Requesting a P250 involves the following steps:

Step 1

This endpoint will return accountID which you can then use to submit subsequent API requests.

Step 2

📘
List of security assessment questions can be found below:

Field Description Required?
accountId Policyholder's account id Y
backupFrequency How often does the organization perform backups of business-critical data? (Allowable values WEEKLY/MONTHLY/QUARTERLY/SIX_MONTHS/NEVER) Y
civilOrCriminalAction Civil or criminal action or administrative proceeding alleging violation of any federal, state, local or common law? Y
claimHistory Has the Organization filed any claims due to a cyber event? 0=Never, 1=within last 12 months, 2=with last 2 years, 3=within last 3 years, 4=within last 4 years, 5=within 5years or more Y
dmzSeparation Are all internet-accessible systems (e.g. web, email-servers) segregated from the organization’s trusted network (e.g. within a demilitarized zone (DMZ) or at a third-party service provider)? N
incidentResponsePlan Does the organization have an incident response plan - tested and in-effect - setting forth specific action items and responsibilities for relevant parties in the event of cyber incident or data breach matter? Y
isAuthenticatingFundTransferRequests Do policy holder employees authenticate funds transfer requests (e.g. by calling a customer to verify the request at a predetermined phone number)? Affirmative answer is required to be eligible for Social Engineering endorsement T
isPreventingUnauthorizedWireTransfers Do policy holder employees prevent unauthorized employees from initiating wire transfers? Affirmative answer is required to be eligible for Social Engineering endorsement N
isSecurityOfficer Does the policyholder agree to be the designated Information Security Contact? Y
isSecurityTraining Does policyholder provide mandatory information security training to all employees at least annually? If not, are they willing to implement it during the policy period? Y
isVerifyingBankAccounts Do policy holder employees verify vendor/supplier bank accounts before adding to accounts payable systems. Affirmative answer is required to be eligible for Social Engineering endorsement N
lossInBusinessIncome During the last three years, has the organization suffered loss of business income as a result of unscheduled system downtime? Y
mfaAuthentication Do you enforce Multi-Factor Authentication (MFA) for all employees, contractors, and partners? Y
pastCyberIncident Had any past Cyber Incidents Y
pastCyberIncidentDetails Has the organization filed any claims due to a cyber event in last five years? If yes, attach loss detail herewith. Y
patchingFrequency How often does the organization apply updates to critical IT-systems and applications? Allowable values WEEKLY/MONTHLY/QUARTERLY/SIX_MONTHS/NEVER) Y
pendingLitigation Is there currently any pending litigation, administrative proceeding or claim against the named applicant, organization and/or any of the prospective insureds? Y
securityBreachRequiringNotification During the last three years, has the organization suffered a security breach requiring customer or third-party notification according to state or federal regulations? Y
testedFullFailover Has the organization tested a full failover of the most critical servers? N
thirdPartySecurityAgreement Do agreements with third-party service providers require levels of security commensurate with the organization’s information security standard? N
useCloudStorage Does the policyholder have sensitive information stored on the cloud? Y
useEncryption Does the policyholder encrypt all emails, mobile and computing devices containing sensitive information (e.g., PII, PHI, PCI) sent to external parties? Y

Field	Description	Required?
accountId	Policyholder's account id	Y
backupFrequency	How often does the organization perform backups of business-critical data? (Allowable values WEEKLY/MONTHLY/QUARTERLY/SIX_MONTHS/NEVER)	Y
civilOrCriminalAction	Civil or criminal action or administrative proceeding alleging violation of any federal, state, local or common law?	Y
claimHistory	Has the Organization filed any claims due to a cyber event? 0=Never, 1=within last 12 months, 2=with last 2 years, 3=within last 3 years, 4=within last 4 years, 5=within 5years or more	Y
dmzSeparation	Are all internet-accessible systems (e.g. web, email-servers) segregated from the organization’s trusted network (e.g. within a demilitarized zone (DMZ) or at a third-party service provider)?	N
incidentResponsePlan	Does the organization have an incident response plan - tested and in-effect - setting forth specific action items and responsibilities for relevant parties in the event of cyber incident or data breach matter?	Y
isAuthenticatingFundTransferRequests	Do policy holder employees authenticate funds transfer requests (e.g. by calling a customer to verify the request at a predetermined phone number)? Affirmative answer is required to be eligible for Social Engineering endorsement	T
isPreventingUnauthorizedWireTransfers	Do policy holder employees prevent unauthorized employees from initiating wire transfers? Affirmative answer is required to be eligible for Social Engineering endorsement	N
isSecurityOfficer	Does the policyholder agree to be the designated Information Security Contact?	Y
isSecurityTraining	Does policyholder provide mandatory information security training to all employees at least annually? If not, are they willing to implement it during the policy period?	Y
isVerifyingBankAccounts	Do policy holder employees verify vendor/supplier bank accounts before adding to accounts payable systems. Affirmative answer is required to be eligible for Social Engineering endorsement	N
lossInBusinessIncome	During the last three years, has the organization suffered loss of business income as a result of unscheduled system downtime?	Y
mfaAuthentication	Do you enforce Multi-Factor Authentication (MFA) for all employees, contractors, and partners?	Y
pastCyberIncident	Had any past Cyber Incidents	Y
pastCyberIncidentDetails	Has the organization filed any claims due to a cyber event in last five years? If yes, attach loss detail herewith.	Y
patchingFrequency	How often does the organization apply updates to critical IT-systems and applications? Allowable values WEEKLY/MONTHLY/QUARTERLY/SIX_MONTHS/NEVER)	Y
pendingLitigation	Is there currently any pending litigation, administrative proceeding or claim against the named applicant, organization and/or any of the prospective insureds?	Y
securityBreachRequiringNotification	During the last three years, has the organization suffered a security breach requiring customer or third-party notification according to state or federal regulations?	Y
testedFullFailover	Has the organization tested a full failover of the most critical servers?	N
thirdPartySecurityAgreement	Do agreements with third-party service providers require levels of security commensurate with the organization’s information security standard?	N
useCloudStorage	Does the policyholder have sensitive information stored on the cloud?	Y
useEncryption	Does the policyholder encrypt all emails, mobile and computing devices containing sensitive information (e.g., PII, PHI, PCI) sent to external parties?	Y

Step 3

Create a Quote

Step 4

Get Quote details (optional)

This endpoint returns information associated with the quote (premium, fees, etc.) along with a list of available cyber coverages.
Developer Tip: please introduce a minimum latency of 15 seconds before calling this endpoint.

📘
Below you will find premium breakdown:

Field How Cowbell present on the proposal
premium Premium with TRIA
tria TRIA
mgaFee Underwriting Fees
surplusLineTax Surplus Line Tax
surplusStampingFee Stamping Fee, Surcharge, etc.
totalPremium Total Amount

Field	How Cowbell present on the proposal
premium	Premium with TRIA
tria	TRIA
mgaFee	Underwriting Fees
surplusLineTax	Surplus Line Tax
surplusStampingFee	Stamping Fee, Surcharge, etc.
totalPremium	Total Amount

Please note that the response to this endpoint returns agencyDeepLinkURL field.

If account was submitted with an agent who did not exist in the Cowbell's platform, agent can use the link to create an account and proceed with binding in the portal.

Prime250

Step 1

Step 2

📘
List of security assessment questions can be found below:

Step 3

Step 4

📘
Below you will find premium breakdown:

Step 1

Step 2

📘List of security assessment questions can be found below:

Step 3

Step 4

📘Below you will find premium breakdown:

📘
List of security assessment questions can be found below:

📘
Below you will find premium breakdown: