assisting-with-soc2-audit-preparation | soc2-audit-helper | ClaudePluginHub

Skill

Community

assisting-with-soc2-audit-preparation

From soc2-audit-helper

920

Description

Execute automate SOC 2 audit preparation including evidence gathering, control assessment, and compliance gap identification. Use when you need to prepare for SOC 2 audits, assess Trust Service Criteria compliance, document security controls, or generate readiness reports. Trigger with phrases like "SOC 2 audit preparation", "SOC 2 readiness assessment", "collect SOC 2 evidence", or "Trust Service Criteria compliance".

AI Summary

Automates SOC 2 audit preparation by gathering evidence, assessing controls, and identifying compliance gaps against Trust Service Criteria. Trigger with phrases like "SOC 2 readiness assessment" or "collect SOC 2 evidence" to generate audit-ready reports.

Install

1

Add the repository(one-time)

$

/plugin marketplace add jeremylongshore/claude-code-plugins-plus-skills

2

Install the plugin

$

/plugin install soc2-audit-helper@claude-code-plugins-plus

Tool Access

This skill is limited to using the following tools:

ReadWriteEditGrepGlobBash(audit-collect:*)Bash(compliance-check:*)

Supporting Assets

View in Repository

assets/README.md

references/README.md

references/errors.md

references/examples.md

references/implementation.md

references/readiness-by-trust-service-category.md

scripts/README.md

scripts/evidence_gathering_automation.py

scripts/generate_soc2_report.py

scripts/identify_compliance_gaps.py

scripts/suggest_remediation_steps.py

Skill Content

Assisting With Soc2 Audit Preparation

Overview

This skill provides automated assistance for the described functionality.

Prerequisites

Before using this skill, ensure:

Documentation directory accessible in {baseDir}/docs/
Infrastructure-as-code and configuration files available
Access to cloud provider logs (AWS CloudTrail, Azure Activity Log, GCP Audit Logs)
Security policies and procedures documented
Employee training records available
Incident response documentation accessible
Write permissions for audit reports in {baseDir}/soc2-audit/

Instructions

Confirm scope (services, systems, period) and applicable SOC 2 criteria.
Gather existing controls, policies, and evidence sources.
Identify gaps and draft an evidence collection plan.
Produce an audit-ready checklist and remediation backlog.

See {baseDir}/references/implementation.md for detailed implementation guide.

Output

The skill produces:

Primary Output: SOC 2 readiness report saved to {baseDir}/soc2-audit/readiness-report-YYYYMMDD.md

Report Structure:

# SOC 2 Readiness Assessment

## Error Handling

See `{baseDir}/references/errors.md` for comprehensive error handling.

## Examples

See `{baseDir}/references/examples.md` for detailed examples.

## Resources

- AICPA Trust Service Criteria: https://www.aicpa.org/interestareas/frc/assuranceadvisoryservices/trustdataintegritytaskforce.html
- SOC 2 Compliance Checklist: https://secureframe.com/hub/soc-2/checklist
- CIS Controls: https://www.cisecurity.org/controls/
- NIST Cybersecurity Framework: https://www.nist.gov/cyberframework
- Drata: SOC 2 compliance automation

Links

GitHub Stats

111 forks

Updated 3 days ago

Similar Skills

auth-implementation-patterns

Master authentication and authorization patterns including JWT, OAuth2, session management, and RBAC to build secure, scalable access control systems. Use when implementing auth systems, securing APIs, or debugging security issues.

developer-essentials

24.7k

bazel-build-optimization

Optimize Bazel builds for large-scale monorepos. Use when configuring Bazel, implementing remote execution, or optimizing build performance for enterprise codebases.

developer-essentials

24.7k

code-review-excellence

Master effective code review practices to provide constructive feedback, catch bugs early, and foster knowledge sharing while maintaining team morale. Use when reviewing pull requests, establishing review standards, or mentoring developers.

developer-essentials

24.7k