By GRCEngClub
Navigate NYDFS 23 NYCRR 500 cybersecurity compliance for financial services: assess readiness, prepare annual certifications, meet CISO requirements, generate evidence checklists, and create penetration testing plans tailored to entity type and cloud providers.
NYDFS 23 NYCRR 500 compliance readiness assessment
Annual NYDFS 23 NYCRR 500 certification guidance
NYDFS CISO role, qualifications, and responsibilities
Generates comprehensive evidence collection checklists for New York Department of Financial Services (NYDFS) 23 NYCRR 500 cybersecurity requirements for covered entities.
NYDFS penetration testing and vulnerability assessment requirements
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
Deploy a serverless trust center to publish your company's compliance posture. Supports AWS deployment with S3, CloudFront, Lambda, DynamoDB, Cognito, and WAF.
FedRAMP Rev 5 Plugin - Traditional authorization path with SSP/SAP/SAR/POA&M documentation and NIST 800-53 Rev 5 control mapping
CSA CCM Plugin - Cloud Security Alliance Cloud Controls Matrix with 197 controls and CAIQ support
US Export Controls Plugin - ITAR and EAR compliance for defense and dual-use technologies
SOC 2 Compliance Plugin - Trust Service Criteria expertise, Type I/II assessment support, and control mapping
npx claudepluginhub grcengclub/claude-grc-engineering --plugin nydfsDORA Plugin - EU Digital Operational Resilience Act for financial entities with ICT risk management (effective January 2025)
GRC (Governance, Risk, and Compliance) domain knowledge — frameworks, controls, audits, evidence, ConMon, cross-framework mappings, document review, and operational workflows. Cloud-agnostic.
NIST Cybersecurity Framework (CSF 2.0 and 1.1) advisor — gap assessments, organisational profiles, implementation tiers, roadmaps, cross-framework mapping, and cybersecurity policy generation.
Comprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.
Harness-native ECC plugin for engineering teams - 67 agents, 278 skills, 94 legacy command shims, reusable hooks, rules, MCP conventions, and operator workflows for Claude Code plus adjacent agent harnesses
Upstash Context7 MCP server for up-to-date documentation lookup. Pull version-specific documentation and code examples directly from source repositories into your LLM context.