Sample Deliverable

The monthly readiness report

Every Readiness Desk client receives this report by the fifth business day of each month. It answers three questions: what changed, what's coming due, and what needs a decision.

The sample below is illustrative and redacted. It shows the structure and level of detail — not a real client.

Monthly Readiness Report — Sample

Client: Period: March 2026Status: Ready, 2 items need attention

1. Summary

The evidence room is current. One security questionnaire was received and returned this month. Two items need attention before April: the cyber liability policy renews in 41 days, and the access-review evidence for Q1 has not yet been provided by .

2. What changed this month

  • Returned security questionnaire (118 questions) in 6 business days; approved answer library updated with 9 new entries.
  • Incident response policy annual review completed; v3.1 approved by and filed.
  • Certificate of insurance for obtained and added to the evidence room.

3. Upcoming deadlines

ItemDueWindowStatus
Cyber liability renewalMay 12T-60 → T-30Broker engaged; application 70% complete
SOC 2 Type II period endJun 30T-90Evidence collection on schedule
BAA renewal — Jul 15TrackedNo action needed yet

4. Open requests

  • Diligence request from — evidence package assembled, awaiting client approval to release.

5. Needs your attention

  • Q1 access-review evidence outstanding — owner: . Second reminder sent Mar 24. If not received by Apr 10, this becomes a gap in the SOC 2 evidence period.
  • Cyber application needs two underwriter questions answered by your IT vendor — call scheduled Apr 2.

This is the artifact your board, your buyer, or your insurer can be shown at any time. If a report like this would have saved you a scramble in the last twelve months, the desk pays for itself.