The monthly readiness report
Every Readiness Desk client receives this report by the fifth business day of each month. It answers three questions: what changed, what's coming due, and what needs a decision.
The sample below is illustrative and redacted. It shows the structure and level of detail — not a real client.
Monthly Readiness Report — Sample
1. Summary
The evidence room is current. One security questionnaire was received and returned this month. Two items need attention before April: the cyber liability policy renews in 41 days, and the access-review evidence for Q1 has not yet been provided by .
2. What changed this month
- Returned security questionnaire (118 questions) in 6 business days; approved answer library updated with 9 new entries.
- Incident response policy annual review completed; v3.1 approved by and filed.
- Certificate of insurance for obtained and added to the evidence room.
3. Upcoming deadlines
| Item | Due | Window | Status |
|---|---|---|---|
| Cyber liability renewal | May 12 | T-60 → T-30 | Broker engaged; application 70% complete |
| SOC 2 Type II period end | Jun 30 | T-90 | Evidence collection on schedule |
| BAA renewal — | Jul 15 | Tracked | No action needed yet |
4. Open requests
- Diligence request from — evidence package assembled, awaiting client approval to release.
5. Needs your attention
- Q1 access-review evidence outstanding — owner: . Second reminder sent Mar 24. If not received by Apr 10, this becomes a gap in the SOC 2 evidence period.
- Cyber application needs two underwriter questions answered by your IT vendor — call scheduled Apr 2.
This is the artifact your board, your buyer, or your insurer can be shown at any time. If a report like this would have saved you a scramble in the last twelve months, the desk pays for itself.