{"name":"sushegaad-grc-skills","owner":{"name":"ClaudePluginHub"},"plugins":[{"name":"sushegaad-iso27001-plugins-iso27001","source":{"source":"github","repo":"sushegaad/claude-skills-governance-risk-and-compliance"},"description":"Expert ISO 27001 gap analysis, policy writing, Annex A control guidance, SoA generation, and risk register creation for both 2013 and 2022 versions.","version":"0.2.0","strict":true,"keywords":["iso27001","isms","compliance","security","grc","gap-analysis","annex-a"],"category":"security"},{"name":"sushegaad-soc2-plugins-soc2","source":{"source":"github","repo":"sushegaad/claude-skills-governance-risk-and-compliance"},"description":"Expert SOC 2 compliance advisor covering all Trust Services Criteria — gap analysis, policy drafting, control documentation, audit evidence, and vendor risk.","version":"0.2.0","strict":true,"keywords":["soc2","aicpa","trust-services","audit","compliance","grc"],"category":"documentation"},{"name":"sushegaad-fedramp-plugins-fedramp","source":{"source":"github","repo":"sushegaad/claude-skills-governance-risk-and-compliance"},"description":"End-to-end FedRAMP authorization guidance — readiness assessments, SSP narratives, POA&M management, NIST 800-53 Rev 5 control mapping, and ConMon support.","version":"0.2.0","strict":true,"keywords":["fedramp","nist","ato","ssp","poam","federal","cloud-security","grc"],"category":"security"},{"name":"sushegaad-gdpr-compliance-plugins-gdpr-compliance","source":{"source":"github","repo":"sushegaad/claude-skills-governance-risk-and-compliance"},"description":"GDPR compliance assistant — code and system audits, privacy notice drafting, DPAs, DPIAs, data flow reviews, and authoritative article-cited Q&A.","version":"0.2.0","strict":true,"keywords":["gdpr","privacy","data-protection","dpa","dpia","eu","grc"],"category":"deployment"},{"name":"sushegaad-hipaa-compliance-plugins-hipaa-compliance","source":{"source":"github","repo":"sushegaad/claude-skills-governance-risk-and-compliance"},"description":"HIPAA compliance advisor covering Privacy Rule, Security Rule, and Breach Notification — document generation, technical safeguards for cloud, and breach response.","version":"0.2.0","strict":true,"keywords":["hipaa","phi","healthcare","baa","privacy-rule","security-rule","grc"],"category":"security"},{"name":"sushegaad-nist-csf-plugins-nist-csf","source":{"source":"github","repo":"sushegaad/claude-skills-governance-risk-and-compliance"},"description":"NIST Cybersecurity Framework (CSF 2.0 and 1.1) advisor — gap assessments, organisational profiles, implementation tiers, roadmaps, cross-framework mapping, and cybersecurity policy generation.","version":"0.2.0","strict":true,"keywords":["nist-csf","cybersecurity-framework","csf20","risk-management","cybersecurity","grc","gap-assessment","profiles","tiers"],"category":"security"},{"name":"sushegaad-pci-compliance-plugins-pci-compliance","source":{"source":"github","repo":"sushegaad/claude-skills-governance-risk-and-compliance"},"description":"PCI DSS v4.0.1 compliance advisor — CDE scoping, SAQ selection, gap assessments, control implementation guidance, QSA audit preparation, and remediation planning.","version":"0.2.0","strict":true,"keywords":["pci-dss","pci-compliance","payment-security","cardholder-data","cde","saq","qsa","grc"],"category":"deployment"},{"name":"sushegaad-tsa-compliance-plugins-tsa-compliance","source":{"source":"github","repo":"sushegaad/claude-skills-governance-risk-and-compliance"},"description":"TSA cybersecurity compliance advisor for critical infrastructure — pipeline, freight rail, and transit Security Directive requirements including CIP/COIP, IRP, ADR, CAP, incident reporting, and OT/ICS security.","version":"0.2.0","strict":true,"keywords":["tsa","transportation-security","critical-infrastructure","pipeline-security","rail-security","ot-security","ics-security","grc"],"category":"deployment"},{"name":"sushegaad-iso42001-plugins-iso42001","source":{"source":"github","repo":"sushegaad/claude-skills-governance-risk-and-compliance"},"description":"ISO 42001 AI Management System (AIMS) advisor — gap analysis, AI risk assessment, AI system impact assessment (AISIA), Annex A control guidance, SoA generation, policy writing, and certification readiness for ISO/IEC 42001:2023.","version":"0.2.0","strict":true,"keywords":["iso42001","ai-management-system","aims","responsible-ai","ai-governance","ai-risk","aisia","grc"],"category":"utilities"}]}