Security Documentation is scalable
It really may not seem like it when you first start as a startup company but security documentation is something that can be scaled. Can and needs to be. You’ll very quickly start to understand that filling in security documentation is one of the least enjoyable roles in any startup company. If you’re selling to enterprise customers the questionnaires can become very lengthy and very invasive. The level of this that you will need to deal with will be very dependent on the service that you provide and the data that you are collecting from your customers.
Anticipating the needs of customers
Just like the rest of the SAAS contracting process, several things can become predictable as requests from customers. The difficulty with this is that they always request these things in a slightly different way. And there is a surprisingly easy way to get around this. Early and prompt communication. Remember that the contracting process for software is a two-way street, they will request things from you and you will request things from them. During this negotiation, one side generally gets stuck with the grunt work of having their information fit into the request of the other party. One easy way to get around this is to have all of the information prepared beforehand and give this to the buyer before they ask for it. Think about documentation of your security, documentation of your data storage, and documentation of your software architecture. By handing this over before it’s even asked for you are putting the onus on the customer to fit your work into their framework rather than waiting for the framework and then having to reengineer everything to fit into this.
Does this slow down the sales process? No, if anything this puts the work that needs to be put in with the party in the negotiation that has the resources to do this work. It puts the ball in their court.