coi-insurance-compliance-tracker
by @flynndavid
Manages vendor insurance compliance through collection, validation, scoring, and remediation of certificates of insurance with alerts and action steps.
clawhub install coi-insurance-compliance-trackerπ About This Skill
COI & Insurance Compliance Tracker β Coverage Gate Matrix
Framework: Coverage Gate Matrix Price: $29 Category: Productivity / Compliance Tags: COI, insurance, compliance, vendor management, risk, certificates of insurance last_validated: 2026-03-03What This Is
The Coverage Gate Matrix is a four-phase system for managing vendor certificates of insurance (COIs) from collection through remediation. It tells you exactly what to collect, how much coverage to require, when to follow up, and what to do when a vendor falls out of compliance.
Problem it solves: Most ops teams manage COIs reactively β they chase documents after something goes wrong, or realize a vendor's coverage expired months ago. The Coverage Gate Matrix closes that gap by turning COI management into a proactive, scored system with clear triggers and actions.
Output: A complete COI compliance registry with current status for every vendor, coverage scores, expiration alerts, and documented remediation actions.
The Coverage Gate Matrix Framework
The system runs across four sequential phases:
PHASE 1: COLLECT
What to get, from whom, by when
β
PHASE 2: VALIDATE
Does coverage meet minimums? Is it current?
β
PHASE 3: SCORE
Compliance score 0-100 per vendor
β
PHASE 4: REMEDIATE
Action based on score and gap type
β
COMPLIANT β or ESCALATED β οΈ
PHASE 1: COLLECT
1.1 β What to Collect (Universal Requirements)
Every vendor, regardless of category, must provide:
1. Certificate of Insurance (ACORD 25 form) β the standard COI document 2. Additional insured endorsement naming your organization (required for all vendors with physical access or service delivery liability) 3. Primary and non-contributory endorsement (for vendors with significant liability exposure) 4. Waiver of subrogation (for construction, facilities, and high-risk service vendors)
1.2 β Coverage Minimums by Vendor Category
#### Technology / SaaS / Software Vendors | Coverage Type | Minimum Required | |--------------|-----------------| | General Liability | $1M per occurrence / $2M aggregate | | Professional Liability / E&O | $1M per occurrence | | Cyber Liability | $1M per occurrence (required if handling data) | | Workers' Compensation | Statutory limits |
#### Professional Services (Consulting, Staffing, Legal, Accounting) | Coverage Type | Minimum Required | |--------------|-----------------| | General Liability | $1M per occurrence / $2M aggregate | | Professional Liability / E&O | $2M per occurrence | | Workers' Compensation | Statutory limits | | Umbrella / Excess Liability | $2M (for spend >$100K) |
#### Facilities / Construction / Contractors | Coverage Type | Minimum Required | |--------------|-----------------| | General Liability | $2M per occurrence / $4M aggregate | | Workers' Compensation | Statutory limits | | Employer's Liability | $500K per accident | | Auto Liability | $1M combined single limit | | Umbrella / Excess Liability | $5M (for projects >$500K) | | Builder's Risk / Installation Floater | Project value (for construction) |
#### Logistics / Shipping / Transportation | Coverage Type | Minimum Required | |--------------|-----------------| | General Liability | $1M per occurrence | | Auto Liability | $1M per occurrence | | Cargo Insurance | $500K per shipment (adjust to actual shipment value) | | Workers' Compensation | Statutory limits |
#### Marketing / Creative / Events | Coverage Type | Minimum Required | |--------------|-----------------| | General Liability | $1M per occurrence / $2M aggregate | | Professional Liability | $1M per occurrence | | Media Liability | $1M (for agencies managing public content) | | Workers' Compensation | Statutory limits (if they have employees) |
#### Low-Risk Vendors (Pure SaaS, subscriptions, no on-site work) | Coverage Type | Minimum Required | |--------------|-----------------| | General Liability | $500K per occurrence | | Professional Liability | $500K per occurrence | | Cyber Liability | $500K (if any data processed) |
1.3 β Additional Insured Requirements
Your organization name on the COI must be exact. Confirm the COI reads:
> "[Your Legal Entity Name], its officers, directors, employees, and agents are included as additional insured"
If the name is wrong, request a corrected certificate before accepting.
1.4 β Collection Cadence
| Trigger | Action | |---------|--------| | New vendor onboarding | Request COI at Gate 2 (before activation) | | Annual renewal (for active vendors) | Request 60 days before current COI expires | | Policy renewal noticed | Request updated COI within 5 business days | | Vendor adds new service type | Request updated COI reflecting new scope | | After a claim or incident | Request updated COI confirming coverage remains active |
PHASE 2: VALIDATE
2.1 β COI Validation Checklist
When a COI is received, run this 10-point validation:
Identity Verification
Coverage Verification
Endorsements
2.2 β Common COI Red Flags
Flag any COI that shows:
| Red Flag | Action | |----------|--------| | Expiration within 30 days | Request renewal immediately β activate Phase 4 | | Limits below category minimum | Vendor must increase coverage β hold or conditional approval | | Insurer not admitted in your state | Confirm surplus lines filing or reject | | Additional insured not correctly named | Request corrected certificate | | Coverage type missing | Vendor must add coverage before activation | | Dates don't match policy period | Verify with insurer or request binder | | Certificate holder blank or wrong | Request corrected certificate | | "Sample" or "for information only" stamp | Reject β request actual current certificate |
2.3 β Verification Best Practices
For high-value vendors (>$100K annual spend) or high-risk categories:
PHASE 3: SCORE
3.1 β Vendor Compliance Score (0-100)
Score each vendor across five dimensions. Update scores quarterly and whenever a new COI is received.
#### Scoring Dimensions
Dimension 1: Coverage Completeness (25 points)
Dimension 2: Coverage Adequacy (25 points)
Dimension 3: Policy Currency (20 points)
Dimension 4: Documentation Quality (15 points)
Dimension 5: Response Compliance (15 points)
#### Score Calculation
Total Score = D1 + D2 + D3 + D4 + D5
Max possible: 100 points
3.2 β Compliance Tier Classification
| Score Range | Tier | Status | |-------------|------|--------| | 85-100 | π’ Green β Compliant | No action required | | 70-84 | π‘ Yellow β Attention | Minor gaps, monitor closely | | 50-69 | π Orange β At Risk | Active remediation required | | Below 50 | π΄ Red β Non-Compliant | Work pause or hold recommended |
PHASE 4: REMEDIATE
4.1 β Remediation Actions by Tier
π’ Green (85-100): No Action
π‘ Yellow (70-84): Monitor & Notify
π Orange (50-69): Active Remediation
π΄ Red (Below 50): Non-Compliant Hold
4.2 β Communication Templates
#### Template A β Gap Notice (Yellow Tier)
Subject: Action Required: Insurance Certificate Update β [Vendor Name]Hi [Contact Name],
During our routine review of your insurance documentation, we identified the following items that require your attention:
GAPS IDENTIFIED:
[ ] [Specific gap 1 β e.g., "Professional liability limit is $500K; our minimum is $1M"]
[ ] [Specific gap 2]
Please provide updated documentation addressing these items by [DATE β 30 days].
If you've already renewed or updated your coverage, please send the new certificate to [email].
Questions? Contact [Your Name] at [email/phone].
[Your Name]
[Your Company] Operations
#### Template B β Remediation Required (Orange Tier)
Subject: IMPORTANT: Insurance Compliance Issue β [Vendor Name] β Action Required by [DATE]Hi [Contact Name],
Our compliance review has identified significant gaps in your current insurance documentation that require immediate attention.
ISSUES REQUIRING RESOLUTION:
1. [Issue β e.g., "General liability aggregate limit ($1M) is below our $2M minimum"]
2. [Issue]
3. [Issue]
We need updated certificates of insurance addressing all items above by [DATE β 15 business days].
IMPORTANT: Until these items are resolved, we may need to place a hold on new purchase orders. Our goal is to work through this quickly so there's no disruption to our relationship.
Please contact us immediately to discuss a resolution timeline.
[Your Name]
[Your Company] Operations | [phone]
#### Template C β Non-Compliance Notice (Red Tier)
Subject: URGENT: Insurance Non-Compliance β [Vendor Name] β Immediate Action RequiredHi [Contact Name] and [Senior Contact at Vendor],
[Vendor Name]'s insurance coverage has fallen into non-compliance with our vendor requirements. We need to resolve this immediately.
NON-COMPLIANCE ISSUES:
1. [Issue β e.g., "General liability coverage expired [DATE]"]
2. [Issue]
REQUIRED ACTIONS:
1. Confirm in writing within 24 hours whether coverage is being reinstated
2. Provide updated certificates within 10 business days
IMPACT: We have placed a hold on new purchase orders pending resolution. [For high-risk categories: We also need to pause work in [specific area] until coverage is confirmed.]
We value our relationship with [Vendor Name] and want to resolve this quickly. Please contact me directly.
[Your Name], [Title]
[Your Company] | [direct phone]
CC: [Internal vendor owner], [Finance/Legal if applicable]
4.3 β Escalation Ladder
If vendor does not respond within defined timelines:
| Day | Action | |----|--------| | Day 1 | Send appropriate template (A, B, or C) | | Day 5 | If no response: send follow-up to same contact + CC vendor's senior contact | | Day 10 | If still no response: internal escalation to your manager + legal review | | Day 15 | If still no response: formal non-compliance notice with contract language cite | | Day 20 | Contract review β consider cure notice or termination for cause language |
COI Registry Setup
Required Fields in Your COI Tracker
Maintain these fields for each vendor COI:
| Field | Notes | |-------|-------| | Vendor ID | Links to vendor master | | Vendor Name | Legal entity | | COI Document # | Track multiple versions | | Date Received | | | Policy Period Start | | | Policy Period End | Sort by this for expiration management | | Insurer Name | | | Insurer AM Best Rating | A- or better recommended | | GL Per Occurrence | | | GL Aggregate | | | Professional Liability | | | Cyber Liability | | | Workers Comp | Y/N + statutory | | Auto Liability | If applicable | | Additional Insured | Y/N + correct name confirmed | | Waiver of Subrogation | Y/N | | Current Compliance Score | 0-100 | | Compliance Tier | Green/Yellow/Orange/Red | | Last Review Date | | | Next Review Date | 90 days out or at expiration | | Gaps Identified | Free text | | Remediation Status | Open/In Progress/Resolved |
Alert Calendar Setup
Create these calendar alerts for every COI:
Expected Outputs
After implementing Coverage Gate Matrix, you will have: 1. β A complete COI registry with current status for every vendor 2. β Standardized coverage minimums by vendor category 3. β Compliance scores for every vendor (0-100) 4. β Automated alerts for upcoming expirations 5. β Documented remediation actions for any non-compliant vendors 6. β A 30-day improvement plan for vendors in Orange/Red tiers 7. β Audit trail for all compliance reviews and communications
Time savings (typical): 2-4 hours/week for a team managing 20+ vendors. Hours increase at scale β the system doesn't.
*Coverage Gate Matrix β Part of the Vendor & Compliance Operations Pack by Remy Claw* *More at remyclaw.com | @Remy_Claw on X*