power move 3) so the broker has the narrative; keep the section answers short and specific.
• Finance wants you to remove disclosure of a contained incident. Push back. A contained incident with a post-mortem is good evidence of program maturity; an undisclosed incident that surfaces later voids coverage. Cite the rep-and-warranty risk.
• Legal wants to add weasel words. Negotiate. “To the best of our knowledge as of [date]” is fine at the top of the application. Per-answer weasel words read as evasion and can themselves trigger underwriter followup.
• The carrier asks for evidence you do not have. Answer honestly: “Not currently in scope; planned for [quarter].” A timeline beats a blank.

Variations & edge cases

• First-time cyber insurance: the application will be longer because the carrier has no baseline. Budget two days, not one, for the first packet.
• Self-hosted vs hosted: the answer to “where does AI data reside” differs. Self-hosted teams should add a paragraph distinguishing what the customer’s data does and does not leave (their own infrastructure boundary).
• Multi-jurisdiction (US + EU customers): the carrier may ask separate questions about EU residency, GDPR-aligned controls, and DPA terms with subprocessors. Pull from the subprocessor inventory’s region column.
• Mid-year acquisition of a company with agent exposure: the next renewal needs to fold in the acquired company’s agent exposure. Run the same evidence-gathering on the acquired side before consolidating.

Walkthrough

Step 1: Gather the inputs

Open the carrier’s renewal application (agent section) plus your evidence sources:

• Subprocessor inventory (context file from Map your subprocessors for procurement).
• SOC 2 mapping (context file from Build a SOC 2 control mapping for your Auxot deployment), if any; “audit in progress” is a fine answer.
• Tabletop reports from the last 12 months (Run an incident tabletop exercise).
• Retention notes (Plan for retention and deletion requests).
• Incident summary: the actual incidents from the last 12 months, OR an explicit “no real incidents; [N] tabletop rehearsals.”

Step 2: Draft section by section

Use power move 1 to generate first-pass answers. For each carrier question:

• One paragraph answer.
• Citation to the source (“per subprocessor inventory dated YYYY-MM-DD”).
• Specific numbers and named providers.

Example for “What AI model providers are in use?”:

Auxot is our agent orchestration layer; the underlying model providers in scope during this policy period are [Anthropic, OpenAI] in US regions. The full subprocessor list is maintained at [link or filename], dated YYYY-MM-DD, and updated quarterly.

Step 3: Run the claim-denial check

Use power move 2. Read every flag carefully; these are the lines a claims adjuster will read first. Common issues:

• Controls described in present tense that are actually planned.
• Encryption claims without scope.
• Incident counts that exclude near-misses or contained events.

Step 4: Draft the broker cover memo

Use power move 3. One page, signed by your security or operations lead. The memo gives the broker something to walk in with; the section answers are the receipts.

Step 5: Legal + finance review

• Legal: verifies the representations are accurate and the language does not create unintended obligations.
• Finance: verifies anything that affects coverage limits, sub-limits, or premium-affecting representations.

Step 6: Sign + submit + file the copy

Sign the application. Submit through the broker. File the internal copy in the same place you keep the SOC 2 mapping and subprocessor inventory; auditors and the next renewal cycle will both want it.

Step 7: Set the calendar

• 30 days before next renewal: refresh evidence sources.
• On any material change mid-year: notify the broker.
• Quarterly: confirm the controls you described in the application are still in place.

What’s next

• → Map your subprocessors for procurement. The provider-list answer reads from this inventory.
• → Build a SOC 2 control mapping for your Auxot deployment. The controls answers read from this mapping.
• → Run an incident tabletop exercise. The rehearsal-cadence and incident-history answers cite tabletop reports.
• → Red-team your agents against prompt injection. Adversarial-testing receipts support the controls answers.
• → Plan for retention and deletion requests. The retention answer reads from this playbook.
• → Answer vendor security questionnaires from your own evidence. Same evidence base, different reader (carrier vs customer procurement).
• → Write the agent section of your customer-facing security page. Public-facing sister; insurance is private. Both must stay consistent because customers can compare them.
• → Hand off the audit narrative when your compliance lead changes. When the insurance-packet signer rotates between policy years, the packet belongs in the same handoff packet as the audit narrative; the next person needs the reasoning behind each representation, not just the signed application.
• → View your audit logs. Where the incident-history answer is verified before signing.

Reference

• Five evidence sources: subprocessor inventory, SOC 2 mapping, tabletop reports, retention playbook, audit-log summary.
• Insurance answer rules: no absolutes without scope, no certifications you do not hold, no omitted incidents, no volunteered detail.
• Document type: representations (contractual weight under the policy). Honesty at renewal protects coverage at incident.
• Refresh cadence: annual at renewal, mid-year on material change, quarterly internal review.
• Broker cover memo: one page; what agents do + controls in place + incident history + named contact.
• See also: Map your subprocessors for procurement, Build a SOC 2 control mapping for your Auxot deployment, Run an incident tabletop exercise, Red-team your agents against prompt injection, Plan for retention and deletion requests, Answer vendor security questionnaires from your own evidence, Write the agent section of your customer-facing security page