Compliance at IntelliBoard¶

At IntelliBoard, maintaining compliance is our fundamental duty. We don't just meet compliance standards - we engineer them into every layer of our platform. From ISO 27001 to SOC 2, our compliance model is built to protect your institution's most sensitive learning analytics.

Our systems are aligned with ISO 27001, NIST 800-53, and FedRAMP Moderate controls. We are SOC 2 Type I compliant, with Type II attestation in progress, and our controls are under active review by independent auditors.

We are building and operating to the full requirements - because trust starts with accountability.

Our Compliance Framework¶

We protect your data through a layered, compliance-first architecture. Every component - from data ingestion to user access - is validated, audited, and continuously monitored.

How We Ensure Compliance¶

Standards & Certification Management¶

We maintain rigorous compliance through systematic validation and independent verification.

• ISO 27001:2022: Our security management system covers risk assessment and control implementation.
• SOC 2 Type II: Annual audits verify security, availability, and processing integrity controls.
• FedRAMP Moderate: Our cloud infrastructure meets federal standards for government institutions.
• NIST 800-53: We protect controlled unclassified information through comprehensive controls.
• Regulatory Alignment: Our practices meet global standards including GDPR, FERPA, and CCPA.
• Accessibility Standards: We maintain WCAG 2.2 AA compliance with VPAT available for review.

Audit & Validation Process¶

We maintain continuous compliance through regular audits and independent verification.

• Annual External Audits: Third-party auditors verify our control effectiveness annually.
• Quarterly Internal Reviews: Our compliance team conducts regular assessments.
• Real-Time Monitoring: Continuous compliance monitoring ensures standards are maintained.
• Evidence Management: All audit evidence is available under NDA for client review.
• Control Mapping: Detailed mappings show how we meet each standard requirement.

Vendor & Third-Party Oversight¶

We ensure compliance extends throughout our entire ecosystem.

• Vendor Vetting: All vendors are assessed for security and compliance capabilities.
• Contract Requirements: Data protection clauses and audit rights are standard.
• Ongoing Monitoring: Continuous assessment ensures continued adherence.
• Risk Assessment: Regular evaluation of third-party compliance risks.

Compliance at a Glance¶

Your Role in Compliance¶

Compliance is a shared responsibility. While we maintain the platform's compliance, your team can strengthen your posture by:

• Reviewing our policies and audit evidence (available under NDA)
• Configuring role-based access in your LMS and SIS
• Reporting compliance concerns to privacy@intelliboard.net

For auditor support, contact us to request evidence packages, control mappings, or executive summaries.