Stats
Links
Categories
Help us improve
Share bugs, ideas, or general feedback.
Marketplace
grc-engineering-suite
GRC Engineering Plugin Suite - Tools for auditors, internal teams, TPRM, and framework-specific compliance
$
npx claudepluginhub grcengclub/claude-grc-engineering30 Plugins
grc-engineer
256·
GRC Engineering Plugin - Maps IaC to compliance controls, generates policies, collects evidence, reviews PRs for compliance, and transforms risks to Jira tickets
1mo
GRCEngClubgrc-auditor
256·2·
GRC Auditor Plugin - Evidence review, control validation, and audit workpaper generation for external auditors and assessors
1mo
GRCEngClubgrc-internal
256·
GRC Internal Plugin - Policy management, risk registers, and compliance tracking for internal GRC teams
1mo
GRCEngClubgrc-tprm
256·
GRC Third-Party Risk Management Plugin - Vendor assessments, questionnaire analysis, and risk scoring
1mo
GRCEngClubsoc2
256·
SOC 2 Compliance Plugin - Trust Service Criteria expertise, Type I/II assessment support, and control mapping
1mo
GRCEngClubnist-800-53
256·
NIST 800-53 Plugin - Control families, baseline selection (Low/Moderate/High), and FedRAMP alignment
1mo
GRCEngClubiso27001
256·
ISO 27001 Plugin - Annex A controls, ISMS implementation guidance, and certification support
1mo
GRCEngClubfedramp-rev5
256·
FedRAMP Rev 5 Plugin - Traditional authorization path with SSP/SAP/SAR/POA&M documentation and NIST 800-53 Rev 5 control mapping
1mo
GRCEngClubfedramp-20x
256·
FedRAMP 20X Plugin - Modern automated authorization with Key Security Indicators (KSIs), continuous monitoring, and machine-readable policies synced from official FedRAMP docs
1mo
GRCEngClubpci-dss
256·
PCI DSS v4.0.1 Plugin - Payment Card Industry compliance with ROC guidance, SAQ selection, and March 2025 mandatory requirements
1mo
GRCEngClubcmmc
256·2·
CMMC v2.0 Plugin - Cybersecurity Maturity Model Certification for DoD contractors with 5 levels and C3PAO assessment prep
1mo
GRCEngClubhitrust
256·
HITRUST CSF Plugin - Healthcare Information Trust Alliance Common Security Framework with i1/r2 assessments and 156 controls
1mo
GRCEngClubcis-controls
256·
CIS Controls v8 Plugin - Center for Internet Security baseline with IG1/IG2/IG3 implementation groups and 153 safeguards
1mo
GRCEngClubgdpr
256·1·
GDPR Plugin - EU General Data Protection Regulation with DPIA, data subject rights, and 72-hour breach notification
1mo
GRCEngClubcsa-ccm
256·
CSA CCM Plugin - Cloud Security Alliance Cloud Controls Matrix with 197 controls and CAIQ support
1mo
GRCEngClubnydfs
256·
NYDFS 23 NYCRR 500 Plugin - New York Department of Financial Services cybersecurity requirements with annual certification
1mo
GRCEngClubdora
256·
DORA Plugin - EU Digital Operational Resilience Act for financial entities with ICT risk management (effective January 2025)
1mo
GRCEngClubstateramp
256·
StateRAMP Plugin - State Risk and Authorization Management Program for state and local government cloud services
1mo
GRCEngClubessential8
256·
Essential 8 Plugin - Australian Cyber Security Centre mitigation strategies with 3 maturity levels
1mo
GRCEngClubglba
256·
GLBA Plugin - Gramm-Leach-Bliley Act for financial institutions with Safeguards Rule and Privacy Rule compliance
1mo
GRCEngClubus-export
256·
US Export Controls Plugin - ITAR and EAR compliance for defense and dual-use technologies
1mo
GRCEngClubpbmm
256·
Canadian PBMM (Protected B Medium Medium) with ITSG-33 controls
1mo
GRCEngClubismap
256·
Japanese ISMAP government cloud security (ISO 27001/27017/27018)
1mo
GRCEngClubirap
256·
Australian IRAP (ISM + Essential Eight) for government cloud
1mo
GRCEngClubaws-inspector
256·
GRC connector for AWS: evaluates IAM, S3, CloudTrail, EBS, and RDS for compliance misconfigurations. Emits findings conforming to schemas/finding.schema.json v1.
1mo
GRCEngClubgithub-inspector
256·
GRC connector for GitHub: evaluates repo protections, branch policies, Actions, secret scanning, Dependabot, and deploy keys. Emits findings conforming to schemas/finding.schema.json v1.
1mo
GRCEngClubgcp-inspector
256·
GRC connector for Google Cloud: evaluates IAM, Cloud Storage, audit logs, KMS rotation, and Compute for compliance misconfigurations. Emits findings conforming to schemas/finding.schema.json v1.
1mo
GRCEngClubokta-inspector
256·
GRC connector for Okta: evaluates authentication policies, MFA enrollment, password policy, session management, and admin/privileged accounts. Emits findings conforming to schemas/finding.schema.json v1.
1mo
GRCEngCluboscal
256·
OSCAL (Open Security Controls Assessment Language) toolkit for Claude Code. Wraps ethanolivertroy/oscal-cli for validation and conversion of catalogs, profiles, SSPs, SAPs, SARs, POA&Ms, component definitions, and assessment results.
1mo
GRCEngClubfedramp-ssp
256·
Convert FedRAMP Rev 5 Moderate SSP DOCX templates to validated OSCAL 1.2.0 JSON. Wraps ethanolivertroy/frdocx-to-froscal-ssp — ready for oscal-cli, Compliance Trestle, eMASS, and FedRAMP 20X workflows.
1mo
GRCEngClub