A integrated computing system compliance management system includes a computer-based system to obtain an integrated computing system object instance of an integrated computing system that is generated from an object model comprising a unified entity representing the integrated computing system. The integrated computing system object instance has multiple hierarchally arranged sub-object instances representing hierarchally arranged resources of the integrated computing system. The system receive security hardening policies associated with an established security hardening standard, modify those sub-object instances to include the security hardening policies that are associated with those sub-object instances to form a security hardening-based object instance. Using the security hardening-based object instance, the system determines, for each security hardening policy, whether the configuration of the resources meets the security hardening policy using the security hardening-based object instance. Once determined, the system may then output the result of the determination.