Build an Evidence Library That Wins MSP Deals | Assurix

An evidence library turns security claims into verifiable proof. The complete playbook for MSPs who want to win deals on evidence, not promises.

An evidence library is a single, current, organised set of proof that backs every claim your MSP makes in a sales conversation. It is the difference between saying "we take security seriously" and showing a dated report that proves it. MSPs that have one win more competitive deals because the buyer can verify the promise instead of taking it on faith.

This playbook covers what goes in the library, how to structure it so it works in a live deal, how often to refresh it, and how to use it without burying the prospect in paper.

Why does an MSP need an evidence library now?

Because the buyer changed. According to Kaseya's 2026 State of the MSP report, which surveyed 1,061 MSPs in November 2025, 71% of MSPs say acquiring new customers is their single biggest business issue, ahead of cybersecurity, revenue and profitability. The same report found the share of MSPs struggling to demonstrate value to clients nearly doubled year over year, from 10% to 19%. Kaseya's own summary line is blunt: winning new business now depends on proving value, not just offering more services.

Every MSP says they are responsive, secure and ahead of problems. The prospect has heard it from the last three providers who pitched them. Evidence is what separates you from the script.

What goes in an evidence library?

Six categories. Each one answers a question a serious buyer actually asks.

How do you structure it so it works in a live deal?

The library fails the moment a salesperson has to dig for the right artefact while a prospect waits. Structure it by the question, not by the file type.

Evidence typeBuyer question it answersRefresh cadence
Security posture report"How do I know you are actually secure?"Monthly
Independent trustmark status"Who else verifies this?"Continuous, re-checked at least annually
SLA and ticket performance"Will you actually respond?"Quarterly
Anonymised outcomes"Has this worked for someone like me?"Per case, reviewed quarterly
Process runbooks"What happens when something breaks?"Reviewed twice a year
Named references"Can I speak to a real client?"Confirm consent every 6 months

Mapping every claim to a current artefact and keeping it fresh is the exact job the Assurix platform does. It pulls live evidence from your PSA, RMM and security tools and turns it into an independently verified status. If you would rather not maintain the library by hand, that is what Assurix is built to do.

How often should evidence be refreshed?

Stale evidence is worse than none. A backup test result from fourteen months ago tells a buyer your reporting is not alive, which is the opposite of the point. The rule: anything you would put in front of a prospect must be dated within the cadence in the table above. If it is older, it does not go in the deck.

This is where most libraries die. Someone builds a beautiful one in Q1, nobody owns the refresh, and by Q3 the sales team has quietly gone back to talking instead of showing.

What does a good evidence artefact actually look like?

A weak artefact says "we keep backups for all clients." A strong one is a one-page report dated this month showing each protected system, the last successful restore test, the date it was verified, and an independent source named alongside your own. The buyer does not need to follow the technical detail. They need to see that it is current and that someone other than you stands behind it.

Apply the same standard to every category. "We respond quickly" is a claim. A 12-month chart of first-response times against SLA, with the two months you missed and what you changed, is evidence. The second one wins trust precisely because it admits the misses.

How do you handle a prospect who asks for proof you do not have?

Do not bluff and do not promise a document you cannot produce. Say what you measure, show the nearest current artefact, and commit to a date for the specific one they asked for. A provider who says "I do not have that to hand, I will send it to you verified by Friday" and then does it beats one who waves a vague slide and hopes the question passes. Buyers are testing whether your proof is real or theatre, and the honest answer scores higher than the slick one.

What are the common mistakes when building one?

WHAT TO DO THIS WEEK

Audit your current sales materials against the six categories above. Count how many items are claims you wrote versus evidence a buyer could independently check. If the ratio is mostly claims, that is your first sprint.

PROOF GAP SCORECARD

Find out how strong your evidence actually is. The Proof Gap Scorecard takes about 3 minutes and scores how well you can back your sales claims with current proof.

Take the Proof Gap Scorecard

Build the library, map every claim to a current artefact, give the refresh an owner, and let an independent standard carry the verification you cannot do for yourself. That is what Assurix is for.

Related reading