Governance
Skill packages tagged with “Governance”
AI Risk & Transparency Auditor
Draft and validate a Fundamental Rights Impact Assessment (FRIA) for high-risk AI systems under the EU AI Act. Validates Instructions for Use against Art. 13 transparency requirements and audits technical documentation for bias mitigation and data governance per Art. 10.
Board Committee Charters
Define and review board committee charters (Audit, Risk, Compensation) with clear scope and responsibilities aligned to NYSE, NASDAQ, and LSE listing rules. Detects overlapping responsibilities and gaps in oversight; validates quorum and voting rules against local corporate law.
Business Ethics & Code of Conduct
Draft and validate Codes of Conduct as the high-level cultural guide for employee behavior. Creates industry-specific ethical-dilemma Scenario boxes (e.g. facilitation payments, conflicts of interest, gifts) and validates readability for a global workforce. Aligned with Federal Sentencing Guidelines (USA) and Sapin II (France).
Charities Governance Code Compliance
Prepare the Charities Governance Code Compliance Record Form for the annual report to the Charities Regulator (Ireland). Aligns board minutes and policies with the six core principles and validates trustee term limits and rotation in the constitution.
CSA NI 51-102 — Information Circular
Draft and validate the Information Circular (proxy circular) for Canadian reporting issuers under NI 51-102 Part 9 and Form 51-102F5. Ensures matters to be voted on, director/officer disclosure, and executive compensation for SEDAR+ filing.
eSCM-CL Sourcing Governance
Elaborate eSCM-CL sourcing governance documents: strategy, governance framework, relationship and value management, and policies for client-side sourcing.
ESRS 2 General Disclosures
Draft and validate the mandatory ESRS 2 general-disclosures pack for CSRD sustainability statements: BP-1/BP-2, GOV-1..5, SBM-1..3, IRO-1/IRO-2, due-diligence mapping, sustainability reporting controls, and an IRO-2 Disclosure Requirements index kept in sync with DMA outputs and datapoints.
Governance Charter Builder (COBIT EDM01)
Draft IT governance charters: terms of reference for the IT Oversight Committee and decision-making rights for CIO vs CEO, aligned to COBIT 2019 EDM01. Includes authority overlap check for decision gaps.
HIQA Healthcare Governance
Draft or update a governance and accountability framework for healthcare services aligned with HIQA NSSBH Theme 5.
HOA / COA / POA Governance Document Pack (US)
Draft and amend US community-association documents: CC&Rs, bylaws, rules, architectural guidelines, enforcement policies, election packets, and resale certificates with state-law cautions.
Individual Accountability Framework (IAF/SEAR) — Ireland
Draft and validate Statements of Responsibility and Management Responsibilities Maps for the Central Bank of Ireland IAF and SEAR. Supports banks, insurers, and investment firms. Includes gap detection for prescribed responsibilities and SEAR role mapping.
ISO 20000 Service Management Plan
Create and validate the service management plan for ISO/IEC 20000-1:2011 per Clause 4.5.2. Covers SMS objectives, governance structure, PDCA approach for each process area, resource planning, documentation framework, risk management, and implementation timeline. SMS plan validator checks all required elements are present.
ISO 42001 AI Lifecycle Procedures
Draft AI lifecycle management procedures for ISO/IEC 42001:2023 (concept to retirement).
ISO 42001 AI Policy
Draft and validate the formal AI Policy for ISO/IEC 42001:2023, covering all mandatory Clause 5.2 elements: organizational purpose alignment, compliance commitment, continual improvement, risk management, transparency, data governance, and ethical use including human rights.
ISO 42001 AIMS Scope and Context
Draft and validate AIMS scope statement and organizational context for ISO/IEC 42001:2023 certification (Clause 4).
ISO 42001 Management Review
Draft management review procedure and minutes structure for the AIMS under ISO/IEC 42001:2023.
ISO 42001 Roles, Responsibilities & Competence
Draft roles, responsibilities, and competence documentation for ISO/IEC 42001:2023 AIMS.
ISO 42001 Training & Competency
Draft training and competency requirements and record structure for the AIMS under ISO/IEC 42001:2023.
King IV and POPIA Narrative
Draft the POPIA–King IV governance narrative linking data protection compliance to King IV Principles 12 and 13 for South African organisations.
King IV Apply and Explain
Draft or validate the King IV 'apply and explain' governance disclosure (all 16 principles) for South Africa.
King IV Code of Conduct
Draft or update a code of conduct aligned with King IV Principle 2 (ethics, ethical culture) for South African organisations.
King IV Corporate Citizenship
Draft or update corporate citizenship (ESG) policy or disclosure aligned with King IV Principle 3 for South African organisations.
King IV Ethics Framework
Draft or update an ethics framework aligned with King IV Principle 2 (governance of ethics) for South African organisations.
King IV Governance Charter
Draft or update board and committee charters aligned with King IV Principles 6–10 for South African organisations.
King IV Integrated Report — Governance
Draft the governance section of an integrated report or standalone governance report aligned with King IV Principles 4 and 5.
King IV Remuneration
Draft or update remuneration policy or report aligned with King IV Principle 14 for South African organisations.
King IV Risk Governance
Draft or update risk governance framework, policy or disclosure aligned with King IV Principle 11 for South African organisations.
Law 25 — Governance Policy
Draft the policy on practices governing the protection of personal information under Quebec Law 25. Covers complaints process, staff roles and responsibilities, retention and destruction rules, and review cycle.
Management Body ICT Risk Report (DORA)
Draft periodic ICT risk reports for the management body per DORA Art. 5, covering risk posture, incidents, resilience testing, third-party risk, compliance status, and budget allocation.
Meeting Notes Structuring
Transform raw meeting transcripts into structured, actionable notes with summaries, decisions, and follow-up tasks. Produces formal board, committee, and audit-meeting minutes by default — exports DOCX (and PDF on request) with motions, votes, action items, and a signature block.
NIS2 Governance & Risk Management
Document management body accountability and cybersecurity risk management measures per NIS2 Directive Art. 20-21. Covers all 11 mandatory measures (a)-(k), governance approval workflows, and management training obligations. Produces a governance and risk management report with measure-by-measure coverage analysis.
OSFI B-10 — Third-Party Risk Management Framework
Draft the enterprise-wide TPRMF (governance, accountabilities, lifecycle, inventory) for federally regulated financial institutions under OSFI B-10.
OSFI E-13 — RCM Framework
Draft the enterprise-wide Regulatory Compliance Management (RCM) framework document for federally regulated financial institutions under OSFI Guideline E-13.
OSFI E-13 — RCM Reporting
Draft internal RCM reporting procedures and report templates (Senior Management, CCO, IA) for federally regulated financial institutions under OSFI E-13.
OSFI E-13 — RCM Roles
Draft documented RCM roles and mandates (CCO, Senior Management, Internal Audit) for federally regulated financial institutions under OSFI E-13.
PRINCE2 Directing a Project
Draft Directing a Project (DP) documents aligned with PRINCE2. Covers Project Board authorization decisions, ad hoc direction, exception handling, stage gate approvals, and project closure authorization.
PRINCE2 Initiating a Project
Draft Initiating a Project (IP) documents aligned with PRINCE2. Covers the Project Initiation Documentation (PID), Project Plan, detailed Business Case, Benefits Management Approach, and management approaches for risk, quality, communication, and change control.
Risk Tolerance Quantifier
Draft and validate a Cybersecurity Risk Appetite Statement (NIST CSF 2.0 GV.OC): translate board mandates into quantifiable tolerance levels and KPIs; ensure stated appetite is supported by budget narratives.
SBOM Lifecycle Drafter
Draft and maintain the SBOM Management Procedure aligned with NIST CSF 2.0 ID.AM. Covers ingestion, validation, and monitoring of SBOMs; Vulnerability Disclosure when NVD flags a component; and developer Attestation of Security. Validates procedure and SBOM files against CycloneDX/SPDX.
SOW & SLA Drafter
Draft professional Statements of Work with Service Level Agreements for B2B engagements. Industry-aware: applies regulatory and compliance sections based on the client's sector (Healthcare, Fintech, SaaS, Government, etc.).
Supply Chain Clause Harmonizer
Draft and validate C-SCRM Security Requirement Annexes for vendor contracts. Selects clauses by Criticality Tier (right to audit, vulnerability disclosure, breach notification) and validates against NIST SP 800-161 (GV.SC).