Earlier this month we soft-launched Peace Country Cyber. Alongside the launch, we've been publishing free resources for Canadian SMB owners preparing for cyber-insurance renewal in 2026. Today the most-requested of those resources goes live: a 30-item compliance checklist.
You can take it (or download it) at peacecountrycyber.ca/checklist.
What it covers
The checklist maps to the structure of standard 2026 Canadian cyber-insurance questionnaires. It covers nine control categories:
- Identity and access (5 items)
- Endpoint protection (3 items)
- Backup and recovery (4 items)
- Patching and vulnerability management (3 items)
- Email and web security (3 items)
- Awareness and training (3 items)
- Incident response (3 items)
- Asset and vendor management (3 items)
- Network and infrastructure (3 items)
Thirty items total. Each is answered Yes / Partial / No. The scoring tier is determined by your number of Yes answers. Tiers range from Insurance-Ready (27-30 Yes) through Critical-Risk (0-13 Yes).
Who it's for
The checklist is aimed at the business owner who:
- Has cyber-insurance currently or is being asked about getting it
- Wants a quick, structured self-assessment that does not require a consultant
- Is preparing for an upcoming renewal and wants to know what to expect
- Has a vague sense of "we're probably underinsured" and wants to confirm before the conversation gets expensive
It is not a substitute for a formal cybersecurity assessment, a penetration test, or legal advice about your specific policy. It is a starting point — a way to have a structured internal conversation about what you have, what you don't, and which gaps matter most.
What we hope you do with it
Three options, in increasing order of action:
Take it for yourself. Twenty minutes. You'll know roughly where you stand. That alone is usually enough to motivate a productive conversation with your IT person or your broker.
Share it within your organization. Most owners we've worked with hand the checklist to their bookkeeper or their IT contractor and ask them to fill it in. The conversation about why a certain item is Partial or No is often more valuable than the score itself.
Bring it to your broker. If you're renewing soon, taking a completed checklist into a renewal meeting gives the broker a concrete starting point for the conversation — including specific items you've addressed since last year, and specific items you're planning to address before the next renewal.
Why it's free
A reasonable question. We've published this content because we believe rural Canadian SMB owners deserve access to the same quality of cybersecurity guidance that large urban businesses pay consultants for. Plenty of guidance exists; most of it is either generic and useless or specific and wildly expensive. The checklist is our attempt at the middle ground: specific to your situation, free to access, and direct enough to be useful.
If you take the checklist and discover you have material gaps, our Cyber Insurance Readiness Assessment ($2,500 fixed-fee, ~2 weeks) is the formal version — a written report mapped to your carrier's actual questionnaire, with a prioritized remediation roadmap and cost estimate. About 70% of the businesses who do the assessment go on to engage us for ongoing managed services. The rest take the report to their existing provider and use it as the conversation starter.
Either outcome is fine with us. The point is that the conversation happens before renewal, not during.
Where to find it
The checklist lives at peacecountrycyber.ca/checklist. You can take it inline in your browser, or print it / save it as a PDF for offline use. You can also email us for a branded PDF copy at hello@peacecountrycyber.ca.
If you find it useful, share it. If you find it inaccurate or unclear, tell us — we update it as carrier questionnaires evolve.
Peace Country Cyber Inc. — northern Alberta's local cybersecurity partner. peacecountrycyber.ca