Norvet MSP — Operating Toolkit
The operating templates we sign every Norvet customer onto
Twelve battle-tested contracts, policies, and plans the Norvet MSP team uses to run a Georgia service business — master services agreement, contractor agreements, Georgia lien waivers, infosec policy, BCP/DR, incident response, anti-bribery, and a digital-transformation roadmap. Free three-template starter, or the full pack for $49.
Built for service businesses
Drafted by an operating MSP / cabling shop — not a generic legal-forms vendor. The MSA includes the security-services carve-out you actually want; the contractor agreement bakes in pay-when-paid and non-circumvention; the BCP names the systems an IT-services business runs on.
Georgia-jurisdiction tested
The lien waivers are the statutory O.C.G.A. § 44-14-366 form Georgia GCs require — not a generic stand-in. Master agreement, contractor agreement, and code-of-conduct templates default to Georgia governing law and Fulton County venue (swap to your county on first use).
Attorney-review-ready starting points
These are 90%-there drafts, not legal advice. Each template carries an attorney-review notice at the top calling out the load-bearing clauses to flag for your counsel. One review on first use, then re-use on every subsequent engagement.
Free Starter Pack
Free
Three starter templates — risk self-assessment plus two universal policies — emailed instantly when you enter your address.
IT Risk Self-Assessment Checklist
15-minute self-scored checklist covering access, endpoints, backups, training, and incident response. Find your gaps before someone else does.
Acceptable Use Policy
General workplace AUP — covers technology, communication, social media, and confidentiality. Drop-in starting point for any business.
Code of Conduct & Ethics Policy
Ethics, conflicts of interest, anti-bribery, fair dealing, reporting channels. Satisfies the ethics-policy requirement for most federal RFPs.
Full Operating Toolkit
$49
Twelve operating templates spanning client contracts, contractor agreements, cybersecurity policies, business continuity, and federal-RFP compliance.
- Management Services Agreement — Master services agreement for ongoing managed-services engagements — scope, fees, security carve-outs, termination, indemnity.
- Exclusive Contractor Agreement — Subcontractor agreement with pay-when-paid, exclusivity, and non-circumvention — built for scale-out without W-2 payroll.
- Georgia Lien Waivers (Interim + Final) — Statutory O.C.G.A. § 44-14-366 interim and unconditional waivers — the exact form Georgia commercial GCs require before they cut a progress check.
- Information Security Policy — Workforce-facing infosec policy covering data classification, access control, encryption, vendor risk, and incident response.
- IT Acceptable Use Policy — Technology-specific AUP: endpoint use, email/internet, BYOD, software installation, monitoring, and consequences for violations.
- Data Breach Response & Notification Policy — Breach-response policy with notification timelines, regulator contacts, evidence preservation, and post-incident review obligations.
- Incident Response Plan — Operational IR plan — phases (detect, contain, eradicate, recover), roles, escalation, communications, tabletop guidance.
- Business Continuity Plan — BIA-driven continuity plan with RTO/RPO targets, communications matrix, alternate-site procedures, recovery-team responsibilities.
- Disaster Recovery Plan — Technical DR plan complementing the BCP — system inventory, restore priorities, runbooks, recovery-validation testing cadence.
- Cybersecurity Implementation Plan — Layered controls roadmap (identify/protect/detect/respond/recover) with prioritization, owners, and a 12-month implementation calendar.
- Anti-Bribery & Anti-Corruption Policy — FCPA/UK Bribery Act-aligned policy with gift/hospitality thresholds, third-party diligence, and books-and-records controls. Aligns with FAR 52.203-13 for federal contracts.
- Digital Transformation Roadmap — Consulting-grade roadmap deliverable — assessment template, gap analysis, phased initiatives with budgets, KPIs, change-management plan.
One-time payment. Instant download. 7-day refund — email support@norvetmsp.com if it does not fit your business.
Frequently asked
- Have these been reviewed by counsel?
- These are starting templates — not legally reviewed instruments and not legal advice. Every template carries an attorney-review notice at the top calling out the clauses your counsel should focus on. Have a Georgia attorney review on first use, then re-use the same form on every subsequent engagement.
- Can I edit them?
- Yes. They are plain Markdown — open them in any editor, search-and-replace the bracketed placeholders ([CLIENT_NAME], [EFFECTIVE_DATE], etc.), and tailor the scope, fees, and carve-outs to each engagement. Convert to .docx or PDF with pandoc, Word, or Google Docs.
- What if I am not in Georgia?
- Most templates port cleanly to any U.S. state — swap the governing-law and venue clauses, and have your local counsel double-check state-specific items (especially the lien waivers, which are GA-statutory). The MSA, contractor agreement, and policies are jurisdiction-neutral aside from the governing-law section.
- Refund policy?
- Email support@norvetmsp.com within 7 days of purchase if the pack does not fit your business — we will refund in full, no questions asked. Real businesses come in different shapes; we would rather a refund than a frustrated buyer.
- Who is behind this?
- Norvet MSP — a Georgia structured-cabling and managed-services business operated by Lumpkin Rivers Holdings LLC. We sign every customer onto a version of the Management Services Agreement in this pack and run our own subcontractors on the Exclusive Contractor Agreement; these are the artifacts we use to operate, not promotional fluff.
Want Norvet to run all this for you?
The toolkit is the starting point. If you would rather have a Georgia MSP sign the agreements, monitor the controls, and run the incident-response retainer — talk to us.