Claude Skill
Sushegaad/Claude-Skills-Governance-Risk-and-Compliance
Expert-level GRC guidance for ISO 27001, SOC 2, FedRAMP, GDPR, HIPAA, NIST CSF, PCI DSS, and more. Benchmarked at 95% accuracy. Open-source Claude Skill.
Overview
Repository
Install this Skill
git clone https://github.com/Sushegaad/Claude-Skills-Governance-Risk-and-Compliance.gitRegistry
Summary
Claude Skills for Governance, Risk, and Compliance (GRC) delivers expert-level compliance guidance across 20+ major frameworks including ISO 27001, SOC 2, FedRAMP, GDPR, HIPAA, NIST CSF, PCI DSS, TSA Cybersecurity, ISO 42001, ISO 27701, DORA, India's DPDPA, CMMC 2.0, NIST AI Risk, SWIFT, Australia's ISM, EU NIS2, and CCPA/CPRA. Benchmarked at 95% accuracy vs 80% baseline.
Claude 治理、风险与合规(GRC)技能:针对ISO 27001、SOC 2、FedRAMP、GDPR、HIPAA、NIST CSF、PCI DSS、TSA网络安全、ISO 42001、ISO 27701、DORA、印度DPDPA、CMMC 2.0、NIST AI风险及SWIFT提供专家级合规指导。基准测试95%对比81%。
Key features
- Covers 20+ global compliance frameworks in one skill
- Benchmarked at 95% accuracy for GRC guidance
- Expert-level support for ISO, NIST, GDPR, HIPAA, and more
- Designed for governance, risk management, and audit readiness
- Regularly updated to reflect latest regulatory changes
Use cases
- Prepare for ISO 27001 or SOC 2 certification audits
- Assess and document GDPR or CCPA/CPRA compliance
- Implement NIST CSF or FedRAMP security controls
- Manage HIPAA or PCI DSS compliance programs
- Navigate emerging regulations like DORA, DPDPA, or NIS2
README excerpt
# Claude Skills for Governance, Risk & Compliance (GRC) Expert-level compliance guidance for ISO 27001, SOC 2, FedRAMP, GDPR, HIPAA, NIST CSF, PCI DSS, TSA Cybersecurity, ISO 42001 AI Management System, ISO 27701 Privacy Information Management, DORA Digital Operational Resilience, India's Digital Personal Data Protection Act (DPDPA), CMMC 2.0 Cybersecurity Maturity Model Certification, NIST AI Risk Management Framework, SWIFT Customer Security Programme (CSP), Australian Information Security Manual (ISM), EU NIS2 Directive, CCPA/CPRA California Privacy, ITAR (International Traffic in Arms Regulations), Brazil's LGPD (Lei Geral de Proteção de Dados), EU CSRD (Corporate Sustainability Reporting Directive), CIS Controls v8 (CIS Top 18), EAR (Export Administration Regulations), NIST SP 800-53 (Security and Privacy Controls for Federal Systems), EU AI Act (Regulation (EU) 2024/1689), Section 508 (US Federal ICT Accessibility), WCAG (Web Content Accessibility Guidelines), NZISM (New Zealand Information Security Manual), Vietnam PDPL (Law on Personal Data Protection No. 91/2025/QH15), and EU CRA (Cyber Resilience Act, Regulation (EU) 2024/2847) — powered by Claude Skills. Benchmarked across 150 test cases (5 per framework) using the eval framework — each graded against 5 verifiable assertions by independent agents. Skills scored **96%** vs a baseline of **81%** across 675 total assertions. [](../../releases/tag/v1.2.0) [](LICENSE) [](#the-skills) [](https://claude.ai) [![GitHub Stars](https: