SOC 2 Compliance
Skill Verifiziert AktivUse when the user asks to prepare for SOC 2 audits, map Trust Service Criteria, build control matrices, collect audit evidence, perform gap analysis, or assess SOC 2 Type I vs Type II readiness.
To streamline and professionalize the preparation for SOC 2 audits, ensuring organizations can effectively map controls, identify compliance gaps, and gather necessary evidence.
Funktionen
- SOC 2 Type I vs Type II comparison
- Trust Service Criteria mapping and documentation
- Control matrix generation (SEC, AVL, CON, PRI, PRV)
- Gap analysis for design and operating effectiveness
- Evidence collection guidance and automation strategies
- Audit readiness checklist and common findings
Anwendungsfälle
- Use when preparing for a SOC 2 Type I or Type II audit.
- Use when mapping your organization's controls to SOC 2 Trust Service Criteria.
- Use for conducting internal gap analyses against SOC 2 requirements.
- Use to understand evidence collection requirements for SOC 2.
Nicht-Ziele
- Performing the actual SOC 2 audit or issuing the report.
- Providing legal advice on compliance matters.
- Automating the remediation of identified gaps (focus is on analysis and preparation).
Praktiken
- Compliance Management
- Information Security
- Audit Preparation
- Risk Management
Installation
Zuerst Marketplace hinzufügen
/plugin marketplace add alirezarezvani/claude-skills/plugin install ra-qm-team@claude-code-skillsQualitätspunktzahl
VerifiziertVertrauenssignale
Ähnliche Erweiterungen
TradeMemory Protocol
100Domänenwissen für die Evolution Engine — LLM-gestützte autonome Strategieentdeckung aus rohen OHLCV-Daten. Behandelt die Schleife Generieren-Backtesten-Auswählen-Entwickeln, vektorisiertes Backtesting, Out-of-Sample-Validierung und Strategiegraduierung. Verwenden Sie es beim Entdecken von Handelspatterns, Ausführen von Backtests, Entwickeln von Strategien oder Überprüfen von Evolutionsprotokollen. Löst aus bei "evolve", "discover patterns", "backtest", "evolution", "strategy generation", "candidate strategy".
Gdpr Dsgvo Expert
100GDPR and German DSGVO compliance automation. Scans codebases for privacy risks, generates DPIA documentation, tracks data subject rights requests. Use for GDPR compliance assessments, privacy audits, data protection planning, DPIA generation, and data subject rights management.
Ship Gate
100Pre-production audit that scans a codebase for security, database, deployment, code quality, AI/LLM, dependency, frontend, and observability issues. Intercepts deploy commands and blocks until critical items pass. Stack-agnostic. Use for "run ship gate", "am I ready to ship", "pre-launch audit", "can I deploy", "push to production", "go live checklist", "preflight check". Not for CI/CD setup or infra provisioning.
Context Mode Ops
100Verwalten Sie GitHub-Issues, PRs, Releases und Marketing mit parallelen Subagenten-Armeen im Context-Mode. Orchestriert 10-20 dynamische Agenten pro Aufgabe. Verwenden Sie dies bei der Triage von Issues, der Überprüfung von PRs, der Veröffentlichung von Versionen, dem Schreiben von LinkedIn-Posts, der Ankündigung von Releases, der Behebung von Fehlern, dem Mergen von Beiträgen, der Validierung von ENV-Variablen, dem Testen von Adaptern oder dem Synchronisieren von Branches.
Refactor Plan
100Prioritized redesign action plan covering quick wins, medium effort, major rework
Type Audit
100Typography-only audit covering font selection, type scale, readability, hierarchy, performance