Compliance

Skill packages tagged with “Compliance”

Accreditation self-study section

Draft and validate accreditation self-study sections (criterion ID, narrative, evidence reference) for audit.

Education Accreditation Self-study Compliance

ADR Dangerous Goods Transport Documentation

Draft and validate transport documentation for the carriage of dangerous goods by road under ADR. Covers transport document §5.4.1, packing certificate, emergency information, and instructions in writing.

ADR Dangerous Goods Transport EU Compliance

Learn More

Aged Care Quality Compliance

Draft and validate Quality Care Advisory Body reports and Continuous Improvement plans for Australian aged care. Aligns with the Aged Care Quality Standards and SIRS (Serious Incident Response Scheme). Includes SIRS notification validation and standards mapping for clinical outcomes.

Australia Aged Care Compliance Aged Care Quality Standards SIRS Quality Care Advisory Body Continuous Improvement

Learn More

AI Bias Narrative Auditor

Document risk, bias, and transparency for Algorithmic Impact Assessment (AIA). Critique Human-in-the-loop descriptions against EU AI Act Art. 14 and Canadian Directive thresholds; verify dataset provenance and copyright/privacy compliance.

EU AI Act Algorithmic Impact Assessment Compliance Bias Human oversight Canadian Directive Data governance

Learn More

AI Risk & Transparency Auditor

Draft and validate a Fundamental Rights Impact Assessment (FRIA) for high-risk AI systems under the EU AI Act. Validates Instructions for Use against Art. 13 transparency requirements and audits technical documentation for bias mitigation and data governance per Art. 10.

AI Compliance EU AI Act Transparency Bias Governance Validation

Learn More

Alcohol Licensing (Operating Schedules)

Draft Operating Schedules for UK Premises Licence applications under the Licensing Act 2003. Covers licensable activities, times, premises description, and steps to promote the four licensing objectives for bars, restaurants, hotels and hospitality.

Licensing Act 2003 UK Hospitality Compliance Alcohol

Learn More

AML Program Manual

Draft and validate an Anti-Money Laundering Program Manual covering KYC, transaction monitoring, sanctions screening, and SAR/STR filing. Aligned with FATF Recommendations and the EU 6th Anti-Money Laundering Directive (6AMLD). Includes red_flag_library for industry-specific transaction monitoring indicators and sanctions_list_frequency_check to validate screening cadences against risk appetite.

AML FATF 6AMLD Compliance Finance KYC Sanctions Transaction Monitoring

Learn More

AML/CTF Program (AUSTRAC)

Create and validate Part A and Part B of the Anti-Money Laundering and Counter-Terrorism Financing Program for Australian reporting entities. Covers risk management, CDD, transaction monitoring, SMR, and Safe Harbour verification procedures for individual customers. Works with austrac_risk_profiler for customer risk; includes kyc_procedure_audit to flag missing Safe Harbour steps.

AUSTRAC Australia AML CTF Compliance Finance KYC Safe Harbour

Learn More

Annex 1 CCS Validator

Draft and validate a Contamination Control Strategy (CCS) for pharmaceutical sterile manufacturing per EU GMP Annex 1 (2023). Maps cleanroom classifications to grades A/B/C/D, validates environmental monitoring limits against the stricter 2023 microbial thresholds, and checks airflow patterns, pressure cascades, and CCS element coverage.

Pharmaceutical Manufacturing GMP Compliance Validation EU GMP Annex 1

Learn More

AOP/AOC Cahier des Charges

Maintain and update Cahier des Charges for French AOP/AOC protected designations (INAO). Validates geographical area and production methods in specifications and audits AOP/AOC logo and mandatory mentions on packaging drafts.

Agriculture France INAO AOP AOC Compliance Cahier des Charges Labelling Agri-food

Learn More

AS9100 Procedure Author

Guided elaboration of AS9100-aligned procedures and risk-based thinking documentation: quality manual sections, process procedures (design, purchasing, production, NCM), and key objective evidence for AS9100 Rev D.

AS9100 Aerospace Defense QMS Compliance

Learn More

ASME Design Spec Author

Guided elaboration of design and construction documentation per ASME BPVC or B31 — design basis, material selection, weld and NDE requirements, pressure/temperature limits.

ASME Pressure Equipment Piping Design Compliance

Learn More

ASTM Material Spec Author

Guided elaboration of material specifications and test/acceptance documentation that reference ASTM standards — material designation, test methods, acceptance criteria, and COC requirements.

ASTM Materials Test Methods Compliance Specifications

Learn More

Auditoría de Conformidad EIA

Valida Estudios de Impacto Ambiental (EsIA) frente a los umbrales regionales y nacionales de la Ley 21/2013 de evaluación ambiental (España): matriz de impacto, medidas preventivas y correctoras, Programa de Vigilancia Ambiental.

Spain Environment EIA Ley 21/2013 Infrastructure Compliance Regulated Sector

Learn More

Auditoria de Rotulagem de Alimentos e Suplementos

Revisão completa de arte e tabelas nutricionais frente à regulamentação ANVISA. Valida aplicação da Lupa (excesso de açúcar, sódio ou gordura saturada), formato da tabela nutricional (ordem dos nutrientes, %VD, porções), avisos ALÉRGICOS: CONTÉM... (caixa alta, negrito, posicionamento, 2 mm), e requisitos específicos de suplementos alimentares (designação, frases obrigatórias, alegações, advertências). Mercado: indústria de alimentos e suplementos. Regulação: ANVISA — RDC 429/2020, IN 75/2020, RDC 727/2022, RDC 243/2018, IN 28/2018.

ANVISA Food Industry Supplements Labelling Compliance Brazil Nutritional labelling Allergens RDC 429 RDC 243 IN 75 IN 28

Learn More

B Corp Policy Evidence Author

Guided elaboration of B Corp BIA support documentation — policy evidence and narratives for Governance, Workers, Community, Environment, and Customers; improvement plans for low-scoring areas.

B Corp BIA Sustainability Certification Compliance

Learn More

BCB 520/2025 — PSAVs: Funcionamento e Compliance

Elaboração e revisão de documentação de funcionamento, proteção ao cliente, AML, governança, segurança e supervisão prudencial das PSAVs.

BACEN BCB VASP PSAV Compliance AML Brazil

Learn More

BCMS BIA & Plan Author

Guided elaboration of BCMS documentation for ISO 22301: business impact analysis (BIA), risk assessment for disruption, continuity strategies, and BC/DR plans with RTO/RPO. Verifies critical activities have RTO/RPO and recovery options and flags missing dependency or SPOF notes.

Business Continuity ISO 22301 BCMS BIA RTO RPO Compliance

Learn More

BEP & EIR Elaborator

Guided elaboration of BIM Execution Plan (BEP), OIR/AIR/PIR, EIR, and exchange information requirements per ISO 19650. Verifies required BEP sections and that deliverables map to project stages and responsibility matrix.

BIM ISO 19650 Construction Information Management Compliance

Learn More

Board Committee Charters

Define and review board committee charters (Audit, Risk, Compensation) with clear scope and responsibilities aligned to NYSE, NASDAQ, and LSE listing rules. Detects overlapping responsibilities and gaps in oversight; validates quorum and voting rules against local corporate law.

Governance Compliance Listing Rules Audit Committee Risk Committee Compensation Committee

Learn More

Business Ethics & Code of Conduct

Draft and validate Codes of Conduct as the high-level cultural guide for employee behavior. Creates industry-specific ethical-dilemma Scenario boxes (e.g. facilitation payments, conflicts of interest, gifts) and validates readability for a global workforce. Aligned with Federal Sentencing Guidelines (USA) and Sapin II (France).

Ethics Compliance Code of Conduct Federal Sentencing Guidelines Sapin II Governance

Learn More

Business Impact Analysis (BIA)

Conduct structured Business Impact Analyses per ISO 22301. Guides interviews, maps process dependencies, determines RTO/RPO targets, and validates consistency across the dependency chain with automated tools that flag timing conflicts and circular dependencies.

Business Continuity Risk Management ISO 22301 Compliance

Learn More

Canada Privacy & PIA

Guide to Canadian privacy law (PIPEDA, provincial private-sector laws, Bill C-27 status) and Privacy Impact Assessments for federal and private-sector data handling. Use with privacy_impact_validator to elaborate PIAs.

Canada Privacy PIPEDA CPPA Bill C-27 PIA Compliance

Learn More

CCPA/CPRA Privacy Program — Compliance Documentation Package

Draft and validate the core privacy compliance documentation package required under the California Consumer Privacy Act as amended by CPRA. Covers the privacy policy, DSAR procedures, data inventory, privacy impact assessment, opt-out mechanisms, and service provider/contractor agreements.

CCPA CPRA Privacy California Compliance Data Protection DSAR

Learn More

CE Technical File Author

Guided elaboration of CE technical documentation and Declaration of Conformity (DoC): applicable directives/regulations (e.g. RED, LVD, EMC, MDR, IVDR, Machinery), risk assessment, essential requirements checklist, and DoC content per product.

CE Marking EU Compliance Technical Documentation Declaration of Conformity

Learn More

CFPB — Consumer Complaint Response & UDAAP Compliance

Draft and validate consumer complaint management programme and UDAAP compliance documentation for CFPB-supervised entities. Covers complaint response timelines, UDAAP risk assessment, fair lending, and board reporting.

CFPB UDAAP United States Financial Services Compliance

Learn More

Charities Governance Code Compliance

Prepare the Charities Governance Code Compliance Record Form for the annual report to the Charities Regulator (Ireland). Aligns board minutes and policies with the six core principles and validates trustee term limits and rotation in the constitution.

Ireland Governance Charities Compliance Non-Profit Regulator

Learn More

Chemical Safety (SDS Author)

Author and validate Safety Data Sheets (SDS / FISPQ) compliant with REACH Annex II, GHS, CLP Regulation, and ABNT NBR 14725-4 for EU and Brazilian markets. Validates the 16 mandatory sections and cross-checks chemical concentrations against CLP thresholds to auto-suggest H and P phrases.

Chemicals Compliance REACH GHS NBR 14725 Safety Validation Brazil European Union

Learn More

CIS Controls Implementation Author

Guided elaboration of CIS Controls v8 implementation plan — safeguard selection, IG1/IG2/IG3 alignment, and mapping to existing policies or controls.

CIS Controls Cybersecurity Implementation Compliance

Learn More

Clinical Report Writing

Write comprehensive clinical reports including case reports (CARE guidelines), diagnostic reports (radiology, pathology, lab), clinical trial reports (ICH-E3, SAE, CSR), and patient documentation (SOAP notes, H&P, discharge summaries). Includes regulatory compliance and validation tools.

Healthcare Reports Compliance

Learn More

Clinical Trial Protocol (ICH E6(R3) GCP)

Draft and validate clinical trial protocols per ICH E6(R3) Good Clinical Practice and ICH E8(R1) General Considerations for Clinical Studies. Ensures the protocol contains all required elements for ethics committee / IRB submission and regulatory filing (EMA, FDA IND, ANVISA).

Healthcare Clinical Trials Compliance ICH GCP

Learn More

CMMC Assessment Scoping

Define CMMC assessment scope, authorization boundary, and network architecture for Level 1 or Level 2. Documents in-scope assets and network diagram narrative for the SSP.

CMMC NIST DoD Compliance Scoping

Learn More

CMMC Asset Inventory

Create and maintain the CMMC asset inventory: CUI assets, security protection assets, and contractor risk-managed assets for assessment scope.

CMMC NIST DoD Compliance Asset Inventory

Learn More

CMMC Plan of Action & Milestones

Draft and validate the CMMC POA&M: track control deficiencies, remediation plans, owners, and due dates for Conditional Level 2 or Level 3.

CMMC NIST DoD Compliance POA&M

Learn More

CMMC Policies and Procedures

Draft CMMC-aligned security policies and procedures for all NIST 800-171 domains: Access Control, Audit, Awareness, Configuration Management, and others.

CMMC NIST DoD Compliance Policies

Learn More

CMMC Readiness Gap Analysis

Map controls to NIST SP 800-171 practices, identify CMMC coverage gaps, and build a prioritized remediation roadmap for Level 1 or Level 2.

CMMC NIST DoD Compliance Gap Analysis

Learn More

CMMC System Security Plan

Draft and validate the CMMC SSP for Level 1 or Level 2: system description, boundary, and implementation narratives for each NIST 800-171 practice with evidence pointers.

CMMC NIST DoD Compliance SSP

Learn More

CMS Obligations Elaborator

Guided elaboration of CMS documentation for ISO 37301: compliance obligations register, compliance risk assessment, compliance policy and objectives, and controls mapping. Ensures each obligation has controls and review date and flags high compliance risks without mitigation.

Compliance Management ISO 37301 CMS Compliance Risk

Learn More

Codex Product & Labelling Author

Guided elaboration of product standards or labelling documentation aligned to Codex commodity standards, General Standard for Labelling, or Codex guidelines. Complements HACCP skill (Codex 7 principles).

Codex Alimentarius Labelling Food Compliance HACCP

Learn More

Contrato com Operador — LGPD (Art. 39 e 42)

Elaboração de contrato ou cláusulas entre controlador e operador de dados pessoais nos termos dos Art. 39 e 42 da LGPD. Cobre instruções do controlador, medidas de segurança, suboperadores, incidentes e responsabilidade. Inclui validação dos itens mínimos recomendados.

LGPD ANPD Contrato Operador Art. 39 Art. 42 Compliance Brasil Privacidade

Learn More

CQC Statement of Purpose

Draft, update, and validate the legally required Statement of Purpose for CQC-registered healthcare providers in England. Maps service descriptions to the Five Key Questions (Safe, Effective, Caring, Responsive, Well-led) and validates regulated activities against CQC registration categories. Covers care homes, GP practices, dental surgeries, domiciliary care, and hospitals.

Healthcare CQC Compliance United Kingdom Care Homes Statement of Purpose

Learn More

Credenciamento Open Finance (PSTI)

Documentação técnica e validação de conformidade para Provedores de Serviços de Tecnologia da Informação no Open Finance Brasil (BCB, Res. 10/2026). Mapeia arquitetura de segurança e compara a API do cliente com o manual técnico do diretório central.

Open Finance PSTI BCB Fintech Compliance API Brazil

Learn More

CRICOS Provider Registration

Prepare the Quality Management System for CRICOS registration in Australia. Covers Cancellation of Enrolment policy and the mandatory 20-day appeal period (National Code 2018); validates policy with validate_cancellation_appeal_period. Complements student support and attendance (cricos_compliance_shield).

Australia Compliance International Education CRICOS ASQA TEQSA National Code 2018

Learn More

Data Privacy — AIPD (CNIL Standard)

Conduct a Privacy Impact Assessment (AIPD) under the CNIL standard for France (RGPD). Three-step methodology: Context, Principles, Risks. Validates retention periods against CNIL 'droit à l'oubli' (right to erasure).

RGPD CNIL AIPD Privacy Data Protection France Compliance Droit à l'oubli

Learn More

Data Processing Agreement (DPA) — SCC & sub-processor sync

Draft the legal annex for DPAs governing controller–processor data transfers under GDPR and CCPA. Inserts the correct Standard Contractual Clauses by data importer country and validates sub-processor list against the privacy portal.

GDPR CCPA DPA Privacy Standard Contractual Clauses Sub-processors Data Protection Compliance

Learn More

Design Dossier Elaborator

Guided elaboration of design dossier, technical file, or device master record sections for medical devices: risk summary, essential principles (GSPR), labelling, and traceability to risk file and standards per MDR Annex II/III and FDA design control.

Medical Devices ISO 13485 EU MDR FDA Technical Documentation Compliance

Learn More

DPC GDPR Accuracy and Retention

Accuracy and retention for DPC self-assessment: purpose limitation, minimisation, accuracy, retention policies, secure destruction, and no unregulated duplication.

DPC GDPR Ireland Compliance

Learn More

DPC GDPR Breach Notification

Breach notification and response under Ireland DPC and GDPR Art. 33–34: 72h to DPC, data subject communication for high risk, risk levels, form, and internal record.

DPC GDPR Ireland Compliance Breach

Learn More

DPC GDPR Certification

GDPR certification under Ireland DPC and Art. 42–43: DPC-approved criteria, INAB-accredited certification bodies, and documentation for certification readiness.

DPC GDPR Ireland Compliance Certification

Learn More

DPC GDPR Controller Obligations

Other controller obligations for DPC checklist: processor/supplier agreements (Art. 27–29), DPO (37–39), DPIA (35).

DPC GDPR Ireland Compliance

Learn More

DPC GDPR Data Breaches (Self-Assessment)

Breach preparedness for DPC checklist: incident response plan, procedures to notify DPC and individuals, documentation, and cooperation. For actual notification use DPC GDPR Breach Notification skill.

DPC GDPR Ireland Compliance Breach

Learn More

DPC GDPR Data Security

Data security (Art. 32) for DPC self-assessment: risk assessment, technical and organisational measures, encryption, recovery, and secure destruction.

DPC GDPR Ireland Compliance Security

Learn More

DPC GDPR Data Subject Rights

Data subject rights (Art. 15–23) for DPC self-assessment: SAR, portability, deletion/rectification, restriction, object, profiling, and restrictions.

DPC GDPR Ireland Compliance Data subject rights

Learn More

DPC GDPR International Transfers

International data transfers (Art. 44–50) for DPC self-assessment: adequacy, SCCs, documentation, and transparency to data subjects.

DPC GDPR Ireland Compliance International transfers

Learn More

DPC GDPR Personal Data (Legal Basis)

Personal data for DPC self-assessment: consent (Art. 7–9), children (Art. 8), and legitimate interest assessment.

DPC GDPR Ireland Compliance Consent

Learn More

DPC GDPR Readiness

GDPR readiness and self-assessment aligned to the Ireland DPC Self-Assessment Checklist: data mapping, legal basis, retention, and links to the eight detailed checklist areas.

DPC GDPR Ireland Compliance Self-assessment

Learn More

DPC GDPR Transparency

Transparency (Art. 12–14) for DPC self-assessment: information to data subjects, Art. 13/14 lists, and proactive rights information.

DPC GDPR Ireland Compliance Transparency

Learn More

Ecocert Scope Author

Guided elaboration of Ecocert (or equivalent) certification application and scope documentation — scope of operation, input lists, conversion plan (if applicable), and traceability/CoC for organic or ethical claims.

Ecocert Organic Certification Sustainability Compliance

Learn More

eCTD Cross-Module Verifier

Verify consistency and data integrity of eCTD pharmaceutical dossiers. Cross-checks Module 2 (Summaries) against Module 5 (Clinical Study Reports) to ensure study references, p-values, N-counts, endpoints, and safety data are aligned before regulatory submission to FDA, EMA, or PMDA.

Healthcare Pharmaceutical Regulatory Compliance ICH GCP FDA

Learn More

EMS Context & Obligations Author

Guided elaboration of EMS context, environmental aspects/impacts, compliance obligations register, and environmental objectives and plans for ISO 14001. Ensures significant aspects are linked to obligations and objectives and flags obligations without review date or compliance evidence.

Environmental Management ISO 14001 EMS Compliance Obligations

Learn More

EN Conformity Documentation Author

Guided elaboration of conformity documentation for products or systems against selected EN (or ETSI) standards — scope, normative references, conformity route, and clause-by-clause or test-based evidence.

CEN CENELEC ETSI EN Standards Compliance EU

Learn More

Encarregado (DPO) — LGPD (Art. 41)

Documentação e divulgação do encarregado (DPO) nos termos do Art. 41 da LGPD. Cobre designação, canal público, atribuições perante titulares e ANPD, e integração com política de privacidade e registro de operações.

LGPD ANPD Encarregado DPO Art. 41 Compliance Brasil Privacidade

Learn More

EnMS Energy Review Author

Guided elaboration of EnMS documentation for ISO 50001: energy review, baseline, EnPIs, objectives and action plans. Ensures baseline and EnPIs have scope and units and flags objectives without measurement method or review period.

Energy Management ISO 50001 EnMS EnPI Compliance

Learn More

Environmental Referrals (EPBC Act)

Draft Referral of Proposed Action for developments affecting matters of national environmental significance (MNES) under the EPBC Act. Covers Ramsar wetlands, threatened species, mitigation and offsets, and DCCEEW submission. Australia; land development and infrastructure.

Australia EPBC Act DCCEEW Environment Land Development Infrastructure Regulatory Compliance

Learn More

ERISA Summary Plan Description (SPD)

Draft and validate the Summary Plan Description required by ERISA §102 for employee benefit plans. Covers plan identification, participation, benefits, claims procedure, and ERISA rights per 29 CFR §2520.102-3.

ERISA Benefits Pensions United States Compliance

Learn More

ESG Report (CSRD / ISSB)

Compile Environmental, Social, and Governance reports aligned with CSRD/ESRS and ISSB/IFRS S1-S2. Guides double materiality assessment, GHG emissions accounting (Scope 1, 2, 3), and structured report drafting with automated validation tools that check materiality logic and emissions math against GHG Protocol standards.

Sustainability Compliance CSRD ISSB GHG Protocol Environment

Learn More

Export Control Redactor

Scan technical manuals for ITAR-controlled Defense Articles on the USML and flag content requiring export licenses. For USA defense sector; supports USML category tagging, Technical Data identification, ITAR vs EAR jurisdiction analysis, and redaction recommendations for export license submissions.

Defense Aerospace ITAR EAR Export Control USML Compliance

Learn More

Fairtrade CoC Author

Guided elaboration of Fairtrade supply chain and Chain of Custody (CoC) documentation — product scope, trader license scope, CoC procedures, and mass balance or physical separation evidence.

Fairtrade Chain of Custody Supply Chain Certification Compliance

Learn More

FAR Clause Analyzer

Ensure federal contract proposals contain mandatory FAR and agency-supplement clauses. For USA government contracting; supports prime and subcontract proposals under the Federal Acquisition Regulation, with contract-type and threshold-aware analysis.

Version: 1.0.0
Author: Rakenne

Government Procurement FAR Compliance Federal DFARS

Learn More

FDA Submission Wizard

Draft and validate FDA medical device submissions. Supports 510(k) Premarket Notifications (eSTAR format) with predicate comparison and substantial equivalence arguments, and PMA (Premarket Approval) dossiers with clinical and non-clinical data sections.

Healthcare Regulatory FDA Compliance

Learn More

FedRAMP Authorization Package

Draft and validate FedRAMP authorization packages for cloud service providers: System Security Plan (SSP) with all required attachments, Security Assessment Plan (SAP), Security Assessment Report (SAR), and Plan of Action & Milestones (POA&M). Supports Low, Moderate, and High baselines.

FedRAMP NIST Compliance Government Cloud Security ATO

Learn More

Financial Services Statement of Advice

Generate and validate personalised Statements of Advice (SoA) for retail clients in Australia. Ensures Best Interests Duty (BID) and FOFA ongoing fee compliance; includes soa_logic_validator and fee_disclosure_checker.

Australia Financial Planning Wealth Management ASIC Compliance SoA BID FOFA

Learn More

Food Labeling & Claims (FDA / USDA)

Draft and validate U.S. food product labels and labeling claims compliant with FDA 21 CFR 101, USDA FSIS, NLEA, FALCPA, and FASTER Act. Validates required label elements, allergen declarations, nutrient content claims against nutrition data, health claims, and organic/bioengineered disclosures.

Food Labeling FDA USDA NLEA FALCPA Nutrition Facts Claims Allergens Compliance Food & Beverage

Learn More

FSAI Agri-Food Traceability

Draft Recall and Withdrawal procedures for meat and dairy in Ireland (FSAI), with One-Step-Back/Forward traceability and validation of the 14 allergens list against Irish S.I. No. 489/2014 font and highlighting requirements.

FSAI Ireland Food Safety Agriculture Traceability Recall Allergens Labelling Compliance

Learn More

FSMS Manual & PRP/OPRP Author

Guided elaboration of FSMS documentation for ISO 22000: food safety policy, PRPs, OPRPs, HACCP plan linkage, and operational control procedures. Ensures PRPs and OPRPs are documented and linked to hazards and flags CCPs without critical limits or monitoring.

Food Safety ISO 22000 FSMS PRP OPRP HACCP Compliance

Learn More

GDPR ROPA & DPIA Author

Guided elaboration of Records of Processing Activities (ROPA) and Data Protection Impact Assessments (DPIA): processing purposes, legal basis, data categories, recipients, retention, safeguards, and DPIA necessity assessment and risk mitigation.

GDPR Privacy ROPA DPIA Compliance Data Protection

Learn More

GMP SOP & Validation Author

Guided elaboration of GMP documentation — SOPs, validation protocol (IQ/OQ/PQ), and batch record template sections aligned to FDA 21 CFR 211 / EU EudraLex Vol 4 / WHO GMP.

GMP Pharmaceutical FDA Validation Compliance

Learn More

GRI Sustainability Report Author

Guided elaboration of a GRI Standards-aligned sustainability report: material topics, GRI Universal Standards (2–3) and topic-specific disclosures (200/300/400 series), and management approach per material topic.

GRI Sustainability ESG Reporting Compliance

Learn More

GwG Anti-Money Laundering Risk Analysis

Erstellt Risikoanalysen gemaess §5 GwG (Geldwaeschegesetz) fuer den Nichtfinanzsektor. Weist Kunden anhand von Transparenzregister-Daten Risikostufen zu und validiert PEP-Sorgfaltspflichten (§15 GwG) fuer Immobilienmakler und Gueterhaendler.

GwG Anti-Money Laundering Risk Analysis Compliance Germany Real Estate KYC

Learn More

HACCP Food Safety Plan

Draft and validate a HACCP Food Safety Plan for Food & Beverage operations aligned with Codex Alimentarius and FDA FSMA. Defines CCPs and critical limits, and ensures every hazard in the process flow has a corresponding monitoring step.

Food Safety HACCP FDA FSMA Codex Alimentarius Compliance Food & Beverage

Learn More

Health Canada & MDSAP

Align QMS documentation to MDSAP and Health Canada expectations. Guides users to map procedures and records to MDSAP/ISO 13485, prepare for audits, and use the mdsap_audit_aligner skill when available.

Healthcare Regulatory Canada MDSAP Compliance Quality Management

Learn More

HIPAA Security Risk Assessment (SRA)

Draft and validate the Security Risk Assessment required by the HIPAA Security Rule (45 CFR §164.308(a)(1)). Maps ePHI assets to threats, vulnerabilities, and safeguards across administrative, physical, and technical categories. Produces the SRA report and risk register aligned with HHS/OCR audit protocol.

HIPAA Security Risk Assessment ePHI Healthcare Compliance SRA HHS/OCR

Learn More

HIQA Care/Support Plan

Draft or update an individual care or support plan for a resident or child in a designated centre aligned with HIQA standards.

HIQA Ireland Designated centres Care planning Compliance

Learn More

HIQA Complaints Procedure

Draft or update a complaints procedure for healthcare services aligned with HIQA NSSBH and national complaints guidance.

HIQA Ireland Healthcare Complaints Compliance

Learn More

HIQA Consent Policy

Draft or update a consent policy for healthcare services aligned with HIQA NSSBH and Irish consent law.

HIQA Ireland Healthcare Consent Compliance

Learn More

HIQA Data Protection and Confidentiality Policy

Draft or update a data protection and confidentiality policy aligned with HIQA, GDPR, and Irish law.

HIQA Ireland Information management GDPR Compliance

Learn More

HIQA Designated Centre Complaints

Draft or update a complaints procedure for a designated centre aligned with HIQA standards.

HIQA Ireland Designated centres Complaints Compliance

Learn More

HIQA Designated Centre Health and Safety

Draft or update a health and safety policy for a designated centre aligned with HIQA and health and safety law.

HIQA Ireland Designated centres Health and safety Compliance

Learn More

HIQA Designated Centre Medication

Draft or update a medication policy for a designated centre aligned with HIQA standards.

HIQA Ireland Designated centres Medication Compliance

Learn More

HIQA Designated Centre Safeguarding

Draft or update a safeguarding policy for a designated centre aligned with HIQA and national safeguarding guidance.

HIQA Ireland Designated centres Safeguarding Compliance

Learn More

HIQA Healthcare Governance

Draft or update a governance and accountability framework for healthcare services aligned with HIQA NSSBH Theme 5.

HIQA Ireland Healthcare Governance Compliance

Learn More

HIQA Incident Investigation Report

Draft an incident investigation report for healthcare services aligned with HIQA NSSBH and learning from incidents.

HIQA Ireland Healthcare Incidents Compliance

Learn More

HIQA Incident Reporting Procedure

Draft or update an incident reporting procedure for healthcare services aligned with HIQA NSSBH (internal reporting; for notifiable incidents use hiqa-notifiable-incidents-reporting).

HIQA Ireland Healthcare Incidents Compliance

Learn More

HIQA Information Governance Policy

Draft or update an information governance policy aligned with HIQA National Standards for Information Management and NSSBH Theme 8.

HIQA Ireland Information management Compliance

Learn More

HIQA Notifiable Incidents Reporting

Draft or update the process for reporting notifiable incidents to HIQA/Chief Inspector under the Patient Safety Act 2023.

HIQA Ireland Healthcare Patient Safety Act Compliance

Learn More

HIQA Open Disclosure Policy

Draft or update an open disclosure policy aligned with the Patient Safety Act 2023 and HIQA NSSBH.

HIQA Ireland Healthcare Open disclosure Compliance

Learn More

HIQA Quality Improvement Plan

Draft or update a quality improvement plan for healthcare services aligned with HIQA NSSBH.

HIQA Ireland Healthcare Quality Compliance

Learn More

HIQA Record-Keeping and Retention

Draft or update record-keeping and retention procedures aligned with HIQA National Standards for Information Management.

HIQA Ireland Information management Compliance

Learn More

HIQA Risk Register

Draft or update a risk register for healthcare services aligned with HIQA NSSBH (safe care, governance).

HIQA Ireland Healthcare Risk Compliance

Learn More

HIQA Safeguarding Policy

Draft or update a safeguarding policy for healthcare services aligned with HIQA NSSBH and national safeguarding guidance.

HIQA Ireland Healthcare Safeguarding Compliance

Learn More

HIQA Statement of Purpose

Draft or update a Statement of Purpose for a designated centre (older people, disability, or children) for HIQA registration.

HIQA Ireland Designated centres Compliance

Learn More

HIQA Workforce Performance Management Policy

Draft or update a workforce performance management policy for healthcare services aligned with HIQA NSSBH Theme 6.

HIQA Ireland Healthcare Workforce Compliance

Learn More

HIQA Workforce Recruitment Policy

Draft or update a workforce recruitment policy for healthcare services aligned with HIQA NSSBH Theme 6.

HIQA Ireland Healthcare Workforce Compliance

Learn More

HIQA Workforce Supervision Policy

Draft or update a workforce supervision policy for healthcare services aligned with HIQA NSSBH Theme 6.

HIQA Ireland Healthcare Workforce Compliance

Learn More

HIQA Workforce Training Policy

Draft or update a workforce training policy for healthcare services aligned with HIQA NSSBH Theme 6.

HIQA Ireland Healthcare Workforce Compliance

Learn More

HITRUST CSF Assessment

Draft HITRUST CSF Validated Assessment deliverables for e1, i1, or r2 certification: control requirement responses at all maturity levels, evidence artifacts, Corrective Action Plans, and the Validated Assessment Report.

HITRUST Compliance Cybersecurity Healthcare Audit

Learn More

IATF 16949 Process & CSR Author

Guided elaboration of IATF 16949 process documentation and customer-specific requirements (CSR) matrix: process maps, turtle diagrams, and evidence of conformity to OEM CSR.

IATF 16949 Automotive QMS CSR Compliance

Learn More

IEC 62304 Software Lifecycle Author

Guided elaboration of medical device software lifecycle documentation per IEC 62304 — SDP, SOUP identification, SRS, design, verification/validation, and risk control integration.

IEC 62304 Medical Device Software Lifecycle Compliance

Learn More

IEC 62443 Zone & SR Elaborator

Guided elaboration of IACS security documentation per IEC 62443: zone/conduit model, Security Level (SL) targets, Security Requirements (SR) for components and systems, and gap remediation. Verifies each zone has an SL target and SR/FR are allocated.

Industrial Cybersecurity IEC 62443 IACS OT Compliance

Learn More

IEEE Software Design Author

Guided elaboration of software or systems design documentation per IEEE standards (e.g. 1016 for design description, 829 for test documentation) — design views, traceability to requirements, and test plan/report structure.

IEEE Software Design Systems Engineering Compliance Traceability

Learn More

Individual Accountability Framework (IAF/SEAR) — Ireland

Draft and validate Statements of Responsibility and Management Responsibilities Maps for the Central Bank of Ireland IAF and SEAR. Supports banks, insurers, and investment firms. Includes gap detection for prescribed responsibilities and SEAR role mapping.

Compliance Financial Services Ireland Regulation SEAR Governance

Learn More

Information Security Policy (ISO 27001)

Draft and validate an Information Security Policy aligned with ISO 27001:2022. Builds a complete Statement of Applicability covering all 93 Annex A controls, validates enforceability of policy language, and maps every policy section to the relevant controls. Includes SoA cross-referencing and jargon-simplification tools.

Compliance Security ISO 27001 ISMS Policy

Learn More

Insurance policy summary

Produce and validate structured insurance policy summaries (coverage, limits, exclusions, conditions, notice). Reduces E&O risk by ensuring critical sections and notice provisions are present.

Insurance Policy Summary Coverage Compliance

Learn More

ISMS Internal Audit Report (Clause 9.2)

Draft and validate the ISO 27001 internal audit report: map findings to clauses, document NCs and OFIs, and ensure auditor impartiality so auditors do not audit their own work.

Information Security ISO 27001 ISMS Internal Audit Compliance Clause 9.2

Learn More

ISMS Scope Statement (ISO 27001 Clause 4.3)

Define and validate the ISMS scope boundaries (physical, organizational, technical) with justified exclusions and no Shadow IT gaps. Includes boundary integrity checker and exclusion logic validator for audit-ready scope statements.

Compliance Security ISO 27001 ISMS Scope

Learn More

ISMS SoA & Risk Treatment Author

Guided elaboration of ISMS documentation for ISO/IEC 27001: context, risk assessment, risk treatment plan, Statement of Applicability (SoA), and security policies. Ensures every Annex A control has status and justification and flags missing risk treatment for unacceptable risks.

Information Security ISO 27001 ISMS SoA Risk Treatment Compliance

Learn More

ISO 14971 Risk File Author

Guided elaboration of risk management file for medical devices per ISO 14971: hazard identification, risk analysis, risk control, residual risk acceptability, and benefit–risk rationale. Flags risks above acceptability thresholds without control or justification.

Medical Devices ISO 14971 Risk Management Compliance Benefit-Risk

Learn More

ISO 27001 Asset Inventory & Classification Register

Build and validate an Asset Inventory & Classification Register for ISO 27001:2022 Control A.5.9. Catalog information assets with Ownership and Classification (Public, Internal, Confidential, Restricted), suggest classification from sensitivity descriptions, and verify that every asset has a named Information Owner and that Confidential/Restricted assets have handling procedures.

Compliance Security ISO 27001 ISMS Asset management

Learn More

ISO 27001 Monitoring, Measurement & Evaluation

Draft and validate the Clause 9.1 report (PDCA 'Check'): KPIs that measure control effectiveness, executive insight from raw data, and CAPA linkage for every failed control.

ISO 27001 ISMS Compliance Monitoring Metrics CAPA

Learn More

ISO 27001 Statement of Applicability

Build and validate the SoA (Clause 6.1.3): map 93 Annex A controls to In/Out with justification and implementation evidence. SoA mapping engine suggests inclusions from risk assessment; control justification audit ensures excluded controls have valid reasons and included controls link to active policies.

Information Security ISO 27001 ISMS SoA Compliance Risk Assessment

Learn More

ISO 27001 Supplier Information Security Policy

Draft and validate supplier security requirements and annexes for ISO 27001:2022 Control 5.21. Tier-based Minimum Security Baseline (Cloud vs Janitorial), Right to Audit and Breach Notification validation.

ISO 27001 Information Security Supplier ISMS Compliance

Learn More

ISO 27701 PIMS Extension Author

Guided elaboration of PIMS documentation as an extension to ISMS: PII processing inventory, privacy objectives, processing purposes and legal basis, and controller/processor annex controls.

ISO 27701 Privacy PIMS PII Compliance

Learn More

ISO 42001 AI Policy

Draft and validate the formal AI Policy for ISO/IEC 42001:2023, approved by top management.

ISO 42001 AI Policy Governance Compliance AI

Learn More

ISO 42001 AI Risk Assessment Methodology

Draft the AI risk assessment methodology for ISO/IEC 42001:2023.

ISO 42001 Risk Assessment Methodology Compliance AI

Learn More

ISO 42001 AI Risk Register

Draft and validate the AI risk register for ISO/IEC 42001:2023 with ownership, treatment, and residual risk.

ISO 42001 Risk Register Risk Management Compliance AI

Learn More

ISO 42001 AIMS Scope and Context

Draft and validate AIMS scope statement and organizational context for ISO/IEC 42001:2023 certification (Clause 4).

ISO 42001 AIMS Governance Compliance AI

Learn More

ISO 42001 Data Governance

Draft data governance procedures for AI systems under ISO/IEC 42001:2023.

ISO 42001 Data Governance Data Quality Compliance AI

Learn More

ISO 42001 Incident Response

Draft AI incident response procedure and documentation for ISO/IEC 42001:2023.

ISO 42001 Incident Response Compliance AI

Learn More

ISO 42001 Internal Audit

Draft internal audit procedure and audit report structure for the AIMS under ISO/IEC 42001:2023.

ISO 42001 Internal Audit Compliance AI

Learn More

ISO 42001 Nonconformity & Corrective Action

Draft nonconformity and corrective action procedure and records for the AIMS under ISO/IEC 42001:2023.

ISO 42001 Nonconformity Corrective Action Compliance AI

Learn More

ISO 42001 Statement of Applicability

Build and validate the SoA for ISO/IEC 42001:2023 Annex A with justification and implementation evidence.

ISO 42001 SoA Annex A Compliance AI

Learn More

ISO 42001 Supplier & Third-Party AI

Draft supplier and third-party AI evaluation, contracts, and documentation for ISO/IEC 42001:2023.

ISO 42001 Supplier Third-Party Compliance AI

Learn More

ITU Recommendation Conformity Author

Guided elaboration of implementation or compliance documentation for a selected ITU-T (or ITU-R) recommendation — scope, normative references, implementation statement, and conformance checklist.

ITU Telecommunications Conformity Compliance

Learn More

King IV Apply and Explain

Draft or validate the King IV 'apply and explain' governance disclosure (all 16 principles) for South Africa.

King IV South Africa Governance Compliance Disclosure

Learn More

LAC — Licenciamento Ambiental Simplificado

Apoia a elaboracao e revisao de requerimentos de LAC (Licenca por Adesao e Compromisso) para licenciamento ambiental no Brasil, com foco em CONAMA e orgaos estaduais de meio ambiente. Inclui enquadramento de atividades, template de requerimento, checklist de conformidade e validacao automatica.

Environment Licensing CONAMA LAC Brazil Compliance Regulated Sector

Learn More

LAE — Licença Ambiental Especial (Obras Estratégicas)

Estruturação de Termos de Referência (TR) e Relatórios de Impacto Ambiental (EIA/RIMA) para Licença Ambiental Especial (Lei 15.300/2025), com foco em obras e empreendimentos estratégicos. Garante vínculo entre cronograma de instalação e condicionantes ambientais. Inclui template TR, checklist e validação de enquadramento para tramitação prioritária de 12 meses.

Environment Licensing Infrastructure Energy Brazil IBAMA MMA Lei 15.300/2025 Compliance Regulated Sector

Learn More

Law 25 — Governance Policy

Draft the policy on practices governing the protection of personal information under Quebec Law 25. Covers complaints process, staff roles and responsibilities, retention and destruction rules, and review cycle.

Quebec Law 25 Bill 64 Governance Compliance Canada

Learn More

Law 25 — Privacy Officer Designation

Draft the formal designation of the person in charge of the protection of personal information (Privacy Officer) under Quebec Law 25 (Bill 64). Board resolution or CEO/MD letter; validation for required elements.

Quebec Law 25 Bill 64 Privacy Officer Compliance Canada

Learn More

Law 25 — Privacy Policy

Draft and update a public privacy policy in line with Quebec Law 25 (Bill 64). Covers purposes, rights, retention, complaints, and Privacy Officer contact. Includes validation for required elements.

Quebec Law 25 Bill 64 Privacy Policy Compliance Canada

Learn More

LEED Credit Documentation Author

Guided elaboration of LEED credit documentation — credit intent, compliance path, calculations, and evidence checklist for submission.

LEED Green Building Sustainability USGBC Compliance

Learn More

LkSG Supply Chain Due Diligence

Erstellt Grundsatzerklaerungen (Policy Statements) und Jahresberichte gemaess dem Lieferkettensorgfaltspflichtengesetz (LkSG). Mappt Lieferantenaudits auf die 11 geschuetzten Rechtspositionen und validiert die BAFA-Berichtskonformitaet.

LkSG Supply Chain Due Diligence BAFA Compliance Germany Human Rights

Learn More

MaRisk Risikomanagement-Handbuch

Erstellt und prueft Risikomanagement-Handbuecher fuer Finanzinstitute in Deutschland gemaess MaRisk (BaFin). Unterstuetzt die vollstaendige Ausarbeitung aller MaRisk-Module (AT, BT, BTR), Konformitaetspruefungen und Identifikation von Dokumentationsluecken.

Finance Regulatory BaFin MaRisk Compliance Germany Risk Management

Learn More

MAS TRM — Technology Risk Management Framework

Draft and validate the Technology Risk Management framework for MAS-regulated financial institutions. Covers governance, IT resilience, cyber security, data loss prevention, and technology audit per MAS TRM Guidelines (2021).

Singapore MAS Technology Risk Financial Services Compliance

Learn More

MFA Exception Rationalizer (CISA CPG 1.1)

Document the transition to phishing-resistant MFA and draft MFA-exception rationales for Critical Infrastructure. Identifies legacy systems that cannot support MFA, proposes compensating controls (e.g. jump hosts), and validates authentication hardware against the FIDO2 standard required by CPG 1.1.

Compliance Security Critical Infrastructure CISA MFA FIDO2

Learn More

Mining & Exploration — Reserve Estimate Validator

Guided elaboration and compliance validation of mineral resource and reserve technical reports under NI 43-101 (Canada) and JORC Code (Australia/South Africa), with QP/CP certificate checking and resource classification integrity verification.

Mining Natural Resources Compliance NI 43-101 JORC Code Canada Australia South Africa

Learn More

Mobile Device & Teleworking Policy (ISO 27001)

Draft and validate a Mobile Device & Teleworking Policy for ISO 27001:2022 (A.5.17, A.6.7, A.8.1). Covers BYOD, VPN, disk encryption, remote wipe consent, endpoint leakage risk, and compliance with Right to Disconnect (France, Brazil, Ireland). Includes labor-law overlap check.

Compliance Security ISO 27001 ISMS Remote work BYOD

Learn More

Modern Slavery Statements (AU)

Annual drafting of Modern Slavery Statements for the Australian regime under the Modern Slavery Act 2018 (Cth). Covers the seven mandatory criteria (s16), approval by the principal governing body, and submission to the ABF Online Register. For entities with consolidated revenue ≥ A$100m.

Australia Compliance Supply chain Modern Slavery Act 2018 Regulatory Reporting

Learn More

Monitoramento de Infecções (IRAS) e RAM

Padroniza relatórios mensais de infecção hospitalar e resistência microbiana para hospitais e clínicas, com foco em notificação de indicadores nacionais obrigatórios e detecção de discrepâncias estatísticas. Regulação: ANVISA, Notas Técnicas 02/2026 e 03/2026.

Healthcare Patient Safety ANVISA Brazil Compliance Infection Control

Learn More

NDB Incident Drafter

Draft and validate the Statement to the Commissioner and Notification to Individuals under Australia's Notifiable Data Breaches (NDB) scheme. Ensures the four mandatory sections under Privacy Act s 26WK are present and supports assessment of likelihood of serious harm by data type (e.g. TFN, Medicare).

Australia Privacy OAIC NDB Compliance Data Breach

Learn More

NDIS Provider Quality Audit

Elaborate and validate the Provider Policy & Procedures manual for NDIS registration in Australia. Ensures the Reportable Incidents procedure includes the mandatory 24-hour notification to the NDIS Quality and Safeguards Commission and covers required incident types. Works alongside NDIS Practice Standardizer for Core Module alignment.

NDIS Australia Disability Services Compliance Quality and Safeguards Commission Policy and Procedures

Learn More

NIST CSF Profile Author

Guided elaboration of a NIST Cybersecurity Framework (CSF) assessment: current profile (Identify, Protect, Detect, Respond, Recover, Govern), target profile, gap analysis, and prioritized implementation plan with outcomes and metrics.

NIST CSF Cybersecurity Risk Management Compliance USA

Learn More

NIST Password Logic Adapter (CISA CPG 1.2)

Rewrite legacy password policies to prioritize length and entropy over complexity and aging, and draft the Compromised Password Detection Protocol. Aligns with NIST SP 800-63B and CISA CPG 1.2; validates that procedures include a recurring check against leaked-credential APIs (e.g. Have I Been Pwned).

Compliance Security Critical Infrastructure CISA NIST Password Identity

Learn More

Nordic AML/CFT — Enterprise-Wide Risk Assessment

Draft and validate the enterprise-wide AML/CFT risk assessment for Nordic supervisors. Covers inherent risk, control effectiveness, residual risk, and risk appetite per Joint ESA Guidelines and AMLD6.

AML CFT Nordic Financial Services Compliance

Learn More

OHSMS Hazard & Legal Author

Guided elaboration of OH&S management system documentation for ISO 45001: context, hazard identification, risk assessment, legal and other requirements register, consultation and participation, and OH&S objectives. Verifies hazard–legal linkage and flags missing review dates or compliance status.

Occupational Health and Safety ISO 45001 OHSMS Compliance Hazard

Learn More

OT Asset Integrity Register (CISA CPG 2.1)

Maintain and validate an OT Asset Integrity Register for CISA CPG 2.1: catalog ICS, PLCs, HMIs, and sensors with firmware versions and physical locations; link assets to CISA KEV and vendor advisories (Siemens, Rockwell, etc.); cross-reference inventory with network discovery to flag unauthorized devices.

Compliance Security Critical Infrastructure CISA OT ICS Asset management

Learn More

PAM Standard (PR.AA)

Draft and validate a Privileged Access Management standard aligned to NIST CSF 2.0 PR.AA. Defines JIT, least privilege, SoD boundaries, and break-glass workflow; ensures MFA for 100% of privileged sessions.

NIST CSF 2.0 PAM Identity and Access GRC Privileged Access Compliance

Learn More

PCI DSS Report on Compliance (ROC)

Author PCI DSS v4.0 ROC documentation for Level 1 QSA assessments: scope workpapers, requirement-by-requirement findings, Compensating Controls Worksheets (CCWs), Customized Approach Worksheets (CAWs), and the Attestation of Compliance (AOC).

PCI DSS Payment Security ROC QSA Compliance Cybersecurity

Learn More

PCI-DSS SAQ & Scope Author

Guided elaboration of PCI-DSS scope documentation and SAQ support: cardholder data environment (CDE), network segmentation narrative, and control evidence mapping to SAQ requirements.

PCI DSS Payment Security SAQ Compliance Cybersecurity

Learn More

Pharmacy QMS (ApBetrO)

Pflege und Erstellung des Qualitaetsmanagementsystems (QMS) fuer oeffentliche Apotheken gemaess Apothekenbetriebsordnung (ApBetrO). Erstellt QMS-Handbuecher, Hygieneplaeane nach RKI-Richtlinien, Rezepturprotokolle nach DAB/Ph.Eur. und prueft die Compliance.

ApBetrO Pharmacy QMS Healthcare Compliance Germany

Learn More

Physical Security Perimeter (ISO 27001)

Define and document physical security perimeters and physical entry controls for ISO 27001:2022 Annex A 7.1 and 7.2. Structures the Defense in Depth narrative for offices, data centers, and secure areas: entry controls, visitor management, anti-tailgating, and environmental protection. Validation tool checks for anti-passback and visual badge identification steps.

ISO 27001 ISMS Physical Security Compliance Defense in Depth

Learn More

PMS — Plan de Maîtrise Sanitaire (France)

Elaborate the sanitation master plan (PMS) for restaurants and food production in France. Align with Paquet Hygiène, sector GBPH, and DDPP controls. Covers traceability (étiquettes de traçabilité) and retrait-rappel (recall) procedures.

Food Safety France PMS Paquet Hygiène GBPH DDPP Hospitality Catering Traceability Recall HACCP Compliance

Learn More

Política de Privacidade — LGPD

Elaboração de políticas de privacidade em conformidade com a LGPD (Lei 13.709/2018) e orientações da ANPD. Cobre transparência (Art. 9), princípios (Art. 6º), direitos do titular (Art. 18), bases legais (Art. 7), retenção e canal do encarregado. Inclui validação de presença dos direitos do titular e do canal do encarregado.

LGPD ANPD Política de Privacidade Compliance Brasil Privacidade Transparência

Learn More

POPIA Information Officer Authorization

Draft the formal authorization (board resolution or CEO/MD letter) designating the Information Officer and Deputy IOs for submission to the Information Regulator.

South Africa POPIA Information Officer Compliance Information Regulator Board Resolution

Learn More

POPIA Registration Form Part A — Information Officer

Draft Part A of the POPIA Information Officer registration form with full name, designation, and contact details including direct email for the Information Regulator.

South Africa POPIA Information Officer Compliance Information Regulator

Learn More

POPIA Registration Form Part B — Deputy Information Officers

Draft Part B of the POPIA Information Officer registration form with contact details for each Deputy Information Officer (DIO) for the Information Regulator.

South Africa POPIA Information Officer Deputy IO Compliance Information Regulator

Learn More

POPIA Registration Form Part C — Organisation Details

Draft Part C of the POPIA Information Officer registration form with registered company name, address, and registration number for the Information Regulator.

South Africa POPIA Information Officer Compliance Information Regulator Company Registration

Learn More

Privilege Training Mapper (CISA CPG 4.3)

Map privileged job functions to role-specific training modules and validate training compliance. Cross-reference Privileged User List with HR training log to flag missing or overdue certifications.

CISA CPG Critical Infrastructure Training Compliance Privileged Access

Learn More

Procedimentos de Notificação à ANPD — LGPD

Documentação e execução dos procedimentos de notificação à ANPD: comunicação de RIPD (Art. 38), incidente de segurança (Art. 48), consulta prévia e demais obrigações. Inclui quando e como notificar, prazos e canais.

LGPD ANPD Notificação Art. 38 Art. 48 Compliance Brasil Incidentes

Learn More

Professional Fees for Architects (HOAI)

Phase-by-phase billing and documentation of service achievements for architects and engineers per HOAI (Honorarordnung für Architekten und Ingenieure). Validates Grundleistungen completeness before billing, calculates Honorarzonen from building complexity criteria, and produces structured Leistungsnachweis documentation.

Architecture Engineering Billing Germany HOAI Compliance

Learn More

QMS CAPA Tracker

Draft and validate CAPA (Corrective and Preventive Action) reports for medical device quality management systems. Standardizes root cause analysis using 5 Whys or Fishbone (Ishikawa) methods, enforces Effectiveness Check completeness, and validates CAPA structure against ISO 13485 and FDA 21 CFR Part 820 requirements.

Healthcare Quality Management Regulatory ISO 13485 FDA Compliance

Learn More

QMS Procedure Elaborator

Guided elaboration of QMS procedures, process maps, and quality objectives aligned to ISO 9001 clauses and context of the organization. Verifies required clause topics are addressed and objectives are measurable.

Quality Management ISO 9001 QMS Procedures Compliance

Learn More

Qualiopi — Dossier de Certification

Prepare the Dossier de Certification for Qualiopi (France, RNQ). Structure proof-of-service evidence (feuilles d'émargement, enquêtes de satisfaction), validate with proof_of_service_audit, and align with the 7 criteria and 32 indicators of the Référentiel National Qualité.

Education France Qualiopi RNQ Professional Training Compliance

Learn More

R&D Tax Incentive Registration

Draft Core and Supporting Activity descriptions for the R&D Tax Incentive annual registration (Australia, AusIndustry/ATO). Ensures HEOC structure for core activities and salary-to-project nexus; validates descriptions with nexus_expenditure_check.

Australia Tax R&D AusIndustry ATO Compliance

Learn More

Railway RAMS Lifecycle Validator

Elaborate and validate a Safety Case for railway signaling systems per EN 50126. Covers the full V-model lifecycle (Concept to Decommissioning), SIL 1–4 allocation with failure rate consistency checks, hazard analysis, risk assessment, and CENELEC standard compliance for EU railway projects.

Transportation Railway Safety Regulatory Compliance EN 50126

Learn More

RCA — Relatório de Controle Ambiental

Apoia a elaboração e revisão de Relatórios de Controle Ambiental (RCA) para licenciamento ambiental no Brasil, com foco em regularização de empreendimentos e renovação de licenças, incluindo diagnóstico ambiental, plano de controle e validação de completude.

Environment Regulatory CONAMA Licensing Brazil Compliance

Learn More

RCA/PCA — Medidas Mitigadoras e Monitoramento

Redação técnica de medidas mitigadoras para Relatórios de Controle Ambiental (RCA) e Planos de Controle Ambiental (PCA), com vínculo impacto–monitoramento e verificação de efluentes contra CONAMA 430. Foco em mineração e transformação (médio impacto); órgãos CETESB, INEA, SEMAD.

Environment Regulatory CONAMA Brazil Compliance Mining

Learn More

RCT Sub-contractor Agreements

Draft and validate sub-contractor agreements for Irish construction and project management with RCT and VAT reverse charge compliance. Ensures Status of the Worker clauses and mandatory VAT wording.

Ireland Construction Tax RCT VAT Revenue Compliance Contracts

Learn More

RE2020 Compliance

Draft the environmental performance summary for new buildings under France's RE2020. Covers IC construction and IC énergie (kgCO₂/m²), LCA narrative with bio-sourced materials, threshold validation, and ADEME/ministerial alignment. France; construction and HVAC.

France RE2020 ADEME Environment Construction HVAC LCA Compliance

Learn More

Records Retention Schedule

Build records retention schedules defining how long every document type (tax, HR, legal, accounting, medical, contracts) must be kept, with country-specific statutory minimums and validated disposal protocols for physical and digital records.

Records Management Compliance Data Lifecycle Global Tax and Labor Laws

Learn More

Registro de Operações de Tratamento — LGPD (Art. 37)

Elaboração e manutenção do registro de operações de tratamento de dados pessoais em conformidade com o Art. 37 da LGPD. Documenta finalidades, categorias de dados e titulares, bases legais, compartilhamento, retenção e medidas de segurança. Inclui validação dos campos mínimos exigidos.

LGPD ANPD Registro de Operações Art. 37 Compliance Brasil Privacidade

Learn More

Relatório de Impacto à Proteção de Dados (RIPD) — LGPD

Elaboração e validação de Relatórios de Impacto à Proteção de Dados (RIPD) sob a LGPD (Lei 13.709/2018) e orientações da ANPD. Avaliação de riscos para tratamentos de alto risco ou em larga escala (e-commerce, saúde e demais setores). Valida se a base legal escolhida (ex.: Legítimo Interesse — Art. 7, IX) possui o teste de balanceamento documentado conforme Guia Orientativo da ANPD.

LGPD ANPD Proteção de Dados RIPD Compliance Brasil Privacidade Avaliação de Riscos

Learn More

Relatório de Segurança — LGPD (Art. 46 a 49)

Elaboração do relatório de segurança e do procedimento de comunicação de incidentes nos termos dos Art. 46 a 49 da LGPD. Cobre medidas técnicas e organizacionais, registro de incidentes (Art. 47), comunicação à ANPD (Art. 48) e aos titulares (Art. 49).

LGPD ANPD Relatório de Segurança Incidentes Art. 46 Art. 48 Compliance Brasil

Learn More

Relatórios Prudenciais CMN/BCB

Apoia a elaboracao e revisao de divulgacoes prudenciais no Brasil com foco em CMN/BCB (Pilar 3, ICAAP e riscos sociais, ambientais e climaticos), incluindo checklist de conformidade e validacao de completude.

Finance Regulatory BCB CMN Compliance Brazil Prudential

Learn More

Review Legal Clauses

Examine contract clauses for completeness, risks, and compliance issues. Flags potential problems and suggests improvements in plain language.

Legal Compliance Review

Learn More

RI&E — Risico-inventarisatie en -evaluatie (Netherlands)

Draft and validate the mandatory Risk Inventory & Evaluation (RI&E) and Plan van Aanpak under the Dutch Working Conditions Act (Arbowet Art. 5). Covers hazard identification, risk evaluation, PSA, and arbodeskundige review.

Netherlands Arbowet Occupational Health RI&E Compliance

Learn More

Risk & Control Self-Assessment (RCSA)

RCSA support aligned with COSO and Basel III. Front-line managers document risks and control effectiveness; the skill scores control strength (Automated > Manual, Preventative > Detective) and identifies optimistic bias where residual risk is low despite weak controls or thin descriptions.

Risk Management Compliance COSO Basel III RCSA Operational Risk Internal Control

Learn More

Sandbox Compliance Expert

Elaboração de propostas para sandbox regulatório e contratos de inovação (CVM, BCB, SUSEP). Define critérios de saída segura e limites de operação; valida proteção ao consumidor e responsabilidade civil conforme LC 182/2021.

Regulatory Compliance Brazil Startups CVM BCB SUSEP Sandbox

Learn More

SBOM Vulnerability Mapper

Generate and validate a Software Bill of Materials (SBOM) and draft CRA-compliant technical documentation for connected products in the EU market. Checks software components against the NIST NVD for known critical vulnerabilities. Covers product classification, Annex I essential cybersecurity requirements, vulnerability handling, conformity assessment, and ENISA reporting readiness.

Cybersecurity IoT Consumer Electronics Compliance SBOM Cyber Resilience Act

Learn More

SDLC Control Drafter (ISO 27001 A.8.28)

Draft and maintain ISO 27001-aligned Secure Development Lifecycle (SDLC) policy: Security by Design, Security by Default, and security gates (SAST/DAST, peer review, threat modeling). Includes OWASP Top 10 alignment check for web and API risks.

ISO 27001 ISMS SDLC Secure development OWASP Security by Design Compliance

Learn More

SecNumCloud — Dossier d'Homologation

Draft the Dossier d'Homologation for ANSSI SecNumCloud certification. Map infrastructure to the Référentiel, validate EEA data sovereignty for sub-processors, and structure evidence for France's public-sector cloud qualification.

Cybersecurity France ANSSI SecNumCloud Compliance Public Sector

Learn More

SFCR Solvency II (Pillar 3)

Supports preparation and review of the Solvency and Financial Condition Report (SFCR) for EU insurance and reinsurance undertakings under Solvency II Pillar 3, including QRT consistency checks and MCR/SCR ratio validation.

Insurance Regulatory Solvency II EIOPA Compliance Europe Risk Management

Learn More

SOC 2 Control Narrative Author

Guided elaboration of SOC 2 readiness documentation: control narratives aligned to AICPA Trust Services Criteria (Security, Availability, Processing Integrity, Confidentiality, Privacy), control-objective mapping, and evidence placeholders for Type I/II audit.

SOC 2 AICPA Trust Services Criteria Compliance Audit Cybersecurity

Learn More

SOC 2 Readiness Gap Analysis

Map internal controls against AICPA Trust Services Criteria (Security, Availability, Processing Integrity, Confidentiality, Privacy). Identifies unmapped criteria, validates evidence artifacts and tests of effectiveness, and produces a prioritized remediation roadmap for SOC 2 Type I or Type II audit readiness.

Compliance SOC 2 AICPA Audit Security

Learn More

SOW & SLA Drafter

Draft professional Statements of Work with Service Level Agreements for B2B engagements. Industry-aware: applies regulatory and compliance sections based on the client's sector (Healthcare, Fintech, SaaS, Government, etc.).

Contract SOW SLA B2B Compliance Governance

Learn More

SOX Section 404 — Internal Control over Financial Reporting Narrative

Draft and validate management's assessment of Internal Control over Financial Reporting (ICFR) per SOX §404, aligned to the COSO 2013 framework and PCAOB AS 2201. Produces process narratives, risk-control matrices (RCMs), and control descriptions for each significant account and business process.

Compliance SOX ICFR COSO PCAOB Audit Internal Controls

Learn More

State Claims Risk Management

Draft and validate Risk Management reports for state-insured entities (hospitals, prisons) in Ireland under the State Claims Agency (SCA/NTMA). Ensures expected sections, tags Protected Disclosure and LPP content, and aligns with NIMS incident reporting.

Ireland Public Sector State Claims Agency NTMA NIMS Risk Management Compliance

Learn More

StateRAMP Authorization Package

Draft and validate StateRAMP authorization packages for cloud service providers serving U.S. state and local government: System Security Plan (SSP) with attachments, Security Assessment Plan (SAP), Security Assessment Report (SAR), Plan of Action & Milestones (POA&M), and the StateRAMP Snapshot for the Authorized Products List.

StateRAMP NIST Compliance Government Cloud Security State Government

Learn More

Structural Steel Specifications (USA / AISC 360)

Guided elaboration of technical specifications for load-bearing steel structures in the USA, with ASTM material cross-referencing, LRFD/ASD safety-factor validation, and compliance checking against AISC 360, ASCE 7, and IBC.

Construction Structural Steel AISC USA Engineering Compliance

Learn More

Supply Chain Code of Conduct

Draft and validate supply chain codes of conduct defining the ethical standards suppliers must sign. Covers labour rights, environmental obligations, Right to Audit clauses, and sub-tier flow-down requirements aligned with Modern Slavery Act (UK/AU), LkSG (Germany), ILO Core Conventions, and EU CSDDD. Automated tools validate audit clause strength and flag Tier 1-only compliance gaps.

Supply chain Compliance Modern Slavery Act 2015 LkSG Ethics ESG Due diligence

Learn More

Termo de Consentimento — LGPD (Art. 8 e 11)

Elaboração de termo ou formulário de consentimento para tratamento de dados pessoais em conformidade com o Art. 8 e 11 da LGPD. Cobre consentimento destacado, finalidades determinadas, revogação gratuita e facilitada, e dados sensíveis quando aplicável. Inclui validação dos requisitos do Art. 8.

LGPD ANPD Consentimento Art. 8 Art. 11 Compliance Brasil Privacidade

Learn More

Third-Party Risk Assessment (TPRA)

Assess vendor security posture by validating SIG questionnaire responses against evidence and auditing SOC 2 reports for coverage gaps. Produces structured TPRA reports aligned with NIST SP 800-161 and GDPR Article 28, with automated tools that flag unsupported vendor claims, expired reports, and bridge-letter gaps.

Risk Management Security Compliance NIST SP 800-161 GDPR

Learn More

Traceability Matrix Auditor

Generate and validate the DO-178C traceability matrix for airborne software. Maps HLR to LLR to source code and runs bidirectional checks for orphan code and dead requirements.

Aviation DO-178C Traceability Aerospace Certification Compliance

Learn More

Tusla Early Years Inspectorate

Draft the Safety Statement and Child Safeguarding Statement for creches and early years services in Ireland. Validates staff-to-child ratios against Tusla’s Schedule 6 (Early Years Services Regulations 2016).

Ireland Childcare Education Tusla Compliance Safeguarding Early Years

Learn More

UK Bribery Act — Adequate Procedures ABC Program

Draft and validate the Anti-Bribery & Corruption (ABC) programme documentation required for the 'adequate procedures' defence under UK Bribery Act 2010 §7. Structures the programme around the Ministry of Justice's six principles: proportionate procedures, top-level commitment, risk assessment, due diligence, communication/training, and monitoring/review.

Compliance UK Bribery Act Anti-Bribery Anti-Corruption MoJ Guidance Due Diligence

Learn More

UK Gambling Commission — Operating Licence Compliance

Draft and validate policies and procedures for Gambling Commission operating licence holders under the Gambling Act 2005 and LCCP. Covers AML/CTF, social responsibility, customer interaction, self-exclusion, and complaints.

United Kingdom Gambling Commission LCCP Compliance AML

Learn More

UK GDPR & DPIA (Data Protection)

Conduct and validate Data Protection Impact Assessments (DPIAs) under the UK GDPR and ICO guidance for high-risk processing. Suggests technical and organisational safeguards aligned with UK Adequacy standards. Validates breach-notification policies against the 72-hour ICO reporting window.

UK GDPR DPIA ICO Data Protection Privacy Compliance Breach Notification Technology

Learn More

UK Modern Slavery Statements

Annual drafting of transparency statements for the UK government registry under the Modern Slavery Act 2015 (s54). Covers the six recommended areas—organisation structure and supply chains, policies, due diligence, risk assessment and management, KPIs, training—and registry requirements (board approval, director sign-off).

UK Compliance Supply chain Modern Slavery Act 2015 Regulatory Reporting

Learn More

UK Public Procurement (Procurement Act 2023)

Draft and validate Selection Questionnaires and Tender Responses under the UK Procurement Act 2023. Covers exclusion grounds (Schedules 6 & 7), debarment list checks, Social Value evaluation per PPN 06/20 with TOMs framework, and SQ completeness validation.

Procurement Regulatory Procurement Act 2023 PPN 06/20 Compliance United Kingdom

Learn More

Validador de Folletos Informativos (CNMV)

Ayuda a elaborar y revisar folletos informativos de fondos de inversión en España conforme a la normativa CNMV, MiFID II y la Ley del Mercado de Valores, con checklist de conformidad y validación de completitud.

Finance Regulatory CNMV MiFID II Compliance España Investment Funds

Learn More

VgV Procurement Note

Erstellt und validiert den Vergabevermerk (Procurement Note) nach VgV § 8 / UVgO § 6 fuer oeffentliche Vergabeverfahren, einschliesslich nachpruefungsfester Zuschlagsbegruendung und XVergabe-Pflichtfeldvalidierung.

Procurement Regulatory VgV GWB XVergabe Compliance Germany

Learn More

VIA Impact Matrix

Struttura i rapporti di Valutazione di Impatto Ambientale (VIA) per progetti infrastrutturali in Italia conformemente al Codice dell'Ambiente (D.Lgs. 152/2006): matrice di impatto, Studio di Impatto Ambientale (SIA), misure di mitigazione, Piano di Monitoraggio Ambientale.

Italy Environment VIA Codice dell'Ambiente Infrastructure Compliance Regulated Sector

Learn More

VOB Contract Enforcer

Validiert Bauausschreibungen und Bauvertraege gegen die VOB (Vergabe- und Vertragsordnung) und DIN-Normen, einschliesslich Klauselpruefung, Leistungsverzeichnis-Struktur und Konformitaets-Checklisten.

Construction Regulatory VOB DIN Compliance Germany

Learn More

Whistleblower System Design (HinSchG)

Erstellt Verfahrensordnungen fuer interne Meldestellen gemaess dem Hinweisgeberschutzgesetz (HinSchG). Validiert Pflichtabschnitte, gesetzliche Fristen (7 Tage Eingangsbestaetigung, 3 Monate Rueckmeldung) und die 3-Jahres-Loeschfrist.

HinSchG Whistleblower Compliance Germany Data Protection

Learn More

Whistleblowing Investigation Report

Document findings of internal ethics or whistleblowing investigations for the board or audit committee, with anonymity and legal-privilege safeguards. Aligns with EU Whistleblowing Directive and Sarbanes-Oxley (SOX). Includes anonymity redactor and legal privilege tagger tools.

Whistleblowing Compliance EU Directive Sarbanes-Oxley Investigation Legal Privilege

Learn More

Works Council Agreements (BetrVG)

Negotiation-based drafting and validation of Betriebsvereinbarungen (Works Agreements) for IT systems under the Betriebsverfassungsgesetz (BetrVG). Ensures Leistungs- und Verhaltenskontrolle (performance and behavior monitoring) clauses comply with §87 Abs. 1 Nr. 6 BetrVG and validates BDSG §26 / DSGVO Art. 88 alignment for employee data protection.

BetrVG Works Council HR Employment BDSG Data Protection Compliance Germany

Learn More