Fenn Agritech is a fictional UK-based B2B agritech SaaS company built as an independent portfolio project to demonstrate end-to-end Governance, Risk, and Compliance capability.
This folder contains a set of GRC artifacts modeled on what a real Series B SaaS company would maintain.
All deliverables are original work. Fenn Agritech is not based on any real organization. Third-party vendor names referenced are real companies, but no affiliations, partnerships, or endorsements exist or are implied.
Live site: fenn.wichman.io
company-brief.md- Company overview and context for all other deliverablessub-processor-list.md- Public sub-processor disclosure required under UK GDPR Article 28access-control-policy.md- How access to Fenn systems and data is granted, managed, and revokedinformation-security-policy.md- Top-level policy establishing Fenn's information security management system
New documents are published here as they are completed. The live site lists all documents, including those in development.
build-log.md records the decisions behind each artifact.
These artifacts are written to mirror how GRC documentation gets built and maintained inside real B2B SaaS companies. Each deliverable explains the scenario, assumptions, constraints, and decisions behind the work, not just the final artifact.
Built by Drea Wichman as part of an independent cybersecurity portfolio.