Skip to content

Compliance Program Overview

Classification: CONFIDENTIAL — Internal Use Only

GPUS-IT maintains a formal compliance program aligned to CIS Controls v8 and PCI DSS via the NIST framework. This section contains the compliance overview and all policy documents.

Compliance Status

Framework Status Last Reviewed
CIS Controls v8 100% 2026-03-13
PCI DSS (NIST framework) IMPLEMENTED 2026-03-13
NIST SP 800-53 MAPPED 2026-03-13

Policy Documents

Policy Purpose
Acceptable Use Policy Defines authorized use of GPUS-IT systems
Data Classification Policy Data handling tiers and controls
Access Control Policy Account provisioning and privilege management
Incident Response Policy IR obligations and escalation
Backup & Recovery Policy Backup requirements and retention

Compliance Testing Schedule

Test Frequency Owner
CIS Compliance check Monthly Security Ops
AIDE integrity check Daily (automated) All servers
Backup verification Weekly Backup Admin
DR drill Annually IT Manager
Policy review Annually IT Manager

Compliance · v1.1 · 2026-03-14 · GPUS-IT · Classification: CONFIDENTIAL — Internal Use Only