Statement of Work (SOW) — ORB Standard (Template)
Objective
Provide a time-boxed baseline of operational resilience, including at least one restore verification test, and deliver a prioritized 30/60/90 plan.
Timeline
10 business days from receipt of required access.
Scope
- Discovery + intake + stakeholder calls
- Review: identity/access, email/collab, endpoint baseline (as available), SaaS posture
- Backup coverage review + one restore verification test (agreed scope)
- Deliverables:
- Exec Summary (PDF)
- Risk Register (Spreadsheet)
- 30/60/90 Plan (Spreadsheet)
- Maturity Scorecard
- Restore Runbook
Included quick wins (optional)
Up to 4 hours total of safe, reversible quick wins (by mutual agreement). Anything beyond this is scoped separately.
Out of scope
- Pen testing/red teaming
- Full compliance audit (SOC 2/HIPAA/PCI)
- Large remediation/migrations
Client responsibilities
- Provide a POC
- Provide requested access in a timely manner
- Attend calls (kickoff, mid-check, readout)
Fees
Fixed fee: $
Payment terms: 50% to start, 50% at delivery
Confidentiality
(Reference your MSA/NDA language.)
Signatures: