iso27001-compliance
1
总安装量
1
周安装量
#53889
全站排名
安装命令
npx skills add https://github.com/bagelhole/devops-security-agent-skills --skill iso27001-compliance
Agent 安装分布
opencode
1
codex
1
claude-code
1
Skill 文档
ISO 27001 Compliance
Implement ISO 27001 Information Security Management System.
ISMS Framework
plan_do_check_act:
plan:
- Define scope
- Risk assessment
- Risk treatment plan
- Statement of Applicability
do:
- Implement controls
- Security awareness
- Document procedures
check:
- Internal audits
- Management review
- Performance measurement
act:
- Corrective actions
- Continual improvement
Annex A Controls
control_domains:
A.5: Information security policies
A.6: Organization of information security
A.7: Human resource security
A.8: Asset management
A.9: Access control
A.10: Cryptography
A.11: Physical security
A.12: Operations security
A.13: Communications security
A.14: System acquisition/development
A.15: Supplier relationships
A.16: Incident management
A.17: Business continuity
A.18: Compliance
Risk Assessment
risk_assessment:
identify:
- Asset inventory
- Threat identification
- Vulnerability assessment
analyze:
- Likelihood rating
- Impact rating
- Risk calculation
evaluate:
- Risk acceptance criteria
- Prioritization
- Treatment options
Best Practices
- Management commitment
- Risk-based approach
- Document everything
- Regular internal audits
- Continuous improvement