Is this useful for internal or external audits?

It is designed for both, providing tools for internal gap analysis as well as coordination support for external certification body audits.

Can it help with technical security testing?

Yes, it integrates technical vulnerability assessment and penetration testing coordination into the broader ISMS audit framework.

Does this skill support frameworks other than ISO 27001?

While centered on ISO 27001, it includes methodologies for HIPAA, PCI DSS, NIST CSF, and sector-specific cybersecurity requirements.

How does it handle cloud security environments?

It includes a dedicated approach for assessing cloud configurations, data residency, and verifying the shared responsibility model across major CSPs.

ISMS Audit Expert

Name: ISMS Audit Expert
Author: alirezarezvani

byalirezarezvani

•

1,039

•

安全与测试

Conducts comprehensive Information Security Management System (ISMS) audits and ensures ISO 27001 compliance with expert-level methodologies.

This skill transforms Claude into a senior ISMS audit consultant, providing deep expertise in ISO 27001 and ISO 27002 frameworks. It assists with the entire audit lifecycle—from risk-based program planning and security control assessment to technical vulnerability integration and external certification preparation. Whether you are conducting internal audits, preparing for regulatory inspections like HIPAA or PCI DSS, or managing cloud security compliance, this skill provides the structured workflows, documentation templates, and technical testing guidance needed to maintain a robust and compliant security posture.

主要功能

011,039 GitHub stars

02Preparation support for external certification and regulatory compliance inspections

03ISO 27001/27002 audit program management and risk-based planning

04Integration of vulnerability assessments and penetration testing into audit workflows

05Technical security control assessment across organizational, physical, and operational domains

06Cloud security auditing for shared responsibility models and CSP configurations

使用场景

01Preparing an organization for an upcoming ISO 27001 Stage 1 or Stage 2 certification audit

02Developing a risk-based security audit schedule and automated compliance reporting

03Conducting periodic internal ISMS audits to identify security gaps and prioritize remediation

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add alirezarezvani/claude-skills isms-audit-expert

For use in Claude.ai and ChatGPT

Download Skill