跳转到主要内容
此内容尚未提供您的语言版本,正在以英文显示。

Isms Audit Expert

技能 已验证 活跃
属于:Ra Qm Skills

Information Security Management System (ISMS) audit expert for ISO 27001 compliance verification, security control assessment, and certification support. Use when the user mentions ISO 27001, ISMS audit, Annex A controls, Statement of Applicability (SOA), gap analysis, nonconformity management, internal audit, surveillance audit, or security certification preparation. Helps review control implementation evidence, document audit findings, classify nonconformities, generate risk-based audit plans, map controls to Annex A requirements, prepare Stage 1 and Stage 2 audit documentation, and support corrective action workflows.

目的

To assist users in performing ISO 27001 audits by providing expert guidance, structured methodologies, and automated planning tools for Information Security Management Systems.

功能

  • ISO 27001 compliance verification
  • ISMS audit planning and scheduling
  • Security control assessment procedures
  • Finding management and classification
  • Certification audit support

使用场景

  • Use when preparing for an ISO 27001 certification audit.
  • Use when conducting internal audits of an ISMS.
  • Use when assessing the effectiveness of security controls against Annex A.
  • Use when managing nonconformities and corrective actions.

非目标

  • Performing the actual certification audit itself.
  • Providing legal interpretation of ISO 27001 standard.
  • Automating the implementation of security controls.

安装

请先添加 Marketplace

/plugin marketplace add alirezarezvani/claude-skills
/plugin install ra-qm-team@claude-code-skills

质量评分

已验证
98 /100
1 day ago 分析

信任信号

最近提交1 day ago
GitHub 所有者 alirezarezvani (opens in new tab)
星标14.6k
许可证MIT
网站alirezarezvani.medium.com(opens in new tab)
状态
查看源代码

类似扩展

TradeMemory Protocol

100

Evolution Engine 的领域知识 — 支持 LLM 从原始 OHLCV 数据中自主发现策略。涵盖生成-回测-选择-进化循环、向量化回测、样本外验证和策略梯度。在发现交易模式、运行回测、进化策略或审查进化日志时使用。由“evolve”、“discover patterns”、“backtest”、“evolution”、“strategy generation”、“candidate strategy”触发。

技能
mnemox-ai

Gdpr Dsgvo Expert

100

GDPR and German DSGVO compliance automation. Scans codebases for privacy risks, generates DPIA documentation, tracks data subject rights requests. Use for GDPR compliance assessments, privacy audits, data protection planning, DPIA generation, and data subject rights management.

技能
alirezarezvani

Ship Gate

100

Pre-production audit that scans a codebase for security, database, deployment, code quality, AI/LLM, dependency, frontend, and observability issues. Intercepts deploy commands and blocks until critical items pass. Stack-agnostic. Use for "run ship gate", "am I ready to ship", "pre-launch audit", "can I deploy", "push to production", "go live checklist", "preflight check". Not for CI/CD setup or infra provisioning.

技能
alirezarezvani

Context Mode Ops

100

使用并行子代理军队管理 context-mode GitHub 问题、PR、发布和营销。为每个任务编排 10-20 个动态代理。在分类问题、审查 PR、发布版本、撰写 LinkedIn 帖子、宣布发布、修复错误、合并贡献、验证 ENV 变量、测试适配器或同步分支时使用。

技能
mksglu

Refactor Plan

100

Prioritized redesign action plan covering quick wins, medium effort, major rework

技能
Aboudjem

Type Audit

100

Typography-only audit covering font selection, type scale, readability, hierarchy, performance

技能
Aboudjem