Slash Command

/evidence-checklist

Evidence checklist for Singapore - Personal Data Protection Ac (PDPA) (2012), organized by control family

Install

npx claudepluginhub abnejllc/grc --plugin singapore-pdpa

Prompt Preview

# Singapore - Personal Data Protection Ac (PDPA) (2012) Evidence Checklist

Baseline evidence checklist for a Singapore - Personal Data Protection Ac (PDPA) (2012) assessment. The SCF crosswalk maps 30 SCF controls to the 14 Singapore - Personal Data Protection Ac (PDPA) (2012) controls; this command enumerates what evidence tends to be expected for each SCF family that's in scope.

## Usage



## Arguments

- `--family=<SCF_family_code>` (optional) — restrict to a single SCF family (e.g. `IAC`, `CRY`, `AST`, `BCD`). Defaults to all families mapped for this framework.

## Output

Markdown c...

Command Content

Other plugins with /evidence-checklist

/evidence-checklist

Generates evidence preparation checklists for compliance frameworks like NIST, FedRAMP, SOC2, ISO27001 based on controls and optional audit type.

grc

124

/evidence-checklist

Generates StateRAMP evidence checklists for NIST 800-53 control families, supporting moderate/high baselines and markdown/JSON/CSV export.

stateramp

/evidence-checklist

Generates evidence checklists for EU DORA articles or topics, tailored to financial entity types like credit institutions, exportable as markdown, JSON, or CSV.

dora

/evidence-checklist

Generates evidence collection checklists for GLBA Safeguards Rule and Privacy Rule compliance by rule section, institution type (bank, broker, insurer), and export format (markdown, json, csv).

glba

/evidence-checklist

Generates detailed SOC 2 evidence checklists for control IDs, categories, or security areas, including policies, procedures, and automated/manual collection guidance for Type 1/2 audits.

soc2

/evidence-checklist

Generates CMMC 2.0 evidence checklists for practices by ID or domain, organized by level (1-3) and maturity requirements with DoD contractor guidance. Supports --level and --export flags.

cmmc

Stats

Parent Repo Stars0

Parent Repo Forks0

Last CommitApr 18, 2026

Used By2 plugins

Actions

View Source View Plugin View on GitHub View README

# Singapore - Personal Data Protection Ac (PDPA) (2012) Evidence Checklist Baseline evidence checklist for a Singapore - Personal Data Protection Ac (PDPA) (2012) assessment. The SCF crosswalk maps 30 SCF controls to the 14 Singapore - Personal Data Protection Ac (PDPA) (2012) controls; this command enumerates what evidence tends to be expected for each SCF family that's in scope. ## Usage ## Arguments - `--family=<SCF_family_code>` (optional) — restrict to a single SCF family (e.g. `IAC`, `CRY`, `AST`, `BCD`). Defaults to all families mapped for this framework. ## Output Markdown c...

Singapore - Personal Data Protection Ac (PDPA) (2012) Evidence Checklist

Baseline evidence checklist for a Singapore - Personal Data Protection Ac (PDPA) (2012) assessment. The SCF crosswalk maps 30 SCF controls to the 14 Singapore - Personal Data Protection Ac (PDPA) (2012) controls; this command enumerates what evidence tends to be expected for each SCF family that's in scope.

Usage

/singapore-pdpa:evidence-checklist [--family=<SCF_family_code>]

Arguments

--family=<SCF_family_code> (optional) — restrict to a single SCF family (e.g. IAC, CRY, AST, BCD). Defaults to all families mapped for this framework.

Output

Markdown checklist grouped by SCF family with:

SCF control ID → framework-native control ID(s) (from crosswalk)

Evidence types typically expected (logs, configs, policy documents, tickets, training records)

Which connector plugins can collect each type automatically

Which items require manual upload / narrative

Framework-specific evidence

TODO: at Reference depth, replace this section with framework-specific evidence patterns. Items worth capturing:

Mandatory artifacts unique to Singapore - Personal Data Protection Ac (PDPA) (2012) (e.g. DPIA for GDPR, ROC for PCI DSS, SSP for FedRAMP)

Assessor expectations per control family

Retention periods required by the regulator

Artifacts auditors request repeatedly across engagements

Singapore - Personal Data Protection Ac (PDPA) (2012) Evidence Checklist

Usage

/singapore-pdpa:evidence-checklist [--family=<SCF_family_code>]

Arguments

--family=<SCF_family_code> (optional) — restrict to a single SCF family (e.g. IAC, CRY, AST, BCD). Defaults to all families mapped for this framework.

Output

Markdown checklist grouped by SCF family with:

SCF control ID → framework-native control ID(s) (from crosswalk)
Evidence types typically expected (logs, configs, policy documents, tickets, training records)
Which connector plugins can collect each type automatically
Which items require manual upload / narrative

Framework-specific evidence

TODO: at Reference depth, replace this section with framework-specific evidence patterns. Items worth capturing:

Mandatory artifacts unique to Singapore - Personal Data Protection Ac (PDPA) (2012) (e.g. DPIA for GDPR, ROC for PCI DSS, SSP for FedRAMP)
Assessor expectations per control family
Retention periods required by the regulator
Artifacts auditors request repeatedly across engagements