Information Security Manager ISO 27001
Skill Verifiziert AktivISO 27001 ISMS implementation and cybersecurity governance for HealthTech and MedTech companies. Use for ISMS design, security risk assessment, control implementation, ISO 27001 certification, security audits, incident response, and compliance verification. Covers ISO 27001, ISO 27002, healthcare security, and medical device cybersecurity.
To streamline and automate the implementation of ISO 27001 ISMS and cybersecurity governance for HealthTech and MedTech organizations, ensuring compliance and robust security posture.
Funktionen
- Automated security risk assessment using ISO 27001 methodology
- Compliance checking against ISO 27001/27002 controls
- Gap analysis with remediation recommendations
- Structured workflows for ISMS implementation and incident response
- Reference guides for controls, risk assessment, and incident response
Anwendungsfälle
- Designing and implementing an ISO 27001 ISMS
- Conducting security risk assessments for healthcare systems
- Verifying compliance with ISO 27001 and related healthcare regulations
- Developing incident response plans and procedures
- Preparing for ISO 27001 certification audits
Nicht-Ziele
- Performing penetration testing or vulnerability scanning directly
- Providing legal advice on specific regulatory requirements
- Automating the full certification process (focuses on preparation)
- Managing IT infrastructure directly (focuses on policy and process)
Praktiken
- Information Security Management
- Risk Management
- Compliance Auditing
- Incident Response Planning
Installation
Zuerst Marketplace hinzufügen
/plugin marketplace add alirezarezvani/claude-skills/plugin install ra-qm-team@claude-code-skillsQualitätspunktzahl
VerifiziertVertrauenssignale
Ähnliche Erweiterungen
Context Mode Ops
100Verwalten Sie GitHub-Issues, PRs, Releases und Marketing mit parallelen Subagenten-Armeen im Context-Mode. Orchestriert 10-20 dynamische Agenten pro Aufgabe. Verwenden Sie dies bei der Triage von Issues, der Überprüfung von PRs, der Veröffentlichung von Versionen, dem Schreiben von LinkedIn-Posts, der Ankündigung von Releases, der Behebung von Fehlern, dem Mergen von Beiträgen, der Validierung von ENV-Variablen, dem Testen von Adaptern oder dem Synchronisieren von Branches.
Quality Manager QMR
95Senior Quality Manager Responsible Person (QMR) for HealthTech and MedTech companies. Provides quality system governance, management review leadership, regulatory compliance oversight, and quality performance monitoring per ISO 13485 Clause 5.5.2.
Prepare Inspection Readiness
100Prepare an organisation for regulatory inspection by assessing readiness against agency-specific focus areas (FDA, EMA, MHRA). Covers warning letter and 483 theme analysis, mock inspection protocols, document bundle preparation, inspection logistics, and response template creation. Use when a regulatory inspection has been announced or is anticipated, when a periodic self-assessment is due, when new systems have been implemented since the last inspection, or after a significant audit finding that may attract regulatory attention.
Monitor Data Integrity
100Design and operate a data integrity monitoring programme based on ALCOA+ principles. Covers detective controls, audit trail review schedules, anomaly detection patterns (off-hours activity, sequential modifications, bulk changes), metrics dashboards, investigation triggers, and escalation matrix definition. Use when establishing a data integrity monitoring programme for GxP systems, preparing for inspections where data integrity is a focus area, after a data integrity incident requiring enhanced monitoring, or when implementing MHRA, WHO, or PIC/S guidance.
Investigate Capa Root Cause
100Investigate root causes and manage CAPAs (Corrective and Preventive Actions) for compliance deviations. Covers investigation method selection (5-Why, fishbone, fault tree), structured root cause analysis, corrective vs preventive action design, effectiveness verification, and trend analysis. Use when an audit finding requires a CAPA, when a deviation or incident occurs in a validated system, when a regulatory observation needs a formal response, when a data integrity anomaly requires investigation, or when recurring issues suggest a systemic root cause.
Master Claude for Legal
100Master-Skill für Rechtsteams, die Claude verwenden. Lädt die richtige Referenz für die Benutzerfrage (Konfiguration von Privilegien, MCP-Härtung, Verifizierung, lange Dokumente, Muster für Fachbereiche, Skill-Erstellung) und leitet an spezialisierte Starter-Skills weiter (NDA-Triage, Versionsvergleich, Besprechungszusammenfassung, Zitationsverifizierung, Status-Synthese). Wird automatisch aufgerufen, wenn der Benutzer juristische Arbeit, Verträge, Redlines, NDAs, Privilegien, Anwaltsgeheimnis, Gerichtsakten, Vernehmungen, regulatorische Compliance erwähnt oder fragt, wie Claude für eine Anwaltskanzlei oder ein internes Rechtsteam eingerichtet wird.