# Skills tagged "Nist" 20 skills with this tag. URL: https://rakenne.app/skill-tags/nist/index.md - [Cross-compliance mapping: how to unify ISO 27001, NIST CSF, SOC 2, and GDPR in one matrix](https://rakenne.app/learn/use-cases/cross-compliance-mapping-multiple-frameworks/index.md) — A practical look at multi-framework compliance mapping — the traditional spreadsheet approach versus structured, version-pinned skill workflows. Includes real output excerpts and conversation … - [For GRC consultants: how Rakenne workspaces, skills, and validation fit real engagements](https://rakenne.app/learn/use-cases/grc-consultants-workflows-and-templates/index.md) — A balanced look at ISO 27001, SOC 2, and NIST 800-53 templates in Rakenne — what the product does, where human judgment stays central, and how structured skills change the drafting workflow. - [CMMC Assessment Scoping](https://rakenne.app/skills/cmmc-scoping/index.md) — Define CMMC assessment scope, authorization boundary, and network architecture for Level 1 or Level 2. Documents in-scope assets and network diagram narrative for the SSP. - [CMMC Asset Inventory](https://rakenne.app/skills/cmmc-asset-inventory/index.md) — Create and maintain the CMMC asset inventory: CUI assets, security protection assets, and contractor risk-managed assets for assessment scope. - [CMMC Plan of Action & Milestones](https://rakenne.app/skills/cmmc-poam/index.md) — Draft and validate the CMMC POA&M: track control deficiencies, remediation plans, owners, and due dates for Conditional Level 2 or Level 3. - [CMMC Policies and Procedures](https://rakenne.app/skills/cmmc-policies-procedures/index.md) — Draft CMMC-aligned security policies and procedures for all NIST 800-171 domains: Access Control, Audit, Awareness, Configuration Management, and others. - [CMMC Readiness Gap Analysis](https://rakenne.app/skills/cmmc-readiness-gap-analysis/index.md) — Map controls to NIST SP 800-171 practices, identify CMMC coverage gaps, and build a prioritized remediation roadmap for Level 1 or Level 2. - [CMMC System Security Plan](https://rakenne.app/skills/cmmc-ssp/index.md) — Draft and validate the CMMC SSP for Level 1 or Level 2: system description, boundary, and implementation narratives for each NIST 800-171 practice with evidence pointers. - [Cross-Compliance Matrix](https://rakenne.app/skills/cross-compliance-matrix/index.md) — Produce a unified multi-framework compliance matrix mapping controls across ISO 27001:2022, NIST CSF 2.0, SOC 2 TSC, GDPR, NIS2/DORA, and NIST 800-53/CMMC. Scores coverage per framework, identifies … - [FedRAMP Authorization Package](https://rakenne.app/skills/fedramp-authorization-package/index.md) — Draft and validate FedRAMP authorization packages for cloud service providers: System Security Plan (SSP) with all required attachments, Security Assessment Plan (SAP), Security Assessment Report … - [HIPAA Security Risk Assessment (SRA)](https://rakenne.app/skills/hipaa-security-risk-assessment/index.md) — Draft and validate the Security Risk Assessment required by the HIPAA Security Rule (45 CFR §164.308(a)(1)). Defines scope and ePHI boundaries, inventories assets and Business Associate relationships, … - [NIST Password Logic Adapter (CISA CPG 1.2)](https://rakenne.app/skills/nist-password-logic-adapter/index.md) — Rewrite legacy password policies to prioritize length and entropy over complexity and aging, and draft the Compromised Password Detection Protocol. Aligns with NIST SP 800-63B and CISA CPG 1.2; … - [NIST SP 800-53 / CSF Crosswalk](https://rakenne.app/skills/nist-800-53-csf-crosswalk/index.md) — Bidirectional crosswalk between NIST Cybersecurity Framework (CSF) 2.0 subcategories and SP 800-53 Rev 5 controls. Maps CSF subcategories to 800-53 controls and vice versa, identifies gaps in either … - [NIST SP 800-53 Baseline Selector](https://rakenne.app/skills/nist-800-53-baseline-selector/index.md) — Select and tailor an SP 800-53 Rev 5 control baseline based on FIPS 199 categorization and regulatory overlays (HIPAA, PCI-DSS, GDPR, SOX, FedRAMP, CMMC). Applies the appropriate Low/Moderate/High … - [NIST SP 800-53 Control Standard Author](https://rakenne.app/skills/nist-800-53-control-standard-author/index.md) — Author implementation standards for individual NIST SP 800-53 controls. Each standard documents the control objective, implementation narrative, technology and tools, responsible roles, evidence … - [NIST SP 800-53 Family Policy Author](https://rakenne.app/skills/nist-800-53-family-policy-author/index.md) — Author NIST SP 800-53 family-level policies (the -1 controls) for each control family. Produces structured policy documents with Purpose, Scope, Applicability, Policy Statements, Roles & … - [NIST SP 800-53 Gap Analysis](https://rakenne.app/skills/nist-800-53-gap-analysis/index.md) — Conduct a gap analysis across the NIST SP 800-53 compliance program. Cross-references tailored control catalog against policies, standards, and mappings to identify coverage gaps. Prioritizes … - [NIST SP 800-53 Organization Profile](https://rakenne.app/skills/nist-800-53-organization-profile/index.md) — Build and validate the organizational context profile for NIST SP 800-53 Rev 5 compliance. Captures FIPS 199 security categorization (Confidentiality, Integrity, Availability impact levels), … - [NIST SP 800-53 Policy-Control Mapper](https://rakenne.app/skills/nist-800-53-policy-control-mapper/index.md) — Map existing policy and standard documents to NIST SP 800-53 controls with AI-assisted quality scoring. Rates each mapping as High/Medium/Low confidence with documented justification. Identifies … - [StateRAMP Authorization Package](https://rakenne.app/skills/stateramp-authorization-package/index.md) — Draft and validate StateRAMP authorization packages for cloud service providers serving U.S. state and local government: System Security Plan (SSP) with attachments, Security Assessment Plan (SAP), … --- Back to [All Tags](https://rakenne.app/skill-tags/) | [Skill Library](https://rakenne.app/skills/)