Skip to content

Policies at IntelliBoard

At IntelliBoard, maintaining policy governance is our fundamental duty. We don't just create policies - we engineer them into every layer of our platform. From security controls to privacy protection, our policy framework is built to protect your institution's most sensitive learning analytics.

Our systems are governed by 34 internal policies, annual review cycles, and continuous enforcement. We are SOC 2 Type I compliant, with Type II attestation in progress, and our controls are under active review by independent auditors.

We are building and operating to the full requirements - because trust starts with accountability.

Our Policy Framework

We protect your data through a layered, governance-first architecture. Every component - from data ingestion to user access - is documented, controlled, and continuously monitored.

  • Public Transparency

    Our Privacy Policy and select public policies are fully accessible and updated annually to reflect current practices and regulatory requirements.

  • Comprehensive Coverage

    Over 34 internal policies cover security, privacy, compliance, and operational controls across all systems.

  • Continuous Improvement

    Annual review cycles ensure policies remain current with technology, regulations, and industry best practices.

How We Govern Through Policies

Public Policy & Transparency

We believe transparency starts with openness and public accessibility.

  • Privacy Policy: Fully public document covering data collection, use, protection, and sharing practices.
  • Data Minimization: We collect only what's necessary for service delivery and improvement.
  • User Rights: Clear processes for access, correction, deletion, and data portability.
  • International Transfers: Transparent handling of cross-border data flows and compliance.
  • AI Governance: Clear policies on automated decision-making and bias mitigation.

Our Public Policies

Our Privacy Policy, Artificial Intelligence Policy, Compliance Management Policy, and security documentation procedures are publicly available and detail our data practices, AI governance, compliance framework, and security documentation processes.

Internal Policy Framework

We maintain comprehensive internal policies that govern every aspect of our operations.

  • Security Policies: Access management, incident response, and threat detection procedures.
  • Compliance Policies: Audit schedules, control validation, and accreditation roadmaps.
  • Operational Policies: Change management, configuration control, and deployment procedures.
  • Data Policies: Retention schedules, disposal procedures, and lifecycle management.
  • Vendor Policies: Third-party risk assessment and ongoing monitoring requirements.

Policy Access & NDA

Our confidential policies are available to authorized stakeholders under NDA for audit and compliance purposes. These include detailed security, operational, and technical procedures that protect our platform's integrity.

Policy Lifecycle Management

We ensure policies remain effective through systematic review and continuous improvement.

  • Annual Reviews: All policies reviewed annually for relevance and effectiveness.
  • Regulatory Updates: Policies updated to reflect changes in laws and regulations.
  • Technology Evolution: Continuous assessment of policy alignment with platform changes.
  • Stakeholder Input: Regular feedback from internal teams and external auditors.
  • Enforcement Monitoring: Continuous validation that policies are being followed.

Transparency in Action: Our policy framework ensures every control, process, and decision is documented and accessible to authorized stakeholders.

Policies at a Glance

  • Privacy Policy

    Public document, updated annually

  • Access Management

    User roles, permissions, authentication

  • Incident Response

    Detection, triage, and resolution

  • Business Continuity

    Disaster recovery and failover

  • Data Retention

    Lifecycle and disposal procedures

  • AI Governance

    Bias mitigation and auditability

  • HECVAT Response

    Available through 🔒 formal documentation request process

Your Role in Policy Access

Policy access is a shared responsibility. While we maintain comprehensive documentation, your team can strengthen your posture by:

  • Requesting policy access for audit and compliance purposes
  • Signing our standard NDA to access confidential policy library
  • Providing feedback on policy effectiveness and relevance

For policy requests, contact us at privacy@intelliboard.net and we respond within 2 business days.

Have questions or need a copy of our policies? Contact us at privacy@intelliboard.net.