Technology
IT infrastructure, software management and system optimization.
1009 LTD is a simulated small and medium-sized enterprise specializing in IT services and digital infrastructure management. This library publishes the complete internal policy baseline and anchors the companion LLM Gap Analysis research framework.
A small and medium-sized enterprise focused on IT infrastructure management, system monitoring, asset management and business continuity planning. 1009 LTD operates under a simulated Crypto-Asset Service Provider profile and applies structured policies, incident response and backup controls.
The workforce is structured into four operating divisions. The remaining four roles are held by executive and governance functions.
IT infrastructure, software management and system optimization.
Daily business functions, client support and service continuity.
Security policies, data protection, risk and compliance.
Brand communication, customer engagement and positioning.
The original company profile and twelve security policies remain available as dedicated web pages and downloadable Markdown source files.
The F00–F12 series extends the core IT baseline with CASP governance, safeguarding, conduct, DORA resilience, ICT third-party risk, incident reporting, AML/CFT and prudential controls.
| Document | MiCA | DORA | TFR / AML | Conduct |
|---|---|---|---|---|
| F01 Governance & Senior Management Accountability | ● | ● | · | ● |
| F02 Crypto-Asset Safeguarding & Custody | ● | · | · | ● |
| F03 Client Funds Safeguarding | ● | · | · | ● |
| F04 Conflict of Interest Management | ● | · | · | ● |
| F05 Complaints Handling | ● | · | · | ● |
| F06 ICT Third-Party Risk Management | ● | ● | · | · |
| F07 Digital Operational Resilience Testing | · | ● | · | · |
| F08 Major ICT Incident Reporting | · | ● | · | · |
| F09 Market Abuse Prevention | ● | · | · | ● |
| F10 AML/CFT and Travel Rule | ● | · | ● | ● |
| F11 Prudential Safeguards & Own Funds | ● | · | · | · |
| F12 Marketing Communications & Disclosures | ● | · | · | ● |
The original matrix shows how each core document contributes to operational, technical, human and physical security.
| Document | OpSec | TechSec | HumSec | PhySec |
|---|---|---|---|---|
| 01 Access Control Policy | ● | ● | ● | · |
| 02 Backup Policy | ● | ● | · | · |
| 03 Human Resource Management | ● | · | ● | · |
| 04 Asset Management | ● | ● | · | · |
| 05 Business Continuity | ● | ● | · | · |
| 06 Operations Management | ● | ● | · | · |
| 07 Incident Management | ● | ● | · | · |
| 08 Information Security | ● | ● | · | · |
| 09 Risk Management | ● | ● | · | · |
| 10 Physical & Environmental Security | ● | · | · | ● |
| 11 Network Security Management | ● | ● | · | · |
| 12 Identity Management | ● | ● | ● | · |
The companion framework evaluates whether traditional organizational and technical controls remain sufficient across eight LLM risk domains and four deployment archetypes. The original methodology pages, downloads, critical evaluation and interactive GAP console remain available.