By Sushegaad
Advise on EU Cyber Resilience Act (CRA) compliance for regulatory requirements including product classification, gap analysis, conformity assessment, CE marking, SBOM, and vulnerability reporting.
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
npx claudepluginhub sushegaad/claude-skills-governance-risk-and-compliance --plugin eu-craExpert Vietnam Personal Data Protection Law (PDPL) compliance advisor for Law No. 91/2025/QH15 and Decree 356/2025/ND-CP. Covers gap analysis, data subject rights fulfilment, cross-border transfer impact assessments, DPIA, breach notification, privacy notices, sector-specific rules (finance, AI, cloud, blockchain), and DPO qualification requirements. Effective January 1, 2026.
GDPR compliance assistant — code and system audits, privacy notice drafting, DPAs, DPIAs, data flow reviews, and authoritative article-cited Q&A.
End-to-end FedRAMP authorization guidance — readiness assessments, SSP narratives, POA&M management, NIST 800-53 Rev 5 control mapping, and ConMon support.
Expert ISO 27001 gap analysis, policy writing, Annex A control guidance, SoA generation, and risk register creation for both 2013 and 2022 versions.
PCI DSS v4.0.1 compliance advisor — CDE scoping, SAQ selection, gap assessments, control implementation guidance, QSA audit preparation, and remediation planning.
Expert Vietnam Personal Data Protection Law (PDPL) compliance advisor for Law No. 91/2025/QH15 and Decree 356/2025/ND-CP. Covers gap analysis, data subject rights fulfilment, cross-border transfer impact assessments, DPIA, breach notification, privacy notices, sector-specific rules (finance, AI, cloud, blockchain), and DPO qualification requirements. Effective January 1, 2026.
GRC (Governance, Risk, and Compliance) domain knowledge — frameworks, controls, audits, evidence, ConMon, cross-framework mappings, document review, and operational workflows. Cloud-agnostic.
11 privacy audit and certification skills: ISO 27701, APEC CBPR, SOC 2, maturity model, continuous compliance, DPA inspection
GDPR Plugin - EU General Data Protection Regulation with DPIA, data subject rights, and 72-hour breach notification
Compliance and governance including regulatory mapping, security policies, audit readiness, GDPR, SOC2, and PCI-DSS compliance.
Regulatory compliance verification for GDPR, SOC2, and HIPAA