# Skills tagged "Isms" 27 skills with this tag. URL: https://rakenne.app/skill-tags/isms/index.md - [ISO 27001 ISMS Benchmark: Rakenne vs GPT-4o on Audit-Ready Documentation](https://rakenne.app/learn/best-practices/rakenne-vs-chatgpt-iso27001/index.md) — A side-by-side benchmark comparing Rakenne's ISO 27001 skills against GPT-4o on control name accuracy, hallucination rates, cross-document traceability, and audit readiness — with real output examples … - [HR & Personnel Security](https://rakenne.app/skills/iso27001-hr-security/index.md) — Draft and validate HR security documents covering the full employment lifecycle: pre-employment screening, employment contract security clauses, management security responsibilities, disciplinary … - [Information Security Policy (ISO 27001)](https://rakenne.app/skills/information-security-policy/index.md) — Draft and validate an Information Security Policy aligned with ISO 27001:2022. Builds a complete Statement of Applicability covering all 93 Annex A controls, validates enforceability of policy … - [ISMS Internal Audit Report (Clause 9.2)](https://rakenne.app/skills/iso27001-isms-internal-audit-report/index.md) — Plan and execute ISO 27001 internal audits: create audit plans with sampling strategies, draft structured audit reports with findings mapped to clauses, validate finding completeness (severity, … - [ISMS Scope Statement (ISO 27001 Clause 4.3)](https://rakenne.app/skills/iso27001-isms-scope/index.md) — Define and validate the ISMS scope boundaries (physical, organizational, technical) with justified exclusions and no Shadow IT gaps. Includes boundary integrity checker and exclusion logic validator … - [ISO 27001 Asset Inventory & Classification Register](https://rakenne.app/skills/iso27001-asset-inventory/index.md) — Build and validate an Asset Inventory & Classification Register for ISO 27001:2022 Control A.5.9. Catalog information assets with Ownership and Classification (Public, Internal, Confidential, … - [ISO 27001 Awareness and Training Plan](https://rakenne.app/skills/iso27001-awareness-training-plan/index.md) — Create, validate, and maintain the ISO 27001:2022 awareness and training plan per Clauses 7.2 (Competence), 7.3 (Awareness), and Annex A control A.6.3. Defines target audiences with role-based … - [ISO 27001 Business Continuity & Disaster Recovery Plan](https://rakenne.app/skills/iso27001-business-continuity-plan/index.md) — Create operationally detailed Business Continuity Plans (BCP) and Disaster Recovery Plans (DRP) with BIA-driven recovery sequences, RTO/RPO validation, failover procedures, and exercise records per … - [ISO 27001 Confidentiality & NDA Agreements](https://rakenne.app/skills/iso27001-confidentiality-nda/index.md) — Create and manage confidentiality and non-disclosure agreement templates with a tracking register per ISO 27001 Control A.6.6. Covers both employee and third-party scenarios. - [ISO 27001 Critical Supplier Register](https://rakenne.app/skills/iso27001-critical-supplier-register/index.md) — Operational register of critical suppliers with data access, SLA thresholds, BCP dependencies, security assessment history, and internal ownership. The auditor-expected evidence document that proves … - [ISO 27001 Gap Assessment](https://rakenne.app/skills/iso27001-gap-assessment/index.md) — Perform a structured gap assessment against ISO 27001:2022 clauses 4-10 and 93 Annex A controls. Mandatory artifact detector scans for missing ISMS documents; maturity rating tool suggests 0-5 … - [ISO 27001 ISMS Annual Maintenance & Surveillance Audit Prep](https://rakenne.app/skills/iso27001-annual-maintenance/index.md) — Prepare for annual ISO 27001 surveillance audits by reviewing and updating existing ISMS documents. Scans documents for freshness, assesses organizational changes, performs delta risk re-assessment, … - [ISO 27001 Legal & Regulatory Requirements Register](https://rakenne.app/skills/iso27001-legal-requirements-register/index.md) — Identify, document, and track all legal, statutory, regulatory, and contractual requirements relevant to information security per ISO 27001 Control A.5.31. - [ISO 27001 Management Review](https://rakenne.app/skills/iso27001-management-review/index.md) — Prepare, validate, and document the ISO 27001:2022 management review per Clause 9.3. Compiles input pack from workspace ISMS artifacts, validates all 10 mandatory input categories (Clause 9.3.2) and 3 … - [ISO 27001 Monitoring, Measurement & Evaluation](https://rakenne.app/skills/iso27001-monitoring-measurement-evaluation/index.md) — Draft and validate the Clause 9.1 report (PDCA 'Check') and Clause 6.2 objectives register: six validation tools covering KPI effectiveness, CAPA linkage for every failed control, CAPA field … - [ISO 27001 Operating Procedures (SOPs)](https://rakenne.app/skills/iso27001-operating-procedures/index.md) — Create, validate, and index standard operating procedures (SOPs) for information processing facilities per ISO 27001 Control A.5.37. Produces step-by-step procedures with traceability to Annex A … - [ISO 27001 Organization Profile](https://rakenne.app/skills/iso27001-organization-profile/index.md) — Build and validate a shared organization profile for ISO 27001 certification. Captures organizational facts (industry, locations, technology stack, regulations, suppliers) that feed into scope, risk … - [ISO 27001 Policy Generator](https://rakenne.app/skills/iso27001-policy-generator/index.md) — Generate, validate, and maintain the core ISMS policy and procedure set for ISO 27001:2022 certification. Produces 22 document types (information security policy, ISMS manual, risk management, access … - [ISO 27001 Risk Assessment](https://rakenne.app/skills/iso27001-risk-assessment/index.md) — Complete ISO 27001:2022 risk assessment workflow covering methodology definition, risk identification using a 12-category threat taxonomy, risk analysis with 5×5 matrix scoring, treatment planning … - [ISO 27001 Secure Architecture Principles](https://rakenne.app/skills/iso27001-secure-architecture-principles/index.md) — Document secure system architecture and engineering principles per ISO 27001 Control A.8.27. Produces a principles catalog with rationale, implementation guidance, and technology-stack applicability … - [ISO 27001 Statement of Applicability](https://rakenne.app/skills/iso27001-soa/index.md) — Build and validate the SoA (Clause 6.1.3): map 93 Annex A controls to In/Out with justification and implementation evidence. SoA mapping engine suggests inclusions from risk assessment; control … - [ISO 27001 Supplier Information Security Policy](https://rakenne.app/skills/iso27001-supplier-security-policy/index.md) — Draft and validate supplier security requirements and annexes for ISO 27001:2022 Control 5.21. Tier-based Minimum Security Baseline (Cloud vs Janitorial), Right to Audit and Breach Notification … - [Mobile Device & Teleworking Policy (ISO 27001)](https://rakenne.app/skills/remote-work-risk-drafter/index.md) — Draft and validate a Mobile Device & Teleworking Policy for ISO 27001:2022 (A.5.17, A.6.7, A.8.1). Covers BYOD, VPN, disk encryption, remote wipe consent, endpoint leakage risk, and compliance with … - [Physical Security Perimeter (ISO 27001)](https://rakenne.app/skills/iso27001-physical-security-perimeter/index.md) — Define and document physical security perimeters and physical entry controls for ISO 27001:2022 Annex A 7.1 and 7.2. Structures the Defense in Depth narrative for offices, data centers, and secure … - [Privacy & PII Protection Program](https://rakenne.app/skills/iso27001-privacy-pii-program/index.md) — Build a comprehensive privacy program aligned with ISO 27001:2022 A.5.34 and major privacy regulations (GDPR, LGPD, CCPA). Produces five core privacy documents: external-facing privacy policy, Record … - [Resource Capacity Forecaster (ISO 27001 A.8.6)](https://rakenne.app/skills/resource-capacity-forecaster/index.md) — Draft and validate the Capacity Management Plan for ISO 27001 A.8.6. Documents monitoring and adjustment of CPU, RAM, disk and network to ensure availability and prevent denial of service from … - [SDLC Control Drafter (ISO 27001 A.8.28)](https://rakenne.app/skills/sdlc-control-drafter/index.md) — Draft and maintain ISO 27001-aligned Secure Development Lifecycle (SDLC) policy: Security by Design, Security by Default, and security gates (SAST/DAST, peer review, threat modeling). Includes OWASP … --- Back to [All Tags](https://rakenne.app/skill-tags/) | [Skill Library](https://rakenne.app/skills/)