Security Policy Framework for a B2B SaaS Platform
Main contact

Portals
-
Toronto, Ontario, Canada
Project scope
Categories
Risk, audit and compliance Security (cybersecurity and IT security)Skills
general data protection regulation (gdpr) security policies full stack development training and development data retention business to business access controls operations procurement software as a service (saas)This project focuses on developing foundational security policies to support a growing B2B SaaS platform that delivers leadership development. As the platform prepares for broader enterprise adoption, formalizing its security posture is essential. Students will create policy documentation aligned with best practices and relevant industry standards such as SOC 2 and GDPR.
The goal is to provide clear, usable security policies that reflect the company’s operations and data handling practices, laying the groundwork for future compliance initiatives. While this is a business-driven project, the focus for students will remain on the technical research, writing, and development of policies, not on broader business analysis or messaging.
Project Goals
- Research and draft security policies aligned to SOC 2 and GDPR best practices
- Tailor policies to the current and near-future needs of a SaaS product
- Recommend prioritized next steps based on identified gaps or risks
Key Deliverables
- Security Policy Drafts (3–4 policies selected based on relevance and scope), such as:
- Access control
- Data retention and deletion
- Acceptable use (internal and third-party access)
- Vendor risk management
- Brief Summary of Recommendations
- Outline of next steps to support audit readiness and implementation
Support Available
- Weekly check-ins with a single point of contact
- Access to a senior developer for questions about system architecture
- Business team available to clarify operational context as needed
We are a corporate training company and ensure that all collaborations, including with student teams, provide meaningful development opportunities. You will be supported in applying your technical knowledge to real-world challenges and will receive guidance from both technical and business leaders throughout the engagement.
Providing specialized, in-depth knowledge and general industry insights for a comprehensive understanding.
Sharing knowledge in specific technical skills, techniques, methodologies required for the project.
Direct involvement in project tasks, offering guidance, and demonstrating techniques.
Providing access to necessary tools, software, and resources required for project completion.
Scheduled check-ins to discuss progress, address challenges, and provide feedback.
Supported causes
The global challenges this project addresses, aligning with the United Nations Sustainable Development Goals (SDGs). Learn more about all 17 SDGs here.
About the company
Beyond the Sky Custom Learning is at the forefront of AI-driven eLearning, revolutionizing corporate training with cutting-edge training powered by artificial intelligence. Our digital and tech-enabled learning solutions blend immersive storytelling with adaptive AI, ensuring learners gain practical, real-world skills that stick. As pioneers in AI for Learning & Development, we share our expertise on global stages, shaping the future of training through thought leadership. Whether it's IT systems, internal processes, product education, or sales enablement, we design customized programs that drive measurable change by combining AI innovation with proven behavioral science.
Main contact

Portals
-
Toronto, Ontario, Canada