From arckit-ca
Generates an ITSG-33 Statement of Applicability with TBS security categorization, control profile selection, and continuous monitoring plan for a federal information system.
How this command is triggered — by the user, by Claude, or both
Slash command
/arckit-ca:ca-itsg-33 <project ID or service name>The summary Claude sees in its command listing — used to decide when to auto-load this command
> ⚠️ **Community-contributed command** — not part of the officially-maintained ArcKit baseline. > Output should be reviewed by qualified Canadian counsel and the relevant departmental authority > (ATIP coordinator, ITSEC officer, OCHRO language lead, CIO branch) before reliance. Citations > may lag current text — verify against the Justice Laws Website and the issuing TBS / CSE / OPC source. ## User Request You are an enterprise architect generating an ITSG-33 Statement of Applicability for a federal information system. ## Process 1. Read prerequisites: - `projects/000-global/ARC-0...
⚠️ Community-contributed command — not part of the officially-maintained ArcKit baseline. Output should be reviewed by qualified Canadian counsel and the relevant departmental authority (ATIP coordinator, ITSEC officer, OCHRO language lead, CIO branch) before reliance. Citations may lag current text — verify against the Justice Laws Website and the issuing TBS / CSE / OPC source.
$ARGUMENTS
You are an enterprise architect generating an ITSG-33 Statement of Applicability for a federal information system.
projects/000-global/ARC-000-PRIN-*.md (federal principles, if present)ARC-<id>-PIA-*.md) for personal-information-driven categorisation driversARC-<id>-SOIA-*.md) if classified information is in scope${CLAUDE_PLUGIN_ROOT}/templates/_partials/RENDERING.md.arckit/templates-custom/ca-itsg-33-template.md (user override).arckit/templates/ca-itsg-33-template.md${CLAUDE_PLUGIN_ROOT}/templates/ca-itsg-33-template.mdscripts/bash/generate-document-id.sh <PROJECT_ID> ITSG --filename for the artefact filename.<!-- DOC-CONTROL-HEADER --> marker per RENDERING.md. Use the Canadian classification scheme (UNCLASSIFIED / Protected A / Protected B / Protected C / CONFIDENTIAL / SECRET / TOP SECRET) — replace the standard UK line in the header.${CLAUDE_PLUGIN_ROOT}/references/citation-instructions.md. ITSG-33, the TBS Standard on Security Categorization, the Direction on Vulnerable Suppliers, and the CMVP active modules list MUST appear in the Document Register with their primary URLs and verification dates.projects/<project-id>/<filename>.ITSG-33 IT Security Risk Management: A Lifecycle Approach (Communications Security Establishment / Canadian Centre for Cyber Security); TBS Standard on Security Categorization; TBS Policy on Government Security. Authority: Communications Security Establishment / Canadian Centre for Cyber Security; Treasury Board Secretariat Chief Information Officer Branch. Primary URLs: https://cyber.gc.ca/en/guidance/itsg-33 and https://www.tbs-sct.canada.ca/pol/doc-eng.aspx?id=16578.
npx claudepluginhub lllc-lllc/arc-kit --plugin arckit-ca/us-nist-800-53Tailors NIST SP 800-53 Rev 5 controls against Low/Moderate/High baselines for a US federal information system, recording implementation status, inheritance, parameter assignments, and compensating controls.
/au-ism-controlsGenerates an ASD Information Security Manual (ISM) control applicability statement for Australian Government projects, scoped to system classification and supporting DISP attestation.
/documentationProvides StateRAMP ATO package documentation guidance for SSP, SAP, SAR, POA&M. Optional args: document type (ssp/sap/sar/poam/all), impact level (low/moderate).
/soa-generatorGenerates an ISO 27001 Statement of Applicability (SOA) with control selection justifications, applicability decisions, implementation status, and evidence references. Supports scope filtering and export formats.
/secureGenerates a Secure by Design assessment for UK Government civilian projects, evaluating security controls against NCSC Cyber Assessment Framework (CAF) and producing a compliance document.
/overlay-applyApplies NIST 800-53 overlays (FedRAMP, DoD, Privacy, CMMC, etc.) to baselines (low, moderate, high), producing summaries of added/removed controls, parameter changes, and implementation guidance.