Security Policy Framework for a B2B SaaS Platform
Contact principal
Portails
-
Toronto, Ontario, Canada
Portée du projet
Catégories
Risque, audit et conformité Sécurité (cybersécurité et sécurité informatique)Compétences
general data protection regulation (gdpr) security policies full stack development training and development data retention business to business access controls operations procurement software as a service (saas)This project focuses on developing foundational security policies to support a growing B2B SaaS platform. As the platform prepares for broader enterprise adoption, formalizing its security posture is essential. Students will create policy documentation aligned with best practices and relevant industry standards such as SOC 2 and GDPR.
The goal is to provide clear, usable security policies that reflect the company’s operations and data handling practices, laying the groundwork for future compliance initiatives. While this is a business-driven project, the focus for students will remain on the technical research, writing, and development of policies, not on broader business analysis or messaging.
Project Goals
- Research and review existing security policies aligned to SOC 2 and GDPR best practices
- Tailor policies to the current and near-future needs of a SaaS product
- Recommend prioritized next steps based on identified gaps or risks
Key Deliverables
- Security Policy Drafts (3–4 policies selected based on relevance and scope), such as:
- Access control
- Data retention and deletion
- Acceptable use (internal and third-party access)
- Vendor risk management
- Brief Summary of Recommendations
- Outline of next steps to support audit readiness and implementation
Support Available
- Weekly check-ins with a single point of contact
- Access to a senior developer for questions about system architecture
- Business team available to clarify operational context as needed
We are a corporate training company and ensure that all collaborations, including with student teams, provide meaningful development opportunities. You will be supported in applying your technical knowledge to real-world challenges and will receive guidance from both technical and business leaders throughout the engagement.
Fournir des connaissances spécialisées et approfondies et l'industrie générale des idées pour une compréhension globale.
Partager des connaissances sur des compétences techniques spécifiques, des techniques, méthodologies requises pour le projet.
Implication directe dans les tâches du projet, en offrant des conseils et démonstration de techniques.
Donner accès aux outils, logiciels et ressources nécessaires pour la réalisation du projet.
Enregistrements programmés pour discuter des progrès, relever les défis et fournir des commentaires.
Causes prises en charge
Les défis mondiaux auxquels ce projet s'attaque, en accord avec les objectifs de développement durable (ODD) des Nations unies. En savoir plus sur les 17 ODD ici.
À propos de l'entreprise
Beyond the Sky Custom Learning is at the forefront of AI-driven eLearning, revolutionizing corporate training with cutting-edge training powered by artificial intelligence. Our digital and tech-enabled learning solutions blend immersive storytelling with adaptive AI, ensuring learners gain practical, real-world skills that stick. As pioneers in AI for Learning & Development, we share our expertise on global stages, shaping the future of training through thought leadership. Whether it's IT systems, internal processes, product education, or sales enablement, we design customized programs that drive measurable change by combining AI innovation with proven behavioral science.
Contact principal
Portails
-
Toronto, Ontario, Canada