CPM AI, Inc. Trust Center
CPM AI, Inc. is committed to protecting the confidentiality, integrity, and availability of its systems and data. The company operates a cloud-native platform using managed infrastructure and relies on inherited security controls from trusted service providers. CPM AI, Inc. maintains documented security policies, performs regular risk assessments, and follows defined processes for access control, incident response, and vendor security management. The company processes limited personal data, primarily business contact information such as email addresses, and applies the principle of least privilege.
Compliance
Resources
Baseline Hardening Policy
Vendor Management Policy
Incident Response Policy
Data Classification Policy
Board of Directors Charter
Controls
Access control procedures
VPN access
Multifactor authentication
Access review of infrastructure
User list with assigned roles and privileges
Encryption of data
Backup and recovery policy
Source code tool
Outsourced Development Management
Sample code changes
Web application firewall
Vulnerability scanning
Intrusion detection tool
Infrastructure firewall
Infrastructure baseline hardening policy
Monitoring tool
Network diagram
Alerts and remediation
Security incident list
Breach notification communication
Whistleblower policy
Log management tool
Vendor management program
Vendor termination
Vendor list
Vendor onboarding
New employee and contractor agreements
Employee handbook
List of active employees & contractors as on date
List of newly hired employees & contractors
Customer onboarding
Multi-availability zones
Asset register maintaining
Risk and Governance Executive Committee meeting minutes
Risk management program
Information security policies and procedures
Asset register list
Patch management
Antivirus and malware configurations
Customer support issues resolved