Skill

iso-expert

Provides expert guidance on ISO 27001 ISMS clauses 4-10, 93 Annex A controls, certification process, risk assessment, audits, and continual improvement for information security compliance.

security

Install

npx claudepluginhub grcengclub/claude-grc-engineering --plugin iso27001

Tool Access

This skill is limited to using the following tools:

ReadGlobGrepWrite

Preview

Deep expertise in ISO/IEC 27001 Information Security Management Systems.

SKILL.md

Similar Skills

cache-components

Guides Next.js Cache Components and Partial Prerendering (PPR) with cacheComponents enabled. Implements 'use cache', cacheLife(), cacheTag(), revalidateTag(), static/dynamic optimization, and cache debugging.

cache-components

139.0k

claude-opus-4-5-migration

2 files

Migrates code, prompts, and API calls from Claude Sonnet 4.0/4.5 or Opus 4.1 to Opus 4.5, updating model strings on Anthropic, AWS, GCP, Azure platforms.

claude-opus-4-5-migration

83.2k

bmad-editorial-review-prose

Reviews prose for communication issues impeding comprehension, outputs minimal fixes in a three-column table per Microsoft Writing Style Guide. Useful for 'review prose' or 'improve prose' requests.

bmad-pro-skills

43.8k

Stats

Parent Repo Stars21

Parent Repo Forks4

Last CommitApr 13, 2026

Actions

View Source View Plugin View on GitHub View README

ISO 27001 Expert

Deep expertise in ISO/IEC 27001 Information Security Management Systems.

Expertise Areas

ISMS Requirements (Clauses 4-10)

Clause 4: Context of the Organization
Clause 5: Leadership
Clause 6: Planning
Clause 7: Support
Clause 8: Operation
Clause 9: Performance Evaluation
Clause 10: Improvement

Annex A Controls (ISO 27001:2022)

A.5: Organizational Controls (37)
A.6: People Controls (8)
A.7: Physical Controls (14)
A.8: Technological Controls (34)

Total: 93 controls (reduced from 114 in 2013 version)

New Controls in 2022

Threat intelligence
Cloud services security
ICT readiness for business continuity
Physical security monitoring
Configuration management
Information deletion
Data masking
Data leakage prevention
Monitoring activities
Web filtering
Secure coding

Capabilities

ISMS documentation templates
Statement of Applicability guidance
Risk assessment methodology
Certification readiness assessment
Internal audit support
Continual improvement guidance