# Skills tagged "Audit" 19 skills with this tag. URL: https://rakenne.app/skill-tags/audit/index.md - [BCP Audit Evidence Pack](https://rakenne.app/skills/bcp-audit-evidence-pack/index.md) — Create a consolidated Business Continuity Evidence Pack for SOC 2, ISO 22301, or ISO 27001 audits. Combines BIA summary, RTO/RPO targets, recovery plans, DR test matrix, and auditor checklist into a … - [CAPA Report](https://rakenne.app/skills/capa-report/index.md) — Corrective and Preventive Action reports for audit non-conformities. Enforces 5 Whys root cause analysis and a future Effectiveness Check date (ISO 9001 / ISO 13485). - [GDPR Vendor & Processor Audit (Art. 28)](https://rakenne.app/skills/gdpr-vendor-processor-audit/index.md) — Plan and document processor audits under GDPR Art. 28(3)(h). Covers Art. 28(3)(a-h) contract compliance, sub-processor chain review, international transfer assessment (SCCs, adequacy, BCRs, TIA), Art. … - [HITRUST CSF Assessment](https://rakenne.app/skills/hitrust-csf-assessment/index.md) — Draft HITRUST CSF Validated Assessment deliverables for e1, i1, or r2 certification: control requirement responses at all maturity levels, evidence artifacts, Corrective Action Plans, and the … - [ISO 20000 Gap Assessment](https://rakenne.app/skills/iso20000-gap-assessment/index.md) — Assess current service management maturity against all ISO/IEC 20000-1:2011 requirements (Clauses 4-9). Evaluates 15 clause areas on a 0-5 maturity scale, documents gaps with remediation actions, and … - [ISO 27701 PIMS Internal Audit](https://rakenne.app/skills/iso27701-pims-internal-audit/index.md) — Plan and document a PIMS-specific internal audit. Covers audit planning, execution checklist, findings, nonconformities, and corrective actions focused on privacy controls and PII processing … - [ISO 45001 Gap Assessment](https://rakenne.app/skills/ohsms-gap-assessment/index.md) — Perform a structured gap assessment against ISO 45001:2018 clauses 4-10. Scans for missing OHSMS documentation, rates clause maturity on a 0-5 scale, and produces a prioritized remediation roadmap for … - [Maturity Level Assessor (COBIT MEA01)](https://rakenne.app/skills/maturity-level-assessor/index.md) — Draft maturity score justification (0–5) for COBIT objectives. Supports the board dashboard narrative. Includes evidence sufficiency audit for Level 4 claims. - [SOC 2 Audit Readiness Planner](https://rakenne.app/skills/soc2-audit-readiness-planner/index.md) — Guided journey dashboard across all SOC 2 skills. Detects which skills have produced their expected outputs, shows progress across 4 phases (Foundation, Assessment, Documentation, Validation), and … - [SOC 2 Control Narrative Author](https://rakenne.app/skills/soc2-control-narrative-author/index.md) — Guided elaboration of SOC 2 readiness documentation: control narratives aligned to AICPA Trust Services Criteria (Security, Availability, Processing Integrity, Confidentiality, Privacy), … - [SOC 2 Internal Audit](https://rakenne.app/skills/soc2-internal-audit/index.md) — Conduct an internal readiness audit for SOC 2 certification. Tests controls per TSC criteria, classifies findings by AICPA severity (Material Weakness, Significant Deficiency, Deficiency, … - [SOC 2 Monitoring & Testing](https://rakenne.app/skills/soc2-monitoring-testing/index.md) — Build an ongoing monitoring and testing program for SOC 2 audit readiness. Creates a control testing plan with method, frequency, and tester assignments; an evidence collection matrix mapping controls … - [SOC 2 Organization Profile](https://rakenne.app/skills/soc2-organization-profile/index.md) — Build and validate the organizational context profile for SOC 2 audit readiness. Captures principal service commitments, system requirements (SCSR), trust services categories, system boundaries, … - [SOC 2 Policy Generator](https://rakenne.app/skills/soc2-policy-generator/index.md) — Generate Trust Services Criteria-aligned policy documents for SOC 2 audit readiness. Produces 8 core policies (Information Security, Access Control, Change Management, Incident Response, Risk … - [SOC 2 Policy Review](https://rakenne.app/skills/soc2-policy-review/index.md) — Interactive statement-by-statement review of SOC 2 policy documents. Walks through each policy statement with approve, reject, or AI rewrite options. Produces a timestamped audit trail that satisfies … - [SOC 2 Readiness Gap Analysis](https://rakenne.app/skills/soc2-readiness-gap-analysis/index.md) — Map internal controls against AICPA Trust Services Criteria (Security, Availability, Processing Integrity, Confidentiality, Privacy). Identifies unmapped criteria, validates evidence artifacts and … - [SOC 2 System Description & Management Assertion](https://rakenne.app/skills/soc2-system-description/index.md) — Draft the SOC 2 system description narrative (Section III) and management assertion letter per AICPA Trust Services Criteria (TSP Section 100) and DC Section 200 description criteria. Covers system … - [SOC 2 Vendor Management](https://rakenne.app/skills/soc2-vendor-management/index.md) — Establish third-party and subservice organization oversight for SOC 2 audit readiness. Risk-tiered assessment framework with vendor register, SOC report review validation, CSOCs validation, and tiered … - [SOX Section 404 — Internal Control over Financial Reporting Narrative](https://rakenne.app/skills/sox-icfr-control-narrative/index.md) — Draft and validate management's assessment of Internal Control over Financial Reporting (ICFR) per SOX §404, aligned to the COSO 2013 framework and PCAOB AS 2201. Produces process narratives, … --- Back to [All Tags](https://rakenne.app/skill-tags/) | [Skill Library](https://rakenne.app/skills/)