What is 'Compliance by Design' in this context?

Compliance by Design means building security and privacy requirements—like data classification and audit trails—into features from the initial development phase rather than treating them as an afterthought.

Can this skill help implement GDPR data rights?

Yes, it includes patterns for Data Subject Access Requests (DSARs), including workflows for data erasure, portability endpoints, and rectification mechanisms.

How does this skill help with SOC 2 audits?

It provides standardized mappings between SOC 2 Trust Services Criteria and specific technical controls, helping developers design the necessary logging, encryption, and access controls needed for audit evidence.

Does this skill automate compliance reporting?

While it doesn't generate final audit reports, it provides the implementation patterns and evidence collection templates required to satisfy auditors during the reporting period.

Compliance Frameworks & Security Patterns

Name: Compliance Frameworks & Security Patterns
Author: ai-enhanced-engineer

byai-enhanced-engineer

0•

安全与测试

Implements security and privacy compliance patterns for SOC 2 and GDPR within B2B SaaS development workflows.

The Compliance Frameworks skill provides domain-specific guidance for architecting and maintaining B2B SaaS applications that meet rigorous global security and privacy standards. It streamlines the path to SOC 2 Type II readiness and GDPR adherence by offering standardized control patterns, data handling workflows, and automated evidence collection strategies. By integrating compliance directly into the development lifecycle, this skill helps teams conduct gap analyses, design audit-ready controls, and maintain a 'compliance-by-design' posture across their entire codebase.

主要功能

01Automated evidence collection templates for infrastructure and application logs

02Compliance-by-design patterns for data classification and audit logging

03SOC 2 Trust Principle mapping for security, availability, and privacy

04Security-sensitive PR checklists to prevent common vulnerabilities

050 GitHub stars

06GDPR data subject rights implementation patterns (Erasure, Portability, Access)

使用场景

01Preparing for a SOC 2 Type II audit by mapping technical controls to audit requirements.

02Conducting a compliance gap analysis on existing SaaS architecture to identify security risks.

03Implementing GDPR-compliant workflows for data deletion and machine-readable exports.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add ai-enhanced-engineer/aiee-team compliance-frameworks

For use in Claude.ai and ChatGPT

Download Skill