Skills
skills/spjoshis/claude-code-plugins/compliance-management

compliance-management

SKILL.md

Compliance Management

Ensure compliance with security regulations and standards through proper controls, documentation, and audit preparation.

When to Use This Skill

  • Audit preparation
  • Compliance certification
  • Risk assessments
  • Policy development
  • Control implementation
  • Vendor assessments
  • Compliance reporting
  • Regulatory requirements

Core Concepts

1. GDPR Compliance Checklist

# GDPR Compliance Checklist

## Lawful Basis
- [ ] Document lawful basis for processing
- [ ] Obtain consent where required
- [ ] Provide clear privacy notice

## Data Subject Rights
- [ ] Right to access (data export)
- [ ] Right to rectification (data correction)
- [ ] Right to erasure (data deletion)
- [ ] Right to portability (data download)
- [ ] Right to object (opt-out)

## Data Protection
- [ ] Encryption in transit (TLS 1.2+)
- [ ] Encryption at rest
- [ ] Access controls
- [ ] Data minimization
- [ ] Retention policies

## Accountability
- [ ] Privacy by design
- [ ] Data Protection Impact Assessment (DPIA)
- [ ] Data processing agreements (DPAs)
- [ ] Breach notification process (<72 hours)
- [ ] Data protection officer (if required)

## Documentation
- [ ] Record of processing activities
- [ ] Privacy policy
- [ ] Cookie policy
- [ ] Data breach procedures

2. SOC 2 Control Framework

# SOC 2 Trust Service Criteria

## Security (Required)
- Access controls
- Encryption
- Firewall management
- Intrusion detection
- Vulnerability management
- Incident response

## Availability
- System monitoring
- Backup procedures
- Disaster recovery
- Capacity planning

## Processing Integrity
- Data validation
- Error handling
- Quality assurance

## Confidentiality
- Access restrictions
- Encryption
- Non-disclosure agreements

## Privacy
- Consent management
- Data retention
- Third-party sharing

Best Practices

  1. Gap analysis - Current vs required state
  2. Document policies - Clear, comprehensive
  3. Implement controls - Technical and operational
  4. Train staff - Awareness and procedures
  5. Continuous monitoring - Ongoing compliance
  6. Regular audits - Internal and external
  7. Remediation tracking - Close gaps systematically
  8. Evidence collection - Audit-ready documentation

Resources

  • GDPR.eu: Official GDPR resource
  • SOC 2 Academy: SOC 2 compliance guide
  • ISO 27001 Toolkit: Implementation guide
Weekly Installs
2
Repository
spjoshis/claude…-plugins
GitHub Stars
3
First Seen
Feb 21, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
Installed on
opencode2
gemini-cli2
claude-code2
github-copilot2
codex2
kimi-cli2