soc2-compliance
1
总安装量
1
周安装量
#55097
全站排名
安装命令
npx skills add https://github.com/bagelhole/devops-security-agent-skills --skill soc2-compliance
Agent 安装分布
opencode
1
codex
1
claude-code
1
Skill 文档
SOC 2 Compliance
Implement SOC 2 Trust Services Criteria for certification.
Trust Services Criteria
criteria:
security:
- Access controls
- Change management
- Risk assessment
- Incident response
availability:
- System monitoring
- Disaster recovery
- Capacity planning
- SLA management
processing_integrity:
- Input validation
- Processing completeness
- Output accuracy
confidentiality:
- Data classification
- Encryption
- Access restrictions
privacy:
- Data collection notice
- Consent management
- Data retention
Key Controls
controls:
CC6.1_logical_access:
- MFA enforcement
- Role-based access
- Access reviews
CC7.2_monitoring:
- Log aggregation
- Alert thresholds
- Incident tracking
CC8.1_change_management:
- Change requests
- Approval workflows
- Testing requirements
Evidence Collection
# Access review export
aws iam generate-credential-report
aws iam get-credential-report
# Audit logs
aws cloudtrail lookup-events --start-time $(date -d '30 days ago' --iso)
Best Practices
- Continuous compliance monitoring
- Annual risk assessments
- Regular control testing
- Documentation maintenance