Enterprise Compliance Architect

关于

The Compliance Architecture Expert skill provides specialized guidance for designing and maintaining systems in highly regulated industries. It offers a comprehensive framework for implementing technical controls across serverless and cloud architectures, specifically focusing on SOC 2 Type II, HIPAA, GDPR, and PCI-DSS standards. By providing actionable checklists, security misconfiguration warnings, and audit-ready patterns for AWS, Azure, and GCP, this skill helps development teams ensure data protection and regulatory alignment from the initial design phase through to production deployment.

主要功能

• SOC 2 Type II controls for serverless and SaaS environments
• Security misconfiguration warnings for IAM, S3, and Secrets Management
• PCI-DSS tokenization and network segmentation strategies
• HIPAA-compliant architecture patterns for healthcare data
• 81 GitHub stars
• GDPR data residency and 'Right to Erasure' implementation guides

使用场景

• Implementing GDPR-mandated data localization and deletion workflows
• Preparing a cloud-native SaaS application for a SOC 2 Type II audit
• Designing a HIPAA-compliant backend for medical data processing