# Skill Packages

> Browse ready-made AI workflow skills for document elaboration, review, and structuring.

URL: https://rakenne.app/skills/index.md

713 skills available. Browse by tag: [Skill Tags](https://rakenne.app/skill-tags/)

## All Skills

### [10-K Risk Factors (Item 1A)](https://rakenne.app/skills/sec-10k-risk-factors/index.md)
Draft and validate the Risk Factors section of a Form 10-K under Reg S-K Item 105: organize by materiality, write company-specific narratives, add a two-page summary when the section exceeds 15 pages, and validate structure and compliance.
Tags: SEC, Securities, Regulatory, Form 10-K, Risk Factors, Reg S-K, Compliance

### [Accreditation self-study section](https://rakenne.app/skills/accreditation-self-study-section/index.md)
Draft and validate accreditation self-study sections (criterion ID, narrative, evidence reference) for audit.
Tags: Education, Accreditation, Self-study, Compliance

### [Aço Estrutural — Especificações Técnicas (Brasil)](https://rakenne.app/skills/civil-structural-steel-brasil/index.md)
Elaboração guiada de especificações técnicas para estruturas de aço portantes conforme NBR 8800:2024, com validação de coeficientes de segurança, referência cruzada de graus de aço e checklist de conformidade.
Tags: Engineering, Construction, Structural Steel, NBR 8800, Brazil, Infrastructure

### [ADR Dangerous Goods Transport Documentation](https://rakenne.app/skills/eu-adr-dangerous-goods-transport/index.md)
Draft and validate transport documentation for the carriage of dangerous goods by road under ADR. Covers transport document §5.4.1, packing certificate, emergency information, and instructions in writing.
Tags: ADR, Dangerous Goods, Transport, EU, Compliance

### [Aged Care Quality Compliance](https://rakenne.app/skills/aged-care-quality-compliance/index.md)
Draft and validate Quality Care Advisory Body reports and Continuous Improvement plans for Australian aged care. Aligns with the Aged Care Quality Standards and SIRS (Serious Incident Response Scheme). Includes SIRS notification validation and standards mapping for clinical outcomes.
Tags: Australia, Aged Care, Compliance, Aged Care Quality Standards, SIRS, Quality Care Advisory Body, Continuous Improvement

### [AI Bias Narrative Auditor](https://rakenne.app/skills/ai-bias-narrative-auditor/index.md)
Document risk, bias, and transparency for Algorithmic Impact Assessment (AIA). Critique Human-in-the-loop descriptions against EU AI Act Art. 14 and Canadian Directive thresholds; verify dataset provenance and copyright/privacy compliance.
Tags: EU AI Act, Algorithmic Impact Assessment, Compliance, Bias, Human oversight, Canadian Directive, Data governance

### [AI Risk & Transparency Auditor](https://rakenne.app/skills/ai-risk-transparency-auditor/index.md)
Draft and validate a Fundamental Rights Impact Assessment (FRIA) for high-risk AI systems under the EU AI Act. Validates Instructions for Use against Art. 13 transparency requirements and audits technical documentation for bias mitigation and data governance per Art. 10.
Tags: AI, Compliance, EU AI Act, Transparency, Bias, Governance, Validation

### [Alcohol Licensing (Operating Schedules)](https://rakenne.app/skills/alcohol-licensing-operating-schedules/index.md)
Draft Operating Schedules for UK Premises Licence applications under the Licensing Act 2003. Covers licensable activities, times, premises description, and steps to promote the four licensing objectives for bars, restaurants, hotels and hospitality.
Tags: Licensing Act 2003, UK, Hospitality, Compliance, Alcohol

### [AML/BSA Compliance Program (Fintech & MSB)](https://rakenne.app/skills/aml-bsa-compliance-program/index.md)
Draft a complete AML/BSA compliance program for non-bank financial institutions — fintechs, MSBs, crypto exchanges, and insurance companies. Covers all five BSA pillars: compliance officer, policies, independent testing, training, and CDD. Includes CTR filing, transaction monitoring, SAR filing, OFAC screening (50% Rule, proliferation financing), and information sharing procedures.
Tags: Compliance, Financial Services, AML, BSA, FinCEN, Fintech, MSB, OFAC, SAR, CTR, CDD, KYC, Crypto

### [AML/CTF Program (AUSTRAC)](https://rakenne.app/skills/aml-ctf-program-austrac/index.md)
Create and validate Part A and Part B of the Anti-Money Laundering and Counter-Terrorism Financing Program for Australian reporting entities. Covers risk management, CDD, transaction monitoring, SMR, and Safe Harbour verification procedures for individual customers. Works with austrac_risk_profiler for customer risk; includes kyc_procedure_audit to flag missing Safe Harbour steps.
Tags: AUSTRAC, Australia, AML, CTF, Compliance, Finance, KYC, Safe Harbour

### [AML/CTF Program Manual](https://rakenne.app/skills/aml-program-manual/index.md)
Draft and validate an Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) Program Manual covering KYC/CDD/EDD, transaction monitoring, sanctions screening (including PF-TFS), SAR/STR filing, and governance. Aligned with FATF Recommendations and the EU 6th Anti-Money Laundering Directive (6AMLD). Includes red_flag_library for industry-specific transaction monitoring indicators across 8 sectors, and sanctions_list_frequency_check to validate screening cadences, CTF/PF content, record retention, and board governance against the firm's risk appetite.
Tags: AML, CTF, FATF, 6AMLD, Compliance, Finance, KYC, Sanctions, Transaction Monitoring, Proliferation Financing

### [Analyze Financial Data](https://rakenne.app/skills/analyze-financial-data/index.md)
Review and analyze financial statements, budgets, and projections. Produces structured analysis with key findings, trends, and actionable recommendations.
Tags: Analysis, Finance, Reports

### [Annex 1 CCS Validator](https://rakenne.app/skills/annex1-ccs-validator/index.md)
Draft and validate a Contamination Control Strategy (CCS) for pharmaceutical sterile manufacturing per EU GMP Annex 1 (2023). Maps cleanroom classifications to grades A/B/C/D, validates environmental monitoring limits against the stricter 2023 microbial thresholds, and checks airflow patterns, pressure cascades, and CCS element coverage.
Tags: Pharmaceutical, Manufacturing, GMP, Compliance, Validation, EU GMP Annex 1

### [AOP/AOC Cahier des Charges](https://rakenne.app/skills/aop-aoc-cahier-des-charges/index.md)
Maintain and update Cahier des Charges for French AOP/AOC protected designations (INAO). Validates geographical area and production methods in specifications and audits AOP/AOC logo and mandatory mentions on packaging drafts.
Tags: Agriculture, France, INAO, AOP, AOC, Compliance, Cahier des Charges, Labelling, Agri-food

### [API / OSHA PSM — Process Safety Management Documentation](https://rakenne.app/skills/us-api-osha-psm-documentation/index.md)
Draft and validate the Process Safety Management (PSM) programme documentation required by OSHA 29 CFR 1910.119 for facilities handling highly hazardous chemicals. Covers process safety information, PHA, operating procedures, MOC, and incident investigation.
Tags: OSHA, PSM, Process Safety, Oil & Gas, United States

### [APO DigiCap Maturity Assessment](https://rakenne.app/skills/apo-digicap-maturity-assessment/index.md)
Draft and maintain a DigiCap-aligned maturity assessment: dimensions, levels, evidence, and strategic themes (customization, human capital, leadership) for manufacturing SMEs.
Tags: APO, DigiCap, Maturity, SME, Digital Transformation, Assessment

### [APO DigiCap Maturity Level Justification](https://rakenne.app/skills/apo-digicap-maturity-justification/index.md)
Draft maturity level justification and evidence package for a target DigiCap level, for assessment or internal audit.
Tags: APO, DigiCap, Maturity Level, Justification, Evidence, Assessment

### [APO Digital Innovation Canvas](https://rakenne.app/skills/apo-digital-innovation-canvas/index.md)
Draft and maintain the APO Digital Innovation Canvas: drivers, initiatives, roadmap, and five-step process (assessment, awareness, intervention, experience, feedback).
Tags: APO, Digital Innovation, Canvas, Roadmap, SME, Process

### [APO Digital Readiness Assessment](https://rakenne.app/skills/apo-digital-readiness-assessment/index.md)
Draft and maintain an APO-aligned digital readiness assessment: current state, dimensions, gaps, and recommendations for a digitally enabled business and Industry 4.0.
Tags: APO, Digital Readiness, SME, Industry 4.0, Assessment

### [APO Transformation / Productivity Narrative](https://rakenne.app/skills/apo-transformation-productivity-narrative/index.md)
Draft and maintain an APO-aligned narrative linking digital transformation to productivity and maturity: current state, targets, and strategic themes (customization, human capital, leadership).
Tags: APO, Digital Transformation, Productivity, Maturity, Narrative, SME

### [Appalti Italia](https://rakenne.app/skills/appalti-italia/index.md)
Aiuta a preparare e strutturare appalti pubblici in Italia conformemente al Codice degli Appalti (d.lgs. 36/2023): struttura dei documenti di gara, parti obbligatorie, soglie e procedure, profilo del committente. Complementare a espd_auto_populator per la compilazione della Dichiarazione Europea di Candidatura (ESPD).
Tags: Italy, Public Procurement, Codice degli Appalti, Procurement, ESPD, Regulated Sector

### [AS9100 Procedure Author](https://rakenne.app/skills/as9100-procedure-author/index.md)
Guided elaboration of AS9100-aligned procedures and risk-based thinking documentation: quality manual sections, process procedures (design, purchasing, production, NCM), and key objective evidence for AS9100 Rev D.
Tags: AS9100, Aerospace, Defense, QMS, Compliance

### [ASME Design Spec Author](https://rakenne.app/skills/asme-design-spec-author/index.md)
Guided elaboration of design and construction documentation per ASME BPVC or B31 — design basis, material selection, weld and NDE requirements, pressure/temperature limits.
Tags: ASME, Pressure Equipment, Piping, Design, Compliance

### [ASPICE ACQ.2 Supplier Request and Selection](https://rakenne.app/skills/aspice-acq-supplier-request-selection/index.md)
Elaborate ASPICE ACQ.2 work products: acquisition plan, RFP/RFQ, supplier evaluation, and supplier agreement for Automotive SPICE (VDA PAM 4.0).
Tags: Automotive, ASPICE, Acquisition, Suppliers

### [ASPICE MAN.3 Project Management](https://rakenne.app/skills/aspice-man-project-management/index.md)
Elaborate ASPICE MAN.3 work products: project plan, monitoring data, and corrective actions for Automotive SPICE (VDA PAM 4.0).
Tags: Automotive, ASPICE, Project Management

### [ASPICE SUP.1 Quality Assurance](https://rakenne.app/skills/aspice-sup-quality-assurance/index.md)
Elaborate ASPICE SUP.1 work products: QA plan, audit/review records, and noncompliance reports for Automotive SPICE (VDA PAM 4.0).
Tags: Automotive, ASPICE, Quality Assurance

### [ASPICE SUP.8 Configuration Management](https://rakenne.app/skills/aspice-sup-configuration-management/index.md)
Elaborate ASPICE SUP.8 work products: configuration management plan, baselines, and status records for Automotive SPICE (VDA PAM 4.0).
Tags: Automotive, ASPICE, Configuration Management

### [ASPICE SUP.9 Problem Resolution Management](https://rakenne.app/skills/aspice-sup-problem-resolution-management/index.md)
Elaborate ASPICE SUP.9 work products: problem resolution procedure, problem reports, and resolution/verification records for Automotive SPICE (VDA PAM 4.0).
Tags: Automotive, ASPICE, Problem Resolution

### [ASPICE SWE.1 Software Requirements Analysis](https://rakenne.app/skills/aspice-swe-requirements-analysis/index.md)
Elaborate ASPICE SWE.1 work products: software requirements specification and traceability to system requirements for Automotive SPICE (VDA PAM 4.0).
Tags: Automotive, ASPICE, Software Engineering, Requirements

### [ASPICE SWE.2 Software Architectural Design](https://rakenne.app/skills/aspice-swe-architectural-design/index.md)
Elaborate ASPICE SWE.2 work products: software architecture, requirement allocation, and interface specifications for Automotive SPICE (VDA PAM 4.0).
Tags: Automotive, ASPICE, Software Engineering, Architecture

### [ASPICE SWE.3 Software Detailed Design and Unit Construction](https://rakenne.app/skills/aspice-swe-detailed-design-unit-construction/index.md)
Elaborate ASPICE SWE.3 work products: detailed design and software units (code) with traceability for Automotive SPICE (VDA PAM 4.0).
Tags: Automotive, ASPICE, Software Engineering, Design

### [ASPICE SWE.4 Software Unit Verification](https://rakenne.app/skills/aspice-swe-unit-verification/index.md)
Elaborate ASPICE SWE.4 work products: unit verification strategy, test specification, and verification results for Automotive SPICE (VDA PAM 4.0).
Tags: Automotive, ASPICE, Software Engineering, Testing

### [ASPICE SWE.5 Software Integration and Integration Test](https://rakenne.app/skills/aspice-swe-integration-test/index.md)
Elaborate ASPICE SWE.5 work products: software integration strategy, integration test specification, and test results for Automotive SPICE (VDA PAM 4.0).
Tags: Automotive, ASPICE, Software Engineering, Testing

### [ASPICE SYS.1 Requirements Elicitation](https://rakenne.app/skills/aspice-sys-requirements-elicitation/index.md)
Elaborate ASPICE SYS.1 work products: stakeholder needs specification and traceability from needs to sources for Automotive SPICE (VDA PAM 4.0).
Tags: Automotive, ASPICE, Systems Engineering, Requirements

### [ASPICE SYS.2 System Requirements Analysis](https://rakenne.app/skills/aspice-sys-requirements-analysis/index.md)
Elaborate ASPICE SYS.2 work products: system requirements specification and traceability to stakeholder needs for Automotive SPICE (VDA PAM 4.0).
Tags: Automotive, ASPICE, Systems Engineering, Requirements

### [ASPICE SYS.3 System Architectural Design](https://rakenne.app/skills/aspice-sys-architectural-design/index.md)
Elaborate ASPICE SYS.3 work products: system architecture, requirement allocation, and interface specifications for Automotive SPICE (VDA PAM 4.0).
Tags: Automotive, ASPICE, Systems Engineering, Architecture

### [ASPICE SYS.4 System Integration and Integration Test](https://rakenne.app/skills/aspice-sys-integration-test/index.md)
Elaborate ASPICE SYS.4 work products: integration strategy, integration test specification, and test results for Automotive SPICE (VDA PAM 4.0).
Tags: Automotive, ASPICE, Systems Engineering, Testing

### [ASPICE SYS.5 System Qualification Test](https://rakenne.app/skills/aspice-sys-qualification-test/index.md)
Elaborate ASPICE SYS.5 work products: qualification test strategy, test specification, and test results for Automotive SPICE (VDA PAM 4.0).
Tags: Automotive, ASPICE, Systems Engineering, Testing

### [ASTM Material Spec Author](https://rakenne.app/skills/astm-material-spec-author/index.md)
Guided elaboration of material specifications and test/acceptance documentation that reference ASTM standards — material designation, test methods, acceptance criteria, and COC requirements.
Tags: ASTM, Materials, Test Methods, Compliance, Specifications

### [Auditoría de Conformidad EIA](https://rakenne.app/skills/eea-compliance-audit/index.md)
Valida Estudios de Impacto Ambiental (EsIA) frente a los umbrales regionales y nacionales de la Ley 21/2013 de evaluación ambiental (España): matriz de impacto, medidas preventivas y correctoras, Programa de Vigilancia Ambiental.
Tags: Spain, Environment, EIA, Ley 21/2013, Infrastructure, Compliance, Regulated Sector

### [Auditoria de Rotulagem de Alimentos e Suplementos](https://rakenne.app/skills/nutritional-label-validator/index.md)
Revisão completa de arte e tabelas nutricionais frente à regulamentação ANVISA. Valida aplicação da Lupa (excesso de açúcar, sódio ou gordura saturada), formato da tabela nutricional (ordem dos nutrientes, %VD, porções), avisos ALÉRGICOS: CONTÉM... (caixa alta, negrito, posicionamento, 2 mm), e requisitos específicos de suplementos alimentares (designação, frases obrigatórias, alegações, advertências). Mercado: indústria de alimentos e suplementos. Regulação: ANVISA — RDC 429/2020, IN 75/2020, RDC 727/2022, RDC 243/2018, IN 28/2018.
Tags: ANVISA, Food Industry, Supplements, Labelling, Compliance, Brazil, Nutritional labelling, Allergens, RDC 429, RDC 243, IN 75, IN 28

### [B Corp Policy Evidence Author](https://rakenne.app/skills/bcorp-policy-evidence-author/index.md)
Guided elaboration of B Corp BIA support documentation — policy evidence and narratives for Governance, Workers, Community, Environment, and Customers; improvement plans for low-scoring areas.
Tags: B Corp, BIA, Sustainability, Certification, Compliance

### [BACEN GRSAC - Relatórios de Risco e Capital](https://rakenne.app/skills/bacen-grsac/index.md)
Use quando o usuário precisar criar relatórios de gerenciamento de riscos e ativos padronizados conforme as normas de supervisão do Banco Central do Brasil (BACEN). Use para elaborar relatórios GRSAC, análises de risco de crédito, liquidez, mercado e operacional, adequação de capital, e documentos de governança corporativa. Use sempre que o usuário mencionar BACEN, supervisão bancária, gestão de riscos, adequação de capital, Basileia III, relatórios regulamentares, RGR, RAC, ou qualquer documento exigido pelo sistema financeiro brasileiro.
Tags: BACEN, Regulamentação, Gestão de Riscos, Capital, Compliance, Supervisão Bancária, Basileia III, Sistema Financeiro

### [Backup Immutability Auditor (CISA CPG 3.1)](https://rakenne.app/skills/backup-immutability-auditor/index.md)
Document and validate CISA CPG 3.1 Offline Backup & Verification Log: air-gapped or immutable backups so even a Global Admin cannot delete secondary copies, plus periodic Test Restore Log evidence (e.g. every 30 days).
Tags: CISA, CPG, Critical Infrastructure, Backup, Ransomware, Recovery

### [BCAR Building Control](https://rakenne.app/skills/bcar-building-control/index.md)
Draft and validate the Certificate of Compliance on Completion and the Assigned Certifier's inspection plan under Ireland's Building Control (Amendment) Regulations (BCAR). Ensures the inspection plan covers all mandatory Ancillary Certificates (Form Annexes) from sub-contractors for structural elements, with validation via ancillary_cert_sync.
Tags: Ireland, Construction, Building Control, BCAR, Regulatory, Architecture

### [BCB 498/2025 — PSTI (Credenciamento e Conformidade)](https://rakenne.app/skills/bacen-res-498/index.md)
Elaboração e revisão de documentação para credenciamento e conformidade de PSTI: capital, auditoria, estrutura de segurança, soberania criptográfica e notificação de incidentes ao BCB.
Tags: BACEN, BCB, PSTI, Cibersegurança, SPB, Brazil

### [BCB 519/2025 — PSAVs: Autorização e Governança](https://rakenne.app/skills/bacen-vasp-res-519/index.md)
Elaboração e revisão de documentação para autorização e governança de PSAVs: due diligence de controladores e administradores, requisitos de sede e estrutura de governança.
Tags: BACEN, BCB, VASP, PSAV, Ativos Virtuais, Brazil

### [BCB 520/2025 — PSAVs: Funcionamento e Compliance](https://rakenne.app/skills/bacen-vasp-res-520/index.md)
Elaboração e revisão de documentação de funcionamento, proteção ao cliente, AML, governança, segurança e supervisão prudencial das PSAVs.
Tags: BACEN, BCB, VASP, PSAV, Compliance, AML, Brazil

### [BCB 521/2025 — Ativos Virtuais no Câmbio](https://rakenne.app/skills/bacen-vasp-res-521/index.md)
Elaboração e revisão de documentação de operações com ativos virtuais no câmbio e nos capitais internacionais: pagamentos internacionais, transferências autocustódia e stablecoins.
Tags: BACEN, BCB, VASP, Ativos Virtuais, Câmbio, Brazil

### [BCB 538/2025 — Segurança Cibernética (Instituições de Pagamento)](https://rakenne.app/skills/bacen-res-538/index.md)
Elaboração e revisão de política de segurança cibernética para instituições de pagamento, alinhada à CMN 5.274 e à Res. BCB 538.
Tags: BACEN, BCB, Cibersegurança, Instituições de Pagamento, SPB, Brazil

### [BCMS BIA & Plan Author](https://rakenne.app/skills/bcms-bia-plan-author/index.md)
Guided elaboration of BCMS documentation for ISO 22301: scope and context (Clause 4), BC policy (Clause 5), risk assessment for disruption (Clause 8.3), business impact analysis with MTPD/MBCO/RTO/RPO (Clause 8.4), continuity strategies and BC/DR plans, and plan testing and exercising (Clause 8.5). Validates that critical activities have MTPD, MBCO, and RTO defined; checks RPO for IT/data-dependent activities; and flags missing dependency or SPOF notes.
Tags: Business Continuity, ISO 22301, BCMS, BIA, RTO, RPO, MTPD, MBCO, Compliance

### [BCP Audit Evidence Pack](https://rakenne.app/skills/bcp-audit-evidence-pack/index.md)
Create a consolidated Business Continuity Evidence Pack for SOC 2, ISO 22301, or ISO 27001 audits. Combines BIA summary, RTO/RPO targets, recovery plans, DR test matrix, and auditor checklist into a single audit-ready document with cross-validation.
Tags: Business Continuity, SOC 2, ISO 22301, ISO 27001, Audit, Compliance, Disaster Recovery

### [BEP & EIR Elaborator](https://rakenne.app/skills/bep-eir-elaborator/index.md)
Guided elaboration of BIM Execution Plan (BEP — pre-appointment and post-appointment), OIR/AIR/PIR, EIR, MIDP/TIDP, and CDE workflow per ISO 19650-1/2. Verifies required BEP sections including LOIN, MIDP/TIDP, CDE states, and naming convention; checks deliverables map to project stages and responsibility matrix.
Tags: BIM, ISO 19650, Construction, Information Management, Compliance

### [Bill of lading review](https://rakenne.app/skills/bill-of-lading-review/index.md)
Extract and validate B/L fields (parties, ports, INCOTERMS, date, clean/claused, cargo); flag discrepancies vs L/C or contract.
Tags: Maritime, Trade, Bill of lading, INCOTERMS, Logistics

### [Biotech Dossier Expert — Terapias Avançadas (ANVISA)](https://rakenne.app/skills/biotech-dossier-expert/index.md)
Elaboração do dossiê técnico para registro de produtos de terapias avançadas (células, tecidos, terapias gênicas). Organiza documentação de CQ, esterilidade e dados clínicos conforme RDC 338/2020 e Agenda Regulatória 2026. Inclui validação de integridade aséptica.
Tags: Biotechnology, Pharmaceutical, ANVISA, Brazil, Quality Control, Regulatory, Advanced therapies

### [Board Committee Charters](https://rakenne.app/skills/governance-scope-audit/index.md)
Define and review board committee charters (Audit, Risk, Compensation) with clear scope and responsibilities aligned to NYSE, NASDAQ, and LSE listing rules. Detects overlapping responsibilities and gaps in oversight; validates quorum and voting rules against local corporate law.
Tags: Governance, Compliance, Listing Rules, Audit Committee, Risk Committee, Compensation Committee

### [Building Safety Golden Thread Auditor](https://rakenne.app/skills/golden-thread-auditor/index.md)
Draft and audit Safety Case Reports for high-rise residential buildings under the UK Building Safety Act 2022. Validates external wall system specifications against the combustible materials ban (SI 2018/1230), checks for required test evidence (BS 8414 / BR 135), and ensures the digital golden thread meets BSR requirements.
Tags: Construction, Fire Safety, Building Safety Act 2022, BSR, United Kingdom, Regulatory

### [Business Ethics & Code of Conduct](https://rakenne.app/skills/ethical-dilemma-generator/index.md)
Draft and validate Codes of Conduct as the high-level cultural guide for employee behavior. Creates industry-specific ethical-dilemma Scenario boxes (e.g. facilitation payments, conflicts of interest, gifts) and validates readability for a global workforce. Aligned with Federal Sentencing Guidelines (USA) and Sapin II (France).
Tags: Ethics, Compliance, Code of Conduct, Federal Sentencing Guidelines, Sapin II, Governance

### [Business Impact Analysis (BIA)](https://rakenne.app/skills/bia-rto-calculator/index.md)
Conduct structured Business Impact Analyses per ISO 22301. Guides interviews, maps process dependencies, determines RTO/RPO targets, and validates consistency across the dependency chain with automated tools that flag timing conflicts and circular dependencies.
Tags: Business Continuity, Risk Management, ISO 22301, Compliance

### [CAA Drone Safety Cases (UAS)](https://rakenne.app/skills/caa-uas-osc/index.md)
Draft and validate the Operating Safety Case (OSC) for complex UAS operations under the UK CAA. Covers the three-volume structure per CAP 722A (Operations Manual, Technical Manual, Risk Assessment), ground and air risk, and integration with risk evaluation and airspace checks.
Tags: Aviation, CAA, United Kingdom, Regulatory, Drones, UAS, Safety Case

### [Canada Privacy & PIA](https://rakenne.app/skills/canada-privacy-pia/index.md)
Guide to Canadian privacy law (PIPEDA, provincial private-sector laws, Bill C-27 status) and Privacy Impact Assessments for federal and private-sector data handling. Use with PIA outline and references to elaborate PIAs.
Tags: Canada, Privacy, PIPEDA, CPPA, Bill C-27, PIA, Compliance

### [Canadian Cannabis — Facility Video](https://rakenne.app/skills/can-cannabis-facility-video/index.md)
Draft visual monitoring and recording policies for Health Canada Cannabis facilities. Covers device placement, retention, and compliance for standard cultivation, processing, and sale for medical purposes (with possession).
Tags: Canada, Cannabis, Health Canada, Video surveillance, Physical security, Licensing

### [Canadian Cannabis — Good Production Practices (GPP)](https://rakenne.app/skills/can-cannabis-gpp/index.md)
Draft GPP documentation under Part 5 of the Cannabis Regulations. Covers sanitation, storage, distribution, pest control, QA, preventive controls, testing, and the Quality Assurance Person (QAP) role for cultivation and processing licences.
Tags: Canada, Cannabis, Health Canada, GPP, Quality assurance, Licensing

### [Canadian Cannabis — Key Personnel](https://rakenne.app/skills/can-cannabis-key-personnel/index.md)
Identify and document key personnel for Health Canada Cannabis licences. Covers responsible person, head of security, master grower, QAP, directors and officers, security clearances, and organizational chart for OSP and CTLS.
Tags: Canada, Cannabis, Health Canada, Key personnel, Security clearance, Licensing

### [Canadian Cannabis — Physical Security (OSP)](https://rakenne.app/skills/can-cannabis-physical-security/index.md)
Draft the Organizational Security Plan (OSP) for Health Canada Cannabis licences. Covers applicant info, business overview, personnel requiring security clearance, head of security, organizational chart, and diversion risk mitigation.
Tags: Canada, Cannabis, Health Canada, Physical security, OSP, Licensing

### [Canadian Cannabis — Site Plans](https://rakenne.app/skills/can-cannabis-site-plan/index.md)
Prepare site and floor plans for Health Canada Cannabis licence applications. Covers visual monitoring and intrusion detection device locations for the site evidence package (cultivation, processing, sale for medical purposes).
Tags: Canada, Cannabis, Health Canada, Site plan, Licensing

### [CAPA Report](https://rakenne.app/skills/capa-report/index.md)
Corrective and Preventive Action reports for audit non-conformities. Enforces 5 Whys root cause analysis and a future Effectiveness Check date (ISO 9001 / ISO 13485).
Tags: CAPA, Quality, ISO 9001, ISO 13485, Audit, Non-conformity

### [Carbon Credit Verification — Emission Baseline Verifier](https://rakenne.app/skills/emission-baseline-verifier/index.md)
Draft and validate MRV (Monitoring, Reporting, and Verification) documentation for voluntary carbon credit projects. Audits baseline scenarios, additionality arguments, and leakage accounting per ISO 14064-2, Verra VCS, and Gold Standard.
Tags: Environment, Carbon Credits, Emissions, ISO 14064, Verra, Gold Standard, Finance

### [CASA Drone Operating Safety Case (OSC)](https://rakenne.app/skills/casa-drone-osc/index.md)
Draft and validate the Operating Safety Case (OSC) for complex drone operations in Australia under CASA and CASR Part 101. SORA-aligned risk assessment (GRC, ARC, SAIL) and no-fly zone check against Australian PRD airspace. Logistics and agriculture.
Tags: Aviation, CASA, Australia, Regulatory, Drones, UAS, Safety Case, Logistics, Agriculture

### [CCPA/CPRA Privacy Program — Compliance Documentation Package](https://rakenne.app/skills/ccpa-cpra-privacy-program/index.md)
Draft and validate the core privacy compliance documentation package required under the California Consumer Privacy Act as amended by CPRA. Covers the privacy policy, DSAR procedures, data inventory, privacy impact assessment, opt-out mechanisms, and service provider/contractor agreements.
Tags: CCPA, CPRA, Privacy, California, Compliance, Data Protection, DSAR

### [CE Technical File Author](https://rakenne.app/skills/ce-technical-file-author/index.md)
Guided elaboration of CE technical documentation and Declaration of Conformity (DoC): applicable directives/regulations (e.g. RED, LVD, EMC, MDR, IVDR, Machinery), risk assessment, essential requirements checklist, and DoC content per product.
Tags: CE Marking, EU, Compliance, Technical Documentation, Declaration of Conformity

### [CFPB — Consumer Complaint Response & UDAAP Compliance](https://rakenne.app/skills/us-cfpb-complaint-udaap-compliance/index.md)
Draft and validate consumer complaint management programme and UDAAP compliance documentation for CFPB-supervised entities. Covers complaint response timelines, UDAAP risk assessment, fair lending, and board reporting.
Tags: CFPB, UDAAP, United States, Financial Services, Compliance

### [Change Impact Scorer (COBIT BAI06)](https://rakenne.app/skills/change-impact-scorer/index.md)
Draft change enablement and risk impact: pre-approved/standard change list using a weighted risk matrix. Ensures Emergency Changes require PIR. Includes emergency change logic check.
Tags: COBIT, BAI06, Change Management, Risk Matrix, PIR

### [Change Order Impact Analyzer](https://rakenne.app/skills/change-order-impact/index.md)
Trace the technical impact of a proposed specification change across all related sections, disciplines, and procurement items to prevent cascading contradictions.
Tags: Construction, Change Orders, Specifications, Impact Analysis, Risk Management, Engineering

### [Charities Governance Code Compliance](https://rakenne.app/skills/charities-governance-code-compliance/index.md)
Prepare the Charities Governance Code Compliance Record Form for the annual report to the Charities Regulator (Ireland). Aligns board minutes and policies with the six core principles and validates trustee term limits and rotation in the constitution.
Tags: Ireland, Governance, Charities, Compliance, Non-Profit, Regulator

### [Chemical Safety (SDS Author)](https://rakenne.app/skills/sds-author/index.md)
Author and validate Safety Data Sheets (SDS / FISPQ) compliant with REACH Annex II, GHS, CLP Regulation, and ABNT NBR 14725-4 for EU and Brazilian markets. Validates the 16 mandatory sections and cross-checks chemical concentrations against CLP thresholds to auto-suggest H and P phrases.
Tags: Chemicals, Compliance, REACH, GHS, NBR 14725, Safety, Validation, Brazil, European Union

### [CI Relationship Mapper (COBIT BAI10)](https://rakenne.app/skills/ci-relationship-mapper/index.md)
Draft the CMDB data model: how Hardware links to Software and Business Process. Ensures impact analysis is accurate. Includes orphan CI detector.
Tags: COBIT, BAI10, CMDB, Configuration, Impact Analysis

### [CIS Benchmark Mapper](https://rakenne.app/skills/cis-benchmark-mapper/index.md)
Draft Secure Configuration Baselines (hardening guides) from CIS Benchmarks or STIGs into formal policy. Validates recurring Drift Analysis schedule (NIST CSF 2.0 PR.PS).
Tags: NIST CSF, CIS Benchmarks, STIG, Hardening, GRC, Secure Configuration

### [CIS Controls Implementation Author](https://rakenne.app/skills/cis-controls-implementation-author/index.md)
Guided elaboration of CIS Controls v8 implementation plan — safeguard selection, IG1/IG2/IG3 alignment, and mapping to existing policies or controls.
Tags: CIS Controls, Cybersecurity, Implementation, Compliance

### [CISA Circular Formatter (CPG 7.1)](https://rakenne.app/skills/cisa-circular-formatter/index.md)
Format incident data for CISA and SRMA reporting under CPG 7.1 and CIRCIA. Enforces 72-hour (covered incident) and 24-hour (ransomware) notification windows and validates Information Requirements so the first report is complete.
Tags: CISA, CPG, CIRCIA, Critical Infrastructure, Incident Reporting, Ransomware

### [Clinical Report Writing](https://rakenne.app/skills/clinical-reports/index.md)
Write comprehensive clinical reports including case reports (CARE guidelines), diagnostic reports (radiology, pathology, lab), clinical trial reports (ICH-E3, SAE, CSR), and patient documentation (SOAP notes, H&P, discharge summaries). Includes regulatory compliance and validation tools.
Tags: Healthcare, Reports, Compliance

### [Clinical Trial Protocol (ICH E6 R3)](https://rakenne.app/skills/clinical-trial-protocol/index.md)
Draft clinical trial protocols compliant with ICH E6(R3) and ICH E8(R1). Covers study design, objectives, endpoints, eligibility criteria, estimand framework (ICH E9(R1)), statistical analysis plan, safety monitoring, IDMC, RBQMS, and regulatory submission requirements (FDA IND / EU CTR 536/2014 via CTIS) for all study phases and therapeutic areas.
Tags: Clinical Trial, ICH, Protocol, Pharma, GCP, Regulatory, FDA, EMA, CTIS, Biostatistics, Oncology, Rare Disease

### [Clinical Trial Protocol (ICH E6(R3) GCP)](https://rakenne.app/skills/ich-gcp-clinical-trial-protocol/index.md)
Draft and validate clinical trial protocols per ICH E6(R3) Good Clinical Practice and ICH E8(R1) General Considerations for Clinical Studies. Ensures the protocol contains all required elements for ethics committee / IRB submission and regulatory filing (EMA, FDA IND, ANVISA).
Tags: Healthcare, Clinical Trials, Compliance, ICH GCP

### [CMMC Assessment Scoping](https://rakenne.app/skills/cmmc-scoping/index.md)
Define CMMC assessment scope, authorization boundary, and network architecture for Level 1 or Level 2. Documents in-scope assets and network diagram narrative for the SSP.
Tags: CMMC, NIST, DoD, Compliance, Scoping

### [CMMC Asset Inventory](https://rakenne.app/skills/cmmc-asset-inventory/index.md)
Create and maintain the CMMC asset inventory: CUI assets, security protection assets, and contractor risk-managed assets for assessment scope.
Tags: CMMC, CMMC 2.0, NIST, DoD, Compliance, Asset Inventory

### [CMMC Plan of Action & Milestones](https://rakenne.app/skills/cmmc-poam/index.md)
Draft and validate the CMMC POA&M: track control deficiencies, remediation plans, owners, and due dates for Conditional Level 2 or Level 3.
Tags: CMMC, CMMC 2.0, NIST, DoD, Compliance, POA&M

### [CMMC Policies and Procedures](https://rakenne.app/skills/cmmc-policies-procedures/index.md)
Draft CMMC-aligned security policies and procedures for all NIST 800-171 domains: Access Control, Audit, Awareness, Configuration Management, and others.
Tags: CMMC, NIST, DoD, Compliance, Policies

### [CMMC Readiness Gap Analysis](https://rakenne.app/skills/cmmc-readiness-gap-analysis/index.md)
Map controls to NIST SP 800-171 practices, identify CMMC coverage gaps, and build a prioritized remediation roadmap for Level 1 or Level 2.
Tags: CMMC, CMMC 2.0, NIST, DoD, Compliance, Gap Analysis

### [CMMC System Security Plan](https://rakenne.app/skills/cmmc-ssp/index.md)
Draft and validate the CMMC SSP for Level 1 or Level 2: system description, boundary, and implementation narratives for each NIST 800-171 practice with evidence pointers.
Tags: CMMC, CMMC 2.0, NIST, DoD, Compliance, SSP

### [CMMI-DEV Causal Analysis and Resolution](https://rakenne.app/skills/cmmi-dev-causal-analysis-resolution/index.md)
Draft CMMI-DEV Causal Analysis and Resolution (CAR) deliverables: causal analysis reports and action proposals for ML5.
Tags: CMMI, CMMI-DEV, Process Improvement, Causal Analysis, ML5

### [CMMI-DEV Configuration Management](https://rakenne.app/skills/cmmi-dev-configuration-management/index.md)
Draft CMMI-DEV Configuration Management (CM) deliverables: configuration management plan, baselines, and change request/status documentation for ML2.
Tags: CMMI, CMMI-DEV, Process Improvement, Configuration Management, ML2

### [CMMI-DEV Decision Analysis and Resolution](https://rakenne.app/skills/cmmi-dev-decision-analysis-resolution/index.md)
Draft CMMI-DEV Decision Analysis and Resolution (DAR) deliverables: decision records, evaluation criteria, and alternatives analysis for ML3.
Tags: CMMI, CMMI-DEV, Process Improvement, Decision Analysis, ML3

### [CMMI-DEV Integrated Project Management](https://rakenne.app/skills/cmmi-dev-integrated-project-management/index.md)
Draft CMMI-DEV Integrated Project Management (IPM) deliverables: integrated plan, stakeholder involvement, and tailoring for ML3.
Tags: CMMI, CMMI-DEV, Process Improvement, Project Management, ML3

### [CMMI-DEV Measurement and Analysis](https://rakenne.app/skills/cmmi-dev-measurement-analysis/index.md)
Draft CMMI-DEV Measurement and Analysis (MA) deliverables: measurement plan, analysis reports, and measurement repository structure for ML2.
Tags: CMMI, CMMI-DEV, Process Improvement, Measurement, ML2

### [CMMI-DEV Organizational Performance Management](https://rakenne.app/skills/cmmi-dev-organizational-performance-management/index.md)
Draft CMMI-DEV Organizational Performance Management (OPM) deliverables: organizational improvement plan and performance baselines for ML5.
Tags: CMMI, CMMI-DEV, Process Improvement, Performance Management, ML5

### [CMMI-DEV Organizational Process Definition](https://rakenne.app/skills/cmmi-dev-organizational-process-definition/index.md)
Draft CMMI-DEV Organizational Process Definition (OPD) deliverables: standard processes, tailoring guidelines, and process asset library for ML3.
Tags: CMMI, CMMI-DEV, Process Improvement, Process Definition, ML3

### [CMMI-DEV Organizational Process Focus](https://rakenne.app/skills/cmmi-dev-organizational-process-focus/index.md)
Draft CMMI-DEV Organizational Process Focus (OPF) deliverables: process improvement plan, appraisal plans, and process action plans for ML3.
Tags: CMMI, CMMI-DEV, Process Improvement, OPF, ML3

### [CMMI-DEV Organizational Process Performance](https://rakenne.app/skills/cmmi-dev-organizational-process-performance/index.md)
Draft CMMI-DEV Organizational Process Performance (OPP) deliverables: process performance baselines and process performance models for ML4.
Tags: CMMI, CMMI-DEV, Process Improvement, Process Performance, ML4

### [CMMI-DEV Organizational Training](https://rakenne.app/skills/cmmi-dev-organizational-training/index.md)
Draft CMMI-DEV Organizational Training (OT) deliverables: training plan, training materials, and competency records for ML3.
Tags: CMMI, CMMI-DEV, Process Improvement, Training, ML3

### [CMMI-DEV Process and Product Quality Assurance](https://rakenne.app/skills/cmmi-dev-process-product-quality-assurance/index.md)
Draft CMMI-DEV Process and Product Quality Assurance (PPQA) deliverables: QA plan, audit reports, and noncompliance reports for ML2.
Tags: CMMI, CMMI-DEV, Process Improvement, Quality Assurance, ML2

### [CMMI-DEV Product Integration](https://rakenne.app/skills/cmmi-dev-product-integration/index.md)
Draft CMMI-DEV Product Integration (PI) deliverables: integration plan, integration procedures, and build environment for ML3.
Tags: CMMI, CMMI-DEV, Process Improvement, Product Integration, ML3

### [CMMI-DEV Project Monitoring and Control](https://rakenne.app/skills/cmmi-dev-project-monitoring-control/index.md)
Draft CMMI-DEV Project Monitoring and Control (PMC) deliverables: monitoring data, status reports, and corrective action plans for ML2.
Tags: CMMI, CMMI-DEV, Process Improvement, Project Management, ML2

### [CMMI-DEV Project Planning](https://rakenne.app/skills/cmmi-dev-project-planning/index.md)
Draft CMMI-DEV Project Planning (PP) deliverables: project plan (scope, schedule, resources, risks) and planning procedures for ML2.
Tags: CMMI, CMMI-DEV, Process Improvement, Project Planning, ML2

### [CMMI-DEV Quantitative Project Management](https://rakenne.app/skills/cmmi-dev-quantitative-project-management/index.md)
Draft CMMI-DEV Quantitative Project Management (QPM) deliverables: quantitatively managed plan and quality/process performance objectives for ML4.
Tags: CMMI, CMMI-DEV, Process Improvement, Quantitative Management, ML4

### [CMMI-DEV Requirements Development](https://rakenne.app/skills/cmmi-dev-requirements-development/index.md)
Draft CMMI-DEV Requirements Development (RD) deliverables: stakeholder needs, customer requirements, and product requirements for ML3.
Tags: CMMI, CMMI-DEV, Process Improvement, Requirements, ML3

### [CMMI-DEV Requirements Management](https://rakenne.app/skills/cmmi-dev-requirements-management/index.md)
Draft CMMI-DEV Requirements Management (REQM) deliverables: requirements baseline, traceability, and change requests for ML2.
Tags: CMMI, CMMI-DEV, Process Improvement, Requirements, ML2

### [CMMI-DEV Risk Management](https://rakenne.app/skills/cmmi-dev-risk-management/index.md)
Draft CMMI-DEV Risk Management (RSKM) deliverables: risk management plan and risk register for ML3.
Tags: CMMI, CMMI-DEV, Process Improvement, Risk Management, ML3

### [CMMI-DEV Supplier Agreement Management](https://rakenne.app/skills/cmmi-dev-supplier-agreement-management/index.md)
Draft CMMI-DEV Supplier Agreement Management (SAM) deliverables: supplier agreements, SOWs, and acceptance criteria for ML2.
Tags: CMMI, CMMI-DEV, Process Improvement, Supplier Management, ML2

### [CMMI-DEV Technical Solution](https://rakenne.app/skills/cmmi-dev-technical-solution/index.md)
Draft CMMI-DEV Technical Solution (TS) deliverables: design documents and technical solution options for ML3.
Tags: CMMI, CMMI-DEV, Process Improvement, Technical Solution, ML3

### [CMMI-DEV Validation](https://rakenne.app/skills/cmmi-dev-validation/index.md)
Draft CMMI-DEV Validation (VAL) deliverables: validation plan and validation results for ML3.
Tags: CMMI, CMMI-DEV, Process Improvement, Validation, ML3

### [CMMI-DEV Verification](https://rakenne.app/skills/cmmi-dev-verification/index.md)
Draft CMMI-DEV Verification (VER) deliverables: verification plan and verification results for ML3.
Tags: CMMI, CMMI-DEV, Process Improvement, Verification, ML3

### [CMN 5.274/2025 — Segurança Cibernética (SFN)](https://rakenne.app/skills/bacen-cmn-5274-2025/index.md)
Elaboração e revisão de política de segurança cibernética e documentação dos 14 controles mínimos obrigatórios, requisitos Pix/STR e testes de intrusão para instituições financeiras.
Tags: BACEN, BCB, CMN, Cibersegurança, SFN, Brazil

### [CMS Obligations Elaborator](https://rakenne.app/skills/cms-obligations-elaborator/index.md)
Guided elaboration of ISO 37301:2021 CMS documentation: organizational context and scope, compliance policy, measurable objectives, obligations register (with shall/should distinction), compliance risk assessment, controls mapping, and performance evaluation. Validates that mandatory obligations have controls and review dates, objectives are documented, high risks have mitigation, and monitoring arrangements are in place.
Tags: Compliance Management, ISO 37301, CMS, Compliance, Risk

### [COBIT Cascade Mapper (APO02)](https://rakenne.app/skills/cobit-cascade-mapper/index.md)
Build Goals Cascade traceability: map enterprise goals to alignment goals and IT objectives. Generate the Traceability Matrix showing how IT initiatives support stakeholder drivers. Includes alignment drift detector.
Tags: COBIT, APO02, Strategic Alignment, Goals Cascade, Traceability

### [Codex Product & Labelling Author](https://rakenne.app/skills/codex-product-labelling-author/index.md)
Guided elaboration of product standards or labelling documentation aligned to Codex commodity standards, General Standard for Labelling, or Codex guidelines. Complements HACCP skill (Codex 7 principles).
Tags: Codex Alimentarius, Labelling, Food, Compliance, HACCP

### [Commande publique France](https://rakenne.app/skills/commande-publique-france/index.md)
Aide à préparer et structurer des marchés publics en France conformément au Code de la Commande Publique : structure du DCE, pièces obligatoires, choix du CCAG, mise à disposition sur profil acheteur. Complémentaire à dce_packet_builder pour l’automatisation du Dossier de Consultation des Entreprises.
Tags: France, Public Procurement, Code de la Commande Publique, DCE, Public Sector, CCAG

### [Construction Change Order Claim Narrative](https://rakenne.app/skills/change-order-claim-narrative/index.md)
Draft contested construction change order claim narratives with entitlement analysis, causation arguments, and damages quantification for schedule delays, differing site conditions, constructive changes, cardinal changes, acceleration, and cumulative impact claims.
Tags: Construction, Claims, Disputes, Change Orders, Acceleration, Cumulative Impact, US Law

### [Construction Subcontract (Jurisdiction-Specific)](https://rakenne.app/skills/construction-subcontract/index.md)
Draft a jurisdiction-specific construction subcontract incorporating state mechanics lien laws, anti-indemnity statutes, prompt payment requirements, retainage limits, Davis-Bacon flow-downs, Miller Act bonding, and pay-if-paid/pay-when-paid provisions for US projects.
Tags: Construction, Legal, Subcontract, Mechanics Lien, Davis-Bacon, Miller Act, Anti-Indemnity, Retainage

### [Contrato com Operador — LGPD (Art. 39 e 42)](https://rakenne.app/skills/lgpd-contrato-operador/index.md)
Elaboração de contrato ou cláusulas entre controlador e operador de dados pessoais nos termos dos Art. 39 e 42 da LGPD. Cobre instruções do controlador, medidas de segurança, suboperadores, incidentes e responsabilidade. Inclui validação dos itens mínimos recomendados.
Tags: LGPD, ANPD, Contrato, Operador, Art. 39, Art. 42, Compliance, Brasil, Privacidade

### [CQC Statement of Purpose](https://rakenne.app/skills/cqc-statement-of-purpose/index.md)
Draft, update, and validate the legally required Statement of Purpose for CQC-registered healthcare providers in England. Maps service descriptions to the Five Key Questions (Safe, Effective, Caring, Responsive, Well-led) and validates regulated activities against CQC registration categories. Covers care homes, GP practices, dental surgeries, domiciliary care, and hospitals.
Tags: Healthcare, CQC, Compliance, United Kingdom, Care Homes, Statement of Purpose

### [Credenciamento Open Finance (PSTI)](https://rakenne.app/skills/psti-credential-validator/index.md)
Documentação técnica e validação de conformidade para Provedores de Serviços de Tecnologia da Informação no Open Finance Brasil (BCB, Res. 10/2026). Mapeia arquitetura de segurança e compara a API do cliente com o manual técnico do diretório central.
Tags: Open Finance, PSTI, BCB, Fintech, Compliance, API, Brazil

### [CRICOS Provider Registration](https://rakenne.app/skills/cricos-provider-registration/index.md)
Prepare the Quality Management System for CRICOS registration in Australia. Covers Cancellation of Enrolment policy and the mandatory 20-day appeal period (National Code 2018); validates policy with validate_cancellation_appeal_period. Complements student support and attendance (cricos_compliance_shield).
Tags: Australia, Compliance, International Education, CRICOS, ASQA, TEQSA, National Code 2018

### [Cross-Compliance Matrix](https://rakenne.app/skills/cross-compliance-matrix/index.md)
Produce a unified multi-framework compliance matrix mapping controls across ISO 27001:2022, NIST CSF 2.0, SOC 2 TSC, GDPR, NIS2/DORA, and NIST 800-53/CMMC. Scores coverage per framework, identifies gaps, and prioritizes remediation by cross-framework benefit and regulatory severity.
Tags: Cross-Compliance, GRC, Framework Mapping, ISO 27001, NIST, SOC 2, GDPR, NIS2, DORA, CMMC

### [Crypto Spec Generator](https://rakenne.app/skills/crypto-spec-generator/index.md)
Draft and validate Cryptographic Key Management & Encryption Standard (NIST CSF 2.0 PR.DS). Ensures FIPS 140-3–aligned algorithms and key lifecycle; flags legacy algorithms (SHA-1, 3DES, etc.) for 2026-era compliance.
Tags: NIST CSF, Encryption, Key Management, FIPS 140-3, GRC, Data Security

### [CSA NI 41-101 — Prospectus](https://rakenne.app/skills/csa-ni41101-prospectus/index.md)
Draft and validate a prospectus for Canadian offerings under NI 41-101 and Form 41-101F1 (general issuer). Ensures summary, risk factors, use of proceeds, business description, and financial information for SEDAR+ filing.
Tags: Canada, CSA, NI 41-101, SEDAR, Prospectus, Capital Markets

### [CSA NI 51-102 — Annual Information Form](https://rakenne.app/skills/csa-ni51102-aif/index.md)
Draft and validate the Annual Information Form (AIF) for Canadian reporting issuers under NI 51-102 Part 6 and Form 51-102F2. Ensures business description, risk factors, capital structure, directors and officers, and material contracts for SEDAR+ filing.
Tags: Canada, CSA, NI 51-102, SEDAR, AIF, Financial Reporting

### [CSA NI 51-102 — Business Acquisition Report](https://rakenne.app/skills/csa-ni51102-bar/index.md)
Draft and validate the Business Acquisition Report (BAR) for Canadian reporting issuers under NI 51-102 Part 8 and Form 51-102F4. Ensures acquisition description, financial statements of the acquired business, and pro forma information for SEDAR+ filing.
Tags: Canada, CSA, NI 51-102, SEDAR, BAR, M&A, Financial Reporting

### [CSA NI 51-102 — Information Circular](https://rakenne.app/skills/csa-ni51102-information-circular/index.md)
Draft and validate the Information Circular (proxy circular) for Canadian reporting issuers under NI 51-102 Part 9 and Form 51-102F5. Ensures matters to be voted on, director/officer disclosure, and executive compensation for SEDAR+ filing.
Tags: Canada, CSA, NI 51-102, SEDAR, Information Circular, Proxy, Governance

### [CSA NI 51-102 — Material Change Report](https://rakenne.app/skills/csa-ni51102-material-change/index.md)
Draft and validate the Material Change Report for Canadian reporting issuers under NI 51-102 Part 7 and Form 51-102F3. Ensures description of material change, date, and impact for prompt SEDAR+ filing.
Tags: Canada, CSA, NI 51-102, SEDAR, Material Change, Financial Reporting

### [CSA NI 51-102 — MD&A](https://rakenne.app/skills/csa-ni51102-mda/index.md)
Draft and validate Management's Discussion & Analysis for Canadian reporting issuers under NI 51-102 Part 5 and Form 51-102F1. Ensures required themes and period-over-period discussion for SEDAR+ filing.
Tags: Canada, CSA, NI 51-102, SEDAR, MD&A, Financial Reporting

### [Cyber Threat Information Sharing (DORA Art. 45)](https://rakenne.app/skills/dora-information-sharing/index.md)
Draft information sharing arrangements for exchanging cyber threat intelligence per DORA Art. 45, covering participation agreements, data protection safeguards, sharing protocols (TLP, STIX/TAXII), and governance.
Tags: DORA, Information Sharing, Cyber Threat Intelligence, EU Regulation, Financial Services, ISAC

### [Cybersecurity Incident Response Plan (Sector & State-Specific)](https://rakenne.app/skills/cybersecurity-irp/index.md)
Draft a cybersecurity Incident Response Plan aligned with NIST SP 800-61r3, tailored to industry sector (HIPAA, GLBA, PCI DSS, FERPA, NERC CIP) and state breach notification laws. Includes detection playbooks, escalation procedures, and state-by-state notification timeline matrix.
Tags: Cybersecurity, Incident Response, NIST 800-61, Compliance, Breach Notification, CIRCIA, HIPAA, PCI DSS, NYDFS, NERC CIP

### [Data Privacy — AIPD (CNIL Standard)](https://rakenne.app/skills/cnil-aipd/index.md)
Conduct a Privacy Impact Assessment (AIPD) under the CNIL standard for France (RGPD). Three-step methodology: Context, Principles, Risks. Validates retention periods against CNIL 'droit à l'oubli' (right to erasure).
Tags: RGPD, CNIL, AIPD, Privacy, Data Protection, France, Compliance, Droit à l'oubli

### [Data Processing Agreement (DPA) — SCC & sub-processor sync](https://rakenne.app/skills/dpa-scc/index.md)
Draft the legal annex for DPAs governing controller–processor data transfers under GDPR and CCPA. Inserts the correct Standard Contractual Clauses by data importer country and validates sub-processor list against the privacy portal.
Tags: GDPR, CCPA, DPA, Privacy, Standard Contractual Clauses, Sub-processors, Data Protection, Compliance

### [Design Dossier Elaborator](https://rakenne.app/skills/design-dossier-elaborator/index.md)
Guided elaboration of design dossier, technical file, or device master record sections for medical devices: device classification, risk summary (ISO 14971:2019), essential principles (GSPR), labelling/IFU, clinical evaluation, post-market surveillance, and traceability per EU MDR 2017/745 Annex II and FDA QMSR (21 CFR Part 4).
Tags: Medical Devices, ISO 13485, EU MDR, FDA, Technical Documentation, Compliance, ISO 14971, GSPR, IEC 62304, IEC 62366

### [DiGA Fast-Track](https://rakenne.app/skills/diga-fast-track/index.md)
Prepare and validate Fast-Track applications for listing Digital Health Applications (DiGA) in the BfArM directory per DiGAV. Cross-checks clinical study protocols against claimed Positive Versorgungseffekte and audits technical documentation for ISiK interoperability standards compliance.
Tags: Healthcare, Regulatory, DiGAV, BfArM, Germany

### [Digital Operational Resilience Testing Program (DORA)](https://rakenne.app/skills/dora-resilience-testing/index.md)
Design the resilience testing program required by DORA Arts. 24-27, covering basic testing (vulnerability assessments, penetration testing, scenario-based tests) and advanced TLPT for significant entities per RTS 2025/1190.
Tags: DORA, Resilience Testing, TLPT, Penetration Testing, EU Regulation, Financial Services

### [Doc Co-Authoring](https://rakenne.app/skills/doc-coauthoring/index.md)
Guide users through a structured workflow for collaboratively writing documents, proposals, specs, and decision docs. Uses a three-stage process: context gathering, iterative refinement, and reader testing.
Tags: Writing, Collaboration, Documentation

### [Doc Oferta FIDC - Documentos da Oferta](https://rakenne.app/skills/doc-oferta-fidc/index.md)
Elaboração dos documentos de oferta pública de cotas de FIDC: prospecto, regulamento, lâmina, aviso ao mercado, anúncios de início e encerramento, e resumo mensal, conforme Resolução CVM 160/2022
Tags: FIDC, CVM, Prospecto, Regulamento, Lâmina, Aviso ao Mercado, Anúncio de Início, Anúncio de Encerramento, Resumo Mensal, Fund Documentation, Oferta Pública

### [DOCX Tools](https://rakenne.app/skills/docx-tools/index.md)
Professional DOCX tools for creating, editing, and manipulating Word documents. Create new .docx with full style control, edit existing files at the XML level, handle tracked changes and comments, convert between formats, and validate OOXML structure.
Tags: Documents, DOCX, Word, Conversion

### [DORA Capability Assessment](https://rakenne.app/skills/dora-capability-assessment/index.md)
Draft and maintain the DORA (DevOps Research and Assessment) capability assessment document: technical and cultural capabilities that drive delivery performance, with evidence and maturity per capability, linked to the four key metrics.
Tags: DORA, DevOps, Capability Assessment, Delivery Performance

### [DORA Gap Assessment](https://rakenne.app/skills/dora-gap-assessment/index.md)
Conduct a comprehensive gap assessment against all five DORA pillars: ICT risk management, incident management, resilience testing, third-party risk, and information sharing. Produces a scored compliance posture and prioritized remediation roadmap.
Tags: DORA, Gap Assessment, Compliance Assessment, EU Regulation, Financial Services, Remediation

### [DORA ICT Incident Classification & Reporting](https://rakenne.app/skills/dora-incident-classification/index.md)
Classify ICT incidents using DORA RTS 2024/1772 criteria and produce initial, intermediate, and final notification reports per ITS 2025/302 templates for submission to competent authorities.
Tags: DORA, Incident Classification, Incident Reporting, EU Regulation, Financial Services, ICT Incident

### [DORA Information Register (ICT Third-Party Arrangements)](https://rakenne.app/skills/dora-information-register/index.md)
Create and maintain the Register of Information on ICT third-party service arrangements required by DORA Art. 28(3) and ITS 2024/2956. Covers entity identification, TPP data, contractual arrangements, function mapping, sub-outsourcing chains, and ICT concentration risk assessment.
Tags: DORA, Information Register, ICT Third-Party, EU Regulation, Financial Services, Compliance

### [DORA Metrics Narrative](https://rakenne.app/skills/dora-metrics-narrative/index.md)
Draft and maintain the DORA (DevOps Research and Assessment) four key metrics narrative: deployment frequency, lead time for changes, MTTR, and change fail rate. Covers current state, targets, trends, and measurement approach.
Tags: DORA, DevOps, Metrics, Delivery Performance

### [DORA Policy Generator](https://rakenne.app/skills/dora-policy-generator/index.md)
Generate the complete set of policies required by DORA from organizational context. Covers ICT security, risk management, incident management, business continuity, third-party risk, access control, encryption, and more.
Tags: DORA, Policy Generator, Compliance, EU Regulation, Financial Services, ICT Policies

### [Dossiê CBPF — GMP Document Factory](https://rakenne.app/skills/gmp-document-factory/index.md)
Preparação para inspeções de certificação de plantas fabris (CBPF). Gera POPs e registros de treinamento; valida o Plano Mestre de Validação quanto à qualificação de equipamentos térmicos e utilidades. Mercado: medicamentos e saneantes. Regulação: ANVISA, RDC 658/2022.
Tags: ANVISA, CBPF, GMP, Medicamentos, Saneantes, RDC 658/2022, Validação

### [Dossier AMM France — HAS / ANSM](https://rakenne.app/skills/maa-dossier-has-ansm/index.md)
Préparer et vérifier les dossiers d'Autorisation de mise sur le marché (AMM/MAA) pour le marché français. Contexte HAS et ANSM, structure CTD, cohérence des données d'essais cliniques (avec maa_dossier_check).
Tags: Healthcare, Regulatory, France, HAS, ANSM, AMM, MAA, CTD, Clinical Trials

### [DPC Cross-Border Data Processing (Lead SSA)](https://rakenne.app/skills/dpc-lead-ssa-ropa/index.md)
Draft Article 30 Records of Processing Activities for US firms using Ireland as Lead Supervisory Authority. Covers main establishment justification (GDPR Art. 4(16), EDPB criteria) and validation so the Irish DPC remains the competent authority.
Tags: GDPR, DPC, Ireland, Privacy, ROPA, One-Stop-Shop, Data Protection

### [DPC GDPR Accuracy and Retention](https://rakenne.app/skills/dpc-gdpr-accuracy-retention/index.md)
Accuracy and retention for DPC self-assessment: purpose limitation, minimisation, accuracy, retention policies, secure destruction, and no unregulated duplication.
Tags: DPC, GDPR, Ireland, Compliance

### [DPC GDPR Breach Notification](https://rakenne.app/skills/dpc-gdpr-breach/index.md)
Breach notification and response under Ireland DPC and GDPR Art. 33–34: 72h to DPC, data subject communication for high risk, risk levels, form, and internal record.
Tags: DPC, GDPR, Ireland, Compliance, Breach

### [DPC GDPR Certification](https://rakenne.app/skills/dpc-gdpr-certification/index.md)
GDPR certification under Ireland DPC and Art. 42–43: DPC-approved criteria, INAB-accredited certification bodies, and documentation for certification readiness.
Tags: DPC, GDPR, Ireland, Compliance, Certification

### [DPC GDPR Controller Obligations](https://rakenne.app/skills/dpc-gdpr-controller-obligations/index.md)
Other controller obligations for DPC checklist: processor/supplier agreements (Art. 28–29), DPO (37–39), DPIA (35).
Tags: DPC, GDPR, Ireland, Compliance

### [DPC GDPR Data Breaches (Self-Assessment)](https://rakenne.app/skills/dpc-gdpr-data-breaches/index.md)
Breach preparedness for DPC checklist: incident response plan, procedures to notify DPC and individuals, documentation, and cooperation. For actual notification use DPC GDPR Breach Notification skill.
Tags: DPC, GDPR, Ireland, Compliance, Breach

### [DPC GDPR Data Security](https://rakenne.app/skills/dpc-gdpr-data-security/index.md)
Data security (Art. 32) for DPC self-assessment: risk assessment, technical and organisational measures, encryption, recovery, and secure destruction.
Tags: DPC, GDPR, Ireland, Compliance, Security

### [DPC GDPR Data Subject Rights](https://rakenne.app/skills/dpc-gdpr-data-subject-rights/index.md)
Data subject rights (Art. 15–23) for DPC self-assessment: SAR, portability, deletion/rectification, restriction, object, profiling, and restrictions.
Tags: DPC, GDPR, Ireland, Compliance, Data subject rights

### [DPC GDPR International Transfers](https://rakenne.app/skills/dpc-gdpr-international-transfers/index.md)
International data transfers (Art. 44–50) for DPC self-assessment: adequacy, SCCs, documentation, and transparency to data subjects.
Tags: DPC, GDPR, Ireland, Compliance, International transfers

### [DPC GDPR Personal Data (Legal Basis)](https://rakenne.app/skills/dpc-gdpr-personal-data/index.md)
Personal data for DPC self-assessment: consent (Art. 7–9), children (Art. 8), and legitimate interest assessment.
Tags: DPC, GDPR, Ireland, Compliance, Consent

### [DPC GDPR Readiness](https://rakenne.app/skills/dpc-gdpr-readiness/index.md)
GDPR readiness and self-assessment aligned to the Ireland DPC Self-Assessment Checklist: data mapping, legal basis, retention, and links to the eight detailed checklist areas.
Tags: DPC, GDPR, Ireland, Compliance, Self-assessment

### [DPC GDPR Transparency](https://rakenne.app/skills/dpc-gdpr-transparency/index.md)
Transparency (Art. 12–14) for DPC self-assessment: information to data subjects, Art. 13/14 lists, and proactive rights information.
Tags: DPC, GDPR, Ireland, Compliance, Transparency

### [DPE Diagnostic (France)](https://rakenne.app/skills/dpe-diagnostic-france/index.md)
Relecture et rédaction du récit du DPE (Diagnostic de Performance Énergétique) pour la vente ou la location immobilière en France. Couvre la Loi Climat et Résilience, le cadre ADEME, le calendrier d'interdiction à la location (passoires thermiques) et la validation rental_ban_notifier.
Tags: France, DPE, ADEME, Immobilier, Loi Climat et Résilience, Conformité, Énergie

### [Draft Client Communications](https://rakenne.app/skills/draft-client-communications/index.md)
Compose clear, professional emails, proposals, and status updates for clients. Adapts tone and formality to match the relationship and context.
Tags: Communication, Clients, Writing

### [Due diligence checklist](https://rakenne.app/skills/due-diligence-checklist/index.md)
Generate or tailor due diligence checklists (corporate, contracts, employment, IP, property, litigation, compliance) by deal type.
Tags: M&A, Due diligence, Checklist, Corporate

### [DUERP — Document Unique (France)](https://rakenne.app/skills/duerp-document-unique/index.md)
Creation and annual update of the French single document for occupational risk assessment (DUERP), per Code du Travail R4121-1. Covers work units, risk inventory, 10 pénibilité factors mapping, and update frequency check after significant changes.
Tags: France, Labour Law, Code du Travail, DUERP, Occupational Risk, Pénibilité, Regulatory

### [EA Roadmap Drafter (COBIT APO03)](https://rakenne.app/skills/ea-roadmap-drafter/index.md)
Draft Enterprise Architecture roadmaps: Current State vs Target State, with focus on interoperability and technical standards. Includes standard variance audit against the Organizational Standard Technology Stack.
Tags: COBIT, APO03, Enterprise Architecture, Roadmap, Standards

### [Ecocert Scope Author](https://rakenne.app/skills/ecocert-scope-author/index.md)
Guided elaboration of Ecocert (or equivalent) certification application and scope documentation — scope of operation, input lists, conversion plan (if applicable), and traceability/CoC for organic or ethical claims.
Tags: Ecocert, Organic, Certification, Sustainability, Compliance

### [Ecosystem Risk Ranker (CISA CPG 4.1)](https://rakenne.app/skills/ecosystem-risk-ranker/index.md)
Map and rank external dependencies (SaaS, cloud, utilities) essential to a Critical Service. Assigns criticality scores by impact of vendor outage on mission and validates vendor uptime SLAs against the organization's Maximum Allowable Downtime (MAD). Aligned with CISA CPG 4.1 Critical Service Dependency Map.
Tags: Critical Infrastructure, CISA CPG, Risk Management, Supply Chain, SLA

### [eCTD Cross-Module Verifier](https://rakenne.app/skills/ectd-cross-module-verifier/index.md)
Verify consistency and data integrity of eCTD pharmaceutical dossiers. Cross-checks Module 2 (Summaries) against Module 5 (Clinical Study Reports) to ensure study references, p-values, N-counts, endpoints, and safety data are aligned before regulatory submission to FDA, EMA, or PMDA.
Tags: Healthcare, Pharmaceutical, Regulatory, Compliance, ICH GCP, FDA

### [EMA CTD Module 1 — Regional Administrative & Prescribing Information](https://rakenne.app/skills/ema-ctd-module1-application/index.md)
Draft and validate EU Module 1 of the Common Technical Document for MAA: application form, SmPC, PIL, labelling, and environmental risk assessment per EU requirements.
Tags: EMA, CTD, Module 1, MAA, SmPC, PIL, Regulatory

### [Emergency Preparedness & Response (ISO 45001 Clause 8.2)](https://rakenne.app/skills/ohsms-emergency-preparedness/index.md)
Develop emergency preparedness and response plans per ISO 45001:2018. Identifies potential emergency scenarios (fire, chemical spill, structural collapse, medical emergency, natural disaster, workplace violence), creates detailed response procedures with alarm/evacuation/assembly/roles/first-aid, plans drill schedules with evaluation criteria, and coordinates with external emergency services.
Tags: ISO 45001, OHSMS, Emergency, Safety, Response

### [EMS Context & Obligations Author](https://rakenne.app/skills/ems-context-obligations-author/index.md)
Guided elaboration of EMS context, environmental aspects/impacts, compliance obligations register, and environmental objectives and plans for ISO 14001. Ensures significant aspects are linked to obligations and objectives and flags obligations without review date or compliance evidence.
Tags: Environmental Management, ISO 14001, EMS, Compliance, Obligations

### [EN Conformity Documentation Author](https://rakenne.app/skills/en-conformity-documentation-author/index.md)
Guided elaboration of conformity documentation for products or systems against selected EN (or ETSI) standards — scope, normative references, conformity route, and clause-by-clause or test-based evidence.
Tags: CEN, CENELEC, ETSI, EN Standards, Compliance, EU

### [Encarregado (DPO) — LGPD (Art. 41)](https://rakenne.app/skills/lgpd-encarregado/index.md)
Documentação e divulgação do encarregado (DPO) nos termos do Art. 41 da LGPD. Cobre designação, canal público, atribuições perante titulares e ANPD, e integração com política de privacidade e registro de operações.
Tags: LGPD, ANPD, Encarregado, DPO, Art. 41, Compliance, Brasil, Privacidade

### [EnMS Energy Review Author](https://rakenne.app/skills/enms-energy-review-author/index.md)
Guided elaboration of EnMS documentation for ISO 50001: energy review, baseline, EnPIs, objectives and action plans. Ensures baseline and EnPIs have scope and units and flags objectives without measurement method or review period.
Tags: Energy Management, ISO 50001, EnMS, EnPI, Compliance

### [Environmental Referrals (EPBC Act)](https://rakenne.app/skills/environmental-referrals-epbc/index.md)
Draft Referral of Proposed Action for developments affecting matters of national environmental significance (MNES) under the EPBC Act. Covers Ramsar wetlands, threatened species, mitigation and offsets, and DCCEEW submission. Australia; land development and infrastructure.
Tags: Australia, EPBC Act, DCCEEW, Environment, Land Development, Infrastructure, Regulatory, Compliance

### [EPA NPDES Permit Application](https://rakenne.app/skills/us-epa-npdes-permit-application/index.md)
Draft and validate NPDES permit application documentation under the Clean Water Act §402. Covers facility characterisation, outfall and effluent data, SWPPP, and compliance schedule per EPA Form 2.
Tags: EPA, NPDES, Clean Water Act, United States, Environmental

### [ERISA Summary Plan Description (SPD)](https://rakenne.app/skills/us-erisa-summary-plan-description/index.md)
Draft and validate the Summary Plan Description required by ERISA §102 for employee benefit plans. Covers plan identification, participation, benefits, claims procedure, and ERISA rights per 29 CFR §2520.102-3.
Tags: ERISA, Benefits, Pensions, United States, Compliance

### [eSCM-CL Capability Level Justification](https://rakenne.app/skills/escm-cl-capability-level-justification/index.md)
Elaborate eSCM-CL capability level justification and evidence pack for the five capability levels (assessment and appraisal readiness).
Tags: eSCM-CL, Sourcing, Capability Level, Assessment, Appraisal, ITSqc

### [eSCM-CL Lifecycle Deliverables](https://rakenne.app/skills/escm-cl-lifecycle-deliverables/index.md)
Elaborate eSCM-CL lifecycle-phase deliverables: Analysis, Initiation, Delivery, and Completion (opportunity, approach, planning, evaluation, agreements, transfer, service management, completion).
Tags: eSCM-CL, Sourcing, Lifecycle, Client, ITSqc, Delivery

### [eSCM-CL Practice Coverage](https://rakenne.app/skills/escm-cl-practice-coverage/index.md)
Document how the 95 eSCM-CL practices across 17 capability areas are implemented and evidenced for client-side sourcing assessment.
Tags: eSCM-CL, Sourcing, Practice Coverage, Client, Assessment, ITSqc

### [eSCM-CL Sourcing Governance](https://rakenne.app/skills/escm-cl-sourcing-governance/index.md)
Elaborate eSCM-CL sourcing governance documents: strategy, governance framework, relationship and value management, and policies for client-side sourcing.
Tags: eSCM-CL, Sourcing, Governance, Client, ITSqc

### [eSCM-SP Capability Level Justification](https://rakenne.app/skills/escm-sp-capability-level-justification/index.md)
Draft capability level justification and evidence for eSCM-SP levels 1–5; evidence map and narrative for assessment or assurance.
Tags: eSCM-SP, Sourcing, Service Provider, Capability Level, Assessment

### [eSCM-SP Contracting](https://rakenne.app/skills/escm-sp-contracting/index.md)
Document eSCM-SP Contracting capability area: contracts, change control, obligations, dispute resolution; procedures and evidence for assessment.
Tags: eSCM-SP, Sourcing, Service Provider, Contracting, Assessment

### [eSCM-SP Knowledge Management](https://rakenne.app/skills/escm-sp-knowledge-management/index.md)
Document eSCM-SP Knowledge Management capability area: knowledge capture, reuse, transfer; procedures and evidence for assessment.
Tags: eSCM-SP, Sourcing, Service Provider, Knowledge Management, Assessment

### [eSCM-SP People Management](https://rakenne.app/skills/escm-sp-people-management/index.md)
Document eSCM-SP People Management capability area: staffing, competencies, training, workforce planning; procedures and evidence for assessment.
Tags: eSCM-SP, Sourcing, Service Provider, People Management, Assessment

### [eSCM-SP Performance Management](https://rakenne.app/skills/escm-sp-performance-management/index.md)
Document eSCM-SP Performance Management capability area: metrics, SLAs, reporting, corrective action; procedures and evidence for assessment.
Tags: eSCM-SP, Sourcing, Service Provider, Performance Management, Assessment

### [eSCM-SP Practice Coverage](https://rakenne.app/skills/escm-sp-practice-coverage/index.md)
Document eSCM-SP practice coverage by capability area and lifecycle phase; procedures, evidence, and artifacts for assessment or due diligence.
Tags: eSCM-SP, Sourcing, Service Provider, Practice Coverage, Assessment

### [eSCM-SP Relationship Management](https://rakenne.app/skills/escm-sp-relationship-management/index.md)
Document eSCM-SP Relationship Management capability area: governance, escalation, client communication, satisfaction; procedures and evidence for assessment.
Tags: eSCM-SP, Sourcing, Service Provider, Relationship Management, Assessment

### [eSCM-SP Service Delivery](https://rakenne.app/skills/escm-sp-service-delivery/index.md)
Document eSCM-SP Service Delivery capability area: operations, incident and change handling; procedures and evidence for assessment.
Tags: eSCM-SP, Sourcing, Service Provider, Service Delivery, Assessment

### [eSCM-SP Service Design & Deployment](https://rakenne.app/skills/escm-sp-service-design-and-deployment/index.md)
Document eSCM-SP Service Design & Deployment capability area: design, build, deploy, test, release; procedures and evidence for assessment.
Tags: eSCM-SP, Sourcing, Service Provider, Service Design, Assessment

### [eSCM-SP Service Transfer](https://rakenne.app/skills/escm-sp-service-transfer/index.md)
Document eSCM-SP Service Transfer capability area: transition in/out, handover, knowledge transfer, acceptance; procedures and evidence for assessment.
Tags: eSCM-SP, Sourcing, Service Provider, Service Transfer, Assessment

### [eSCM-SP Technology Management](https://rakenne.app/skills/escm-sp-technology-management/index.md)
Document eSCM-SP Technology Management capability area: infrastructure, tools, security, continuity, capacity; procedures and evidence for assessment.
Tags: eSCM-SP, Sourcing, Service Provider, Technology Management, Assessment

### [eSCM-SP Threat Management](https://rakenne.app/skills/escm-sp-threat-management/index.md)
Document eSCM-SP Threat Management capability area: risk identification, assessment, mitigation, business continuity; procedures and evidence for assessment.
Tags: eSCM-SP, Sourcing, Service Provider, Threat Management, Assessment

### [ESG Report (CSRD / ISSB)](https://rakenne.app/skills/esg-report/index.md)
Compile Environmental, Social, and Governance reports aligned with CSRD/ESRS and ISSB/IFRS S1-S2. Guides double materiality assessment, GHG emissions accounting (Scope 1, 2, 3), and structured report drafting with automated validation tools that check materiality logic and emissions math against GHG Protocol standards.
Tags: Sustainability, Compliance, CSRD, ISSB, GHG Protocol, Environment

### [EU AI Act — High-Risk AI System Technical Documentation](https://rakenne.app/skills/eu-ai-act-high-risk-technical-doc/index.md)
Draft and validate the technical documentation required for high-risk AI systems under the EU AI Act (Regulation 2024/1689) Annex IV. Covers system description, risk management (Art. 9), data governance (Art. 10), human oversight (Art. 14), accuracy/robustness metrics, and conformity assessment preparation.
Tags: EU AI Act, Annex IV, High-Risk AI, Conformity Assessment, Regulatory, EU

### [Evaluación de Riesgos Laborales (PRL — Ley 31/1995)](https://rakenne.app/skills/es-prl-evaluacion-riesgos-laborales/index.md)
Draft and validate the occupational risk assessment (Evaluación de Riesgos) and prevention plan required by Spain's Ley 31/1995 de Prevención de Riesgos Laborales. Covers hazard identification, risk evaluation, preventive measures, and the Plan de Prevención.
Tags: Spain, Ley 31/1995, PRL, Occupational Safety, Risk Assessment

### [Executive Readiness Report](https://rakenne.app/skills/executive-readiness-report/index.md)
Generate a board-ready executive summary of compliance posture, readiness scores by area, critical gaps, and timeline to audit. Designed for C-suite, board members, and auditors. Synthesizes data from dashboard metrics, gap assessments, risk registers, and policy status into a single exportable document.
Tags: Compliance, Executive Report, GRC, Readiness, Board Report

### [Export Control Redactor](https://rakenne.app/skills/export-control-redactor/index.md)
Scan technical manuals for ITAR-controlled Defense Articles on the USML and flag content requiring export licenses. For USA defense sector; supports USML category tagging, Technical Data identification, ITAR vs EAR jurisdiction analysis, and redaction recommendations for export license submissions.
Tags: Defense, Aerospace, ITAR, EAR, Export Control, USML, Compliance

### [Fairtrade CoC Author](https://rakenne.app/skills/fairtrade-coc-author/index.md)
Guided elaboration of Fairtrade supply chain and Chain of Custody (CoC) documentation — product scope, trader license scope, CoC procedures, and mass balance or physical separation evidence.
Tags: Fairtrade, Chain of Custody, Supply Chain, Certification, Compliance

### [FAR Clause Analyzer](https://rakenne.app/skills/far-clause-analyzer/index.md)
Ensure federal contract proposals contain mandatory FAR and agency-supplement clauses. For USA government contracting; supports prime and subcontract proposals under the Federal Acquisition Regulation, with contract-type and threshold-aware analysis.
Tags: Government, Procurement, FAR, Compliance, Federal, DFARS

### [FCA Consumer Duty — Fair Value Assessment](https://rakenne.app/skills/fca-consumer-duty-fva/index.md)
Elaborate and validate Fair Value Assessments (FVAs) for UK retail banking and insurance products under the FCA Consumer Duty. Covers PRIN 2A, FG22/5, required FVA sections, price-vs-value and vulnerable-customer consideration. Works alongside disclosure (plain English) and customer-journey (sludge) checks.
Tags: FCA Consumer Duty, Fair Value Assessment, UK, Retail Banking, Insurance, Regulatory, PRIN 2A, FG22/5

### [FDA 510(k) Premarket Notification — Substantial Equivalence Summary](https://rakenne.app/skills/fda-510k-submission-summary/index.md)
Draft and validate 510(k) premarket notification submissions for Class II medical devices. Structures the document per FDA guidance (Refuse to Accept checklist, 21 CFR 807.87) with device description, predicate comparison, performance data summary, and labelling.
Tags: FDA, 510(k), Medical Device, Substantial Equivalence, Regulatory Affairs, Class II, RTA Checklist

### [FDA Submission Wizard](https://rakenne.app/skills/fda-submission-wizard/index.md)
Draft and validate FDA medical device submissions. Supports 510(k) Premarket Notifications (eSTAR format) with predicate comparison and substantial equivalence arguments, and PMA (Premarket Approval) dossiers with clinical and non-clinical data sections.
Tags: Healthcare, Regulatory, FDA, Compliance

### [FedRAMP Authorization Package](https://rakenne.app/skills/fedramp-authorization-package/index.md)
Draft and validate FedRAMP authorization packages for cloud service providers: System Security Plan (SSP) with all required attachments, Security Assessment Plan (SAP), Security Assessment Report (SAR), and Plan of Action & Milestones (POA&M). Supports Low, Moderate, and High baselines.
Tags: FedRAMP, NIST, Compliance, Government, Cloud Security, ATO

### [FERPA Compliance Documentation — Student Records Policy](https://rakenne.app/skills/us-ferpa-student-records-policy/index.md)
Draft and validate FERPA compliance documentation: annual notification, directory information policy, records access and amendment, disclosure log, and school official exception for edtech vendors per 34 CFR Part 99.
Tags: FERPA, Education, United States, Privacy, Student Records

### [Financial Services Statement of Advice](https://rakenne.app/skills/financial-services-soa/index.md)
Generate and validate personalised Statements of Advice (SoA) for retail clients in Australia. Ensures Best Interests Duty (BID) and FOFA ongoing fee compliance; includes soa_logic_validator and fee_disclosure_checker.
Tags: Australia, Financial Planning, Wealth Management, ASIC, Compliance, SoA, BID, FOFA

### [Fire Protection Concepts (BauO)](https://rakenne.app/skills/fire-protection-bauo/index.md)
Erstellt Brandschutzkonzepte fuer Baugenehmigungen nach den deutschen Landesbauordnungen (LBOs) und der Musterbauordnung (MBO). Berechnet Rettungsweglaengen und Rauchabschnitte nach Gebaeuedeklasse und Bundesland, validiert Hochhaus-Konzepte gegen die Muster-Hochhausrichtlinie (M-HHR) 2026.
Tags: Construction, Fire Protection, Landesbauordnung, Brandschutz, Germany, Regulatory

### [Food Labeling & Claims (FDA / USDA)](https://rakenne.app/skills/food-labeling-claims/index.md)
Draft and validate U.S. food product labels and labeling claims compliant with FDA 21 CFR 101, USDA FSIS, NLEA, FALCPA, and FASTER Act. Validates required label elements, allergen declarations, nutrient content claims against nutrition data, health claims, and organic/bioengineered disclosures.
Tags: Food Labeling, FDA, USDA, NLEA, FALCPA, Nutrition Facts, Claims, Allergens, Compliance, Food & Beverage

### [FSAI Agri-Food Traceability](https://rakenne.app/skills/fsai-agri-food-traceability/index.md)
Draft Recall and Withdrawal procedures for meat and dairy in Ireland (FSAI), with One-Step-Back/Forward traceability and validation of the 14 allergens list against Irish S.I. No. 489/2014 font and highlighting requirements.
Tags: FSAI, Ireland, Food Safety, Agriculture, Traceability, Recall, Allergens, Labelling, Compliance

### [FSMS Manual & PRP/OPRP Author](https://rakenne.app/skills/fsms-manual-prp-author/index.md)
Guided elaboration of FSMS documentation for ISO 22000: food safety policy, PRPs, OPRPs, HACCP plan linkage, and operational control procedures. Ensures PRPs and OPRPs are documented and linked to hazards and flags CCPs without critical limits or monitoring.
Tags: Food Safety, ISO 22000, FSMS, PRP, OPRP, HACCP, Compliance

### [GDPR Consent Form (Art. 7)](https://rakenne.app/skills/gdpr-consent-form/index.md)
Draft consent forms and consent notices for personal data processing under GDPR Article 7. Covers all conditions for valid consent: freely given, specific, informed, unambiguous. Includes validation against EDPB Guidelines 05/2020.
Tags: GDPR, Privacy, Consent, Art. 7, Art. 9, EDPB, ePrivacy, Compliance, Data Protection

### [GDPR Gap Assessment](https://rakenne.app/skills/gdpr-gap-assessment/index.md)
Perform a structured gap assessment against GDPR (Regulation 2016/679). Mandatory artifact detector scans for missing compliance documents; maturity rater suggests 0-5 maturity per domain across all compliance domains (principles, lawful basis, transparency, data subject rights including Art. 19, controller obligations, security, breach notification, DPIA including Art. 36 prior consultation, DPO governance, processor management, international transfers, training). Produces findings register and prioritized remediation roadmap with Art. 83 fine tier analysis.
Tags: GDPR, Privacy, Gap Assessment, Compliance, Data Protection, Audit Readiness, DPO, DPIA, International Transfers

### [GDPR Legitimate Interest Assessment (Art. 6(1)(f))](https://rakenne.app/skills/gdpr-legitimate-interest-assessment/index.md)
Conduct a three-part Legitimate Interest Assessment (LIA) under GDPR Art. 6(1)(f): purpose test, necessity test, and balancing test. Validates against EDPB Opinion 08/2024, WP217, and CJEU case law (Rigas, Fashion ID, Meta/Bundeskartellamt).
Tags: GDPR, Privacy, Legitimate Interest, LIA, Art. 6, Art. 6(1)(f), Balancing Test, EDPB, Compliance, Data Protection, Lawful Basis

### [GDPR Privacy by Design & Default (Art. 25)](https://rakenne.app/skills/gdpr-privacy-by-design/index.md)
Assess and document data protection by design and by default measures per GDPR Article 25 and EDPB Guidelines 4/2019. Covers the seven foundational principles, Hoepman's eight design strategies, Art. 25(2) four-dimension default settings review, controller/processor scope, DPIA necessity assessment (EDPB WP248 rev.01), and organisational measures.
Tags: GDPR, Privacy, Privacy by Design, Privacy by Default, Art. 25, Art. 35, EDPB, DPbD, Compliance, Data Protection, DPIA, Privacy Engineering, EU

### [GDPR ROPA & DPIA Author](https://rakenne.app/skills/gdpr-ropa-dpia-author/index.md)
Guided elaboration of Records of Processing Activities (ROPA) and Data Protection Impact Assessments (DPIA): processing purposes, legal basis, data categories, recipients, retention, safeguards, and DPIA necessity assessment and risk mitigation.
Tags: GDPR, Privacy, ROPA, DPIA, Compliance, Data Protection

### [GDPR Vendor & Processor Audit (Art. 28)](https://rakenne.app/skills/gdpr-vendor-processor-audit/index.md)
Plan and document processor audits under GDPR Art. 28(3)(h). Covers Art. 28(3)(a-h) contract compliance, sub-processor chain review, international transfer assessment (SCCs, adequacy, BCRs, TIA), Art. 32 technical measures evaluation, Art. 28(5) certification review, and corrective action tracking.
Tags: GDPR, Privacy, Processor, Vendor, Audit, Art. 28, SCCs, TIA, Compliance, Data Protection

### [Gestão de Contratos Agrícolas (Proagro)](https://rakenne.app/skills/crop-loss-justifier/index.md)
Elaboração de laudos de comprovação de perdas para acionamento de seguro rural. Estrutura a justificativa técnica com base em eventos climáticos e zoneamento ZARC (MAPA), com validação de coordenadas x calendário de plantio.
Tags: Agribusiness, Proagro, ZARC, MAPA, Brazil, Regulatory, Rural insurance, MCR

### [GMP SOP & Validation Author](https://rakenne.app/skills/gmp-sop-validation-author/index.md)
Guided elaboration of GMP documentation — SOPs, validation protocol (IQ/OQ/PQ), and batch record template sections aligned to FDA 21 CFR 211 / EU EudraLex Vol 4 / WHO GMP.
Tags: GMP, Pharmaceutical, FDA, Validation, Compliance

### [Governance Charter Builder (COBIT EDM01)](https://rakenne.app/skills/governance-charter-builder/index.md)
Draft IT governance charters: terms of reference for the IT Oversight Committee and decision-making rights for CIO vs CEO, aligned to COBIT 2019 EDM01. Includes authority overlap check for decision gaps.
Tags: COBIT, Governance, EDM01, IT Oversight, Charter

### [Government Contractor Proposal Response](https://rakenne.app/skills/gov-contractor-proposal/index.md)
Draft a multi-volume proposal response to a federal or state government RFP/RFQ, including Technical, Management, Past Performance, and Price/Cost volumes aligned with FAR Part 15 and APMP best practices.
Tags: Government, Proposal, FAR, Federal, RFP

### [Grant budget justification](https://rakenne.app/skills/grant-budget-justification/index.md)
Draft and validate grant budgets and budget narratives (personnel, equipment, travel, indirect) against funder cost categories and caps.
Tags: Grants, Budget, Funding, Nonprofit

### [Grant narrative — funder alignment](https://rakenne.app/skills/grant-narrative-funder-alignment/index.md)
Draft grant narratives (need, approach, outcomes, evaluation) aligned to funder guidelines (e.g. EU Horizon, NSF). Validates required sections, word limits, and forbidden/required keywords.
Tags: Grants, Funding, Proposals, Nonprofit, EU Horizon

### [Grant report outcomes](https://rakenne.app/skills/grant-report-outcomes/index.md)
Draft and validate grant progress/final reports with outcome coverage and required sections (activities, outcomes, metrics, lessons learned).
Tags: Grants, Reporting, Nonprofit, Outcomes

### [GRI Sustainability Report Author](https://rakenne.app/skills/gri-sustainability-report-author/index.md)
Guided elaboration of a GRI Standards-aligned sustainability report: material topics, GRI Universal Standards (2–3) and topic-specific disclosures (200/300/400 series), and management approach per material topic.
Tags: GRI, Sustainability, ESG, Reporting, Compliance

### [GwG Anti-Money Laundering Risk Analysis](https://rakenne.app/skills/gwg-risk-analysis/index.md)
Erstellt Risikoanalysen gemaess §5 GwG (Geldwaeschegesetz) fuer den Nichtfinanzsektor. Weist Kunden anhand von Transparenzregister-Daten Risikostufen zu und validiert PEP-Sorgfaltspflichten (§15 GwG) fuer Immobilienmakler und Gueterhaendler.
Tags: GwG, Anti-Money Laundering, Risk Analysis, Compliance, Germany, Real Estate, KYC

### [HACCP Food Safety Plan](https://rakenne.app/skills/haccp-food-safety-plan/index.md)
Draft and validate a HACCP Food Safety Plan for Food & Beverage operations aligned with Codex Alimentarius (CXC 1-1969, revised 2020) and FDA FSMA (21 CFR Part 117). Covers all seven HACCP principles across 12 Codex steps, defines CCPs and critical limits, and includes FSMA-required programs (allergen controls — including sesame per FASTER Act 2023, recall plan under 21 CFR 117.139, and supply-chain program under 21 CFR 117 Subpart G). Validates flow-chart-to-plan consistency and supports EU Reg 852/2004, 853/2004, and 2073/2005 compliance.
Tags: Food Safety, HACCP, FDA FSMA, Codex Alimentarius, Compliance, Food & Beverage, Allergen Control, GFSI, EU Food Safety

### [HARA (ISO 26262)](https://rakenne.app/skills/hara-iso26262/index.md)
Conduct a Hazard Analysis and Risk Assessment for road vehicles per ISO 26262. Covers hazard identification, S/E/C classification, ASIL determination, safety goals, and ASIL decomposition validation for redundant sub-components. Market: Global / Germany.
Tags: Automotive, Functional Safety, ISO 26262, HARA, ASIL, Germany

### [Health Canada & MDSAP](https://rakenne.app/skills/health-canada-mdsap/index.md)
Align QMS documentation to MDSAP and Health Canada expectations. Guides users to map procedures and records to MDSAP/ISO 13485, prepare for audits, and use the mdsap_audit_aligner skill when available.
Tags: Healthcare, Regulatory, Canada, MDSAP, Compliance, Quality Management

### [HIPAA Security Risk Assessment (SRA)](https://rakenne.app/skills/hipaa-security-risk-assessment/index.md)
Draft and validate the Security Risk Assessment required by the HIPAA Security Rule (45 CFR §164.308(a)(1)). Defines scope and ePHI boundaries, inventories assets and Business Associate relationships, maps threats and vulnerabilities, assesses Required and Addressable safeguards, and produces the SRA report and risk register aligned with HHS/OCR audit protocol.
Tags: HIPAA, HITECH, Security, Risk Assessment, ePHI, Healthcare, Compliance, SRA, HHS/OCR, Business Associate, NIST

### [HIQA Care/Support Plan](https://rakenne.app/skills/hiqa-care-support-plan/index.md)
Draft or update an individual care or support plan for a resident or child in a designated centre aligned with HIQA standards.
Tags: HIQA, Ireland, Designated centres, Care planning, Compliance

### [HIQA Complaints Procedure](https://rakenne.app/skills/hiqa-complaints-procedure/index.md)
Draft or update a complaints procedure for healthcare services aligned with HIQA NSSBH and national complaints guidance.
Tags: HIQA, Ireland, Healthcare, Complaints, Compliance

### [HIQA Consent Policy](https://rakenne.app/skills/hiqa-consent-policy/index.md)
Draft or update a consent policy for healthcare services aligned with HIQA NSSBH and Irish consent law.
Tags: HIQA, Ireland, Healthcare, Consent, Compliance

### [HIQA Data Protection and Confidentiality Policy](https://rakenne.app/skills/hiqa-data-protection-confidentiality-policy/index.md)
Draft or update a data protection and confidentiality policy aligned with HIQA, GDPR, and Irish law.
Tags: HIQA, Ireland, Information management, GDPR, Compliance

### [HIQA Designated Centre Complaints](https://rakenne.app/skills/hiqa-designated-centre-complaints/index.md)
Draft or update a complaints procedure for a designated centre aligned with HIQA standards.
Tags: HIQA, Ireland, Designated centres, Complaints, Compliance

### [HIQA Designated Centre Health and Safety](https://rakenne.app/skills/hiqa-designated-centre-health-safety/index.md)
Draft or update a health and safety policy for a designated centre aligned with HIQA and health and safety law.
Tags: HIQA, Ireland, Designated centres, Health and safety, Compliance

### [HIQA Designated Centre Medication](https://rakenne.app/skills/hiqa-designated-centre-medication/index.md)
Draft or update a medication policy for a designated centre aligned with HIQA standards.
Tags: HIQA, Ireland, Designated centres, Medication, Compliance

### [HIQA Designated Centre Safeguarding](https://rakenne.app/skills/hiqa-designated-centre-safeguarding/index.md)
Draft or update a safeguarding policy for a designated centre aligned with HIQA and national safeguarding guidance.
Tags: HIQA, Ireland, Designated centres, Safeguarding, Compliance

### [HIQA Healthcare Governance](https://rakenne.app/skills/hiqa-healthcare-governance/index.md)
Draft or update a governance and accountability framework for healthcare services aligned with HIQA NSSBH Theme 5.
Tags: HIQA, Ireland, Healthcare, Governance, Compliance

### [HIQA Incident Investigation Report](https://rakenne.app/skills/hiqa-incident-investigation-report/index.md)
Draft an incident investigation report for healthcare services aligned with HIQA NSSBH and learning from incidents.
Tags: HIQA, Ireland, Healthcare, Incidents, Compliance

### [HIQA Incident Reporting Procedure](https://rakenne.app/skills/hiqa-incident-reporting-procedure/index.md)
Draft or update an incident reporting procedure for healthcare services aligned with HIQA NSSBH (internal reporting; for notifiable incidents use hiqa-notifiable-incidents-reporting).
Tags: HIQA, Ireland, Healthcare, Incidents, Compliance

### [HIQA Information Governance Policy](https://rakenne.app/skills/hiqa-information-governance-policy/index.md)
Draft or update an information governance policy aligned with HIQA National Standards for Information Management and NSSBH Theme 8.
Tags: HIQA, Ireland, Information management, Compliance

### [HIQA Notifiable Incidents Reporting](https://rakenne.app/skills/hiqa-notifiable-incidents-reporting/index.md)
Draft or update the process for reporting notifiable incidents to HIQA/Chief Inspector under the Patient Safety Act 2023.
Tags: HIQA, Ireland, Healthcare, Patient Safety Act, Compliance

### [HIQA Open Disclosure Policy](https://rakenne.app/skills/hiqa-open-disclosure-policy/index.md)
Draft or update an open disclosure policy aligned with the Patient Safety Act 2023 and HIQA NSSBH.
Tags: HIQA, Ireland, Healthcare, Open disclosure, Compliance

### [HIQA Quality Improvement Plan](https://rakenne.app/skills/hiqa-quality-improvement-plan/index.md)
Draft or update a quality improvement plan for healthcare services aligned with HIQA NSSBH.
Tags: HIQA, Ireland, Healthcare, Quality, Compliance

### [HIQA Record-Keeping and Retention](https://rakenne.app/skills/hiqa-record-keeping-retention/index.md)
Draft or update record-keeping and retention procedures aligned with HIQA National Standards for Information Management.
Tags: HIQA, Ireland, Information management, Compliance

### [HIQA Risk Register](https://rakenne.app/skills/hiqa-risk-register/index.md)
Draft or update a risk register for healthcare services aligned with HIQA NSSBH (safe care, governance).
Tags: HIQA, Ireland, Healthcare, Risk, Compliance

### [HIQA Safeguarding Policy](https://rakenne.app/skills/hiqa-safeguarding-policy/index.md)
Draft or update a safeguarding policy for healthcare services aligned with HIQA NSSBH and national safeguarding guidance.
Tags: HIQA, Ireland, Healthcare, Safeguarding, Compliance

### [HIQA Statement of Purpose](https://rakenne.app/skills/hiqa-statement-of-purpose/index.md)
Draft or update a Statement of Purpose for a designated centre (older people, disability, or children) for HIQA registration.
Tags: HIQA, Ireland, Designated centres, Compliance

### [HIQA Workforce Performance Management Policy](https://rakenne.app/skills/hiqa-workforce-performance-policy/index.md)
Draft or update a workforce performance management policy for healthcare services aligned with HIQA NSSBH Theme 6.
Tags: HIQA, Ireland, Healthcare, Workforce, Compliance

### [HIQA Workforce Recruitment Policy](https://rakenne.app/skills/hiqa-workforce-recruitment-policy/index.md)
Draft or update a workforce recruitment policy for healthcare services aligned with HIQA NSSBH Theme 6.
Tags: HIQA, Ireland, Healthcare, Workforce, Compliance

### [HIQA Workforce Supervision Policy](https://rakenne.app/skills/hiqa-workforce-supervision-policy/index.md)
Draft or update a workforce supervision policy for healthcare services aligned with HIQA NSSBH Theme 6.
Tags: HIQA, Ireland, Healthcare, Workforce, Compliance

### [HIQA Workforce Training Policy](https://rakenne.app/skills/hiqa-workforce-training-policy/index.md)
Draft or update a workforce training policy for healthcare services aligned with HIQA NSSBH Theme 6.
Tags: HIQA, Ireland, Healthcare, Workforce, Compliance

### [HITRUST CSF Assessment](https://rakenne.app/skills/hitrust-csf-assessment/index.md)
Draft HITRUST CSF Validated Assessment deliverables for e1, i1, or r2 certification: control requirement responses at all maturity levels, evidence artifacts, Corrective Action Plans, and the Validated Assessment Report.
Tags: HITRUST, Compliance, Cybersecurity, Healthcare, Audit

### [Housing Agency Cost Rental — Management Agreements](https://rakenne.app/skills/housing-agency-cost-rental-management/index.md)
Draft and validate Management Agreements for Cost Rental housing providers in Ireland under the Housing Agency. Covers tenant eligibility, income-threshold wording, and alignment with Cost Rental (rent at least 25% below market). Complements cost_rental_auditor; includes tenant_eligibility_checker validation.
Tags: Ireland, Social & Affordable Housing, Cost Rental, Housing Agency, Management Agreements, Approved Housing Bodies

### [HR & Personnel Security](https://rakenne.app/skills/iso27001-hr-security/index.md)
Draft and validate HR security documents covering the full employment lifecycle: pre-employment screening, employment contract security clauses, management security responsibilities, disciplinary process framework, and termination/exit security procedures aligned with ISO 27001:2022 Annex A controls A.6.1, A.6.2, A.6.4, A.6.5, and A.5.4.
Tags: ISO 27001, A.6.1, A.6.2, A.6.4, A.6.5, A.5.4, ISMS, HR Security, Personnel Security, Compliance

### [IATF 16949 Process & CSR Author](https://rakenne.app/skills/iatf16949-process-csr-author/index.md)
Guided elaboration of IATF 16949 process documentation and customer-specific requirements (CSR) matrix: process maps, turtle diagrams, and evidence of conformity to OEM CSR.
Tags: IATF 16949, Automotive, QMS, CSR, Compliance

### [ICT Business Continuity & Disaster Recovery (DORA)](https://rakenne.app/skills/dora-business-continuity-ict/index.md)
Draft the ICT business continuity policy and disaster recovery plan required by DORA Articles 11-12, covering recovery objectives, switchover procedures, backup policies, continuity testing, and crisis management.
Tags: DORA, Business Continuity, Disaster Recovery, ICT Continuity, EU Regulation, Financial Services

### [ICT Contractual Provisions (DORA Art. 30)](https://rakenne.app/skills/dora-contractual-provisions/index.md)
Draft and review contractual provisions for ICT service provider agreements per DORA Art. 30, covering general requirements, enhanced provisions for critical functions, sub-outsourcing, audit rights, data location, and exit strategies.
Tags: DORA, Contractual Provisions, ICT Outsourcing, Art. 30, EU Regulation, Financial Services

### [ICT Risk Management Framework (DORA)](https://rakenne.app/skills/dora-ict-risk-framework/index.md)
Draft the complete ICT risk management framework required by the EU Digital Operational Resilience Act (DORA), covering governance, asset identification, protection, detection, response, recovery, and continuous improvement per Articles 5-16 and RTS 2024/1774.
Tags: DORA, ICT Risk Management, EU Regulation, Financial Services, Digital Operational Resilience, Compliance

### [ICT Subcontracting Oversight (DORA)](https://rakenne.app/skills/dora-subcontracting-oversight/index.md)
Draft the ICT subcontracting oversight framework per DORA and RTS 2025/0532, covering conditions for sub-outsourcing critical functions, notification and approval processes, concentration risk, and monitoring.
Tags: DORA, Subcontracting, ICT Outsourcing, Third-Party Risk, EU Regulation, Financial Services

### [ICT Third-Party Risk Policy (DORA)](https://rakenne.app/skills/dora-third-party-policy/index.md)
Draft the ICT third-party risk management policy required by DORA Art. 28 and RTS 2024/1773, covering strategy, due diligence, contractual provisions (Art. 30), monitoring, exit planning, concentration risk, and sub-outsourcing governance.
Tags: DORA, Third-Party Risk, ICT Outsourcing, EU Regulation, Financial Services, Vendor Management

### [IEC 62304 Software Lifecycle Author](https://rakenne.app/skills/iec62304-software-lifecycle-author/index.md)
Guided elaboration of medical device software lifecycle documentation per IEC 62304 — SDP, SOUP identification, SRS, design, verification/validation, and risk control integration.
Tags: IEC 62304, Medical Device, Software, Lifecycle, Compliance

### [IEC 62443 Zone & SR Elaborator](https://rakenne.app/skills/iec-62443-zone-sr-elaborator/index.md)
Guided elaboration of IACS security documentation per IEC 62443: zone/conduit model, Security Level (SL) targets, Security Requirements (SR) for components and systems, and gap remediation. Verifies each zone has an SL target and SR/FR are allocated.
Tags: Industrial Cybersecurity, IEC 62443, IACS, OT, Compliance

### [IEEE Software Design Author](https://rakenne.app/skills/ieee-software-design-author/index.md)
Guided elaboration of software or systems design documentation per IEEE standards (e.g. 1016 for design description, 829 for test documentation) — design views, traceability to requirements, and test plan/report structure.
Tags: IEEE, Software Design, Systems Engineering, Compliance, Traceability

### [Incident Decision Tree Builder](https://rakenne.app/skills/incident-decision-tree-builder/index.md)
Draft scenario-specific incident response playbooks (NIST CSF RS.RP) with a clear Decision Matrix for isolate vs. monitor and logic gates for Containment, Eradication, and Recovery. Inserts or validates mandatory regulatory reporting windows (e.g. GDPR 72h, SEC 4 days) in the playbook timeline.
Tags: NIST CSF, Incident Response, Security, GRC, Playbook, Regulatory

### [Incident Response Playbook](https://rakenne.app/skills/incident-response-playbook/index.md)
Draft step-by-step security playbooks for any cyber attack type. Tailored to your organisation, tech stack, and threat landscape. Produces detection criteria, containment, eradication, recovery, post-incident review, and a quick-reference card with MITRE ATT&CK mapping and role assignments.
Tags: Security, Incident Response, Cybersecurity, Playbook, MITRE ATT&CK

### [India DPDP Act — Data Protection Impact Assessment](https://rakenne.app/skills/in-dpdp-data-protection-assessment/index.md)
Draft and validate a Data Protection Impact Assessment for Significant Data Fiduciaries under India's Digital Personal Data Protection Act 2023. Covers processing inventory, consent framework, data principal rights, and cross-border transfers.
Tags: India, DPDP, Privacy, DPIA, Data protection

### [Individual Accountability Framework (IAF/SEAR) — Ireland](https://rakenne.app/skills/iaf-sear-ireland/index.md)
Draft and validate Statements of Responsibility and Management Responsibilities Maps for the Central Bank of Ireland IAF and SEAR. Supports banks, insurers, and investment firms. Includes gap detection for prescribed responsibilities and SEAR role mapping.
Tags: Compliance, Financial Services, Ireland, Regulation, SEAR, Governance

### [Information Security Policy (ISO 27001)](https://rakenne.app/skills/information-security-policy/index.md)
Draft and validate an Information Security Policy aligned with ISO 27001:2022. Builds a complete Statement of Applicability covering all 93 Annex A controls, validates enforceability of policy language, and maps every policy section to the relevant controls. Includes SoA cross-referencing and jargon-simplification tools.
Tags: Compliance, Security, ISO 27001, ISMS, Policy

### [Insurance coverage memo](https://rakenne.app/skills/insurance-coverage-memo/index.md)
Draft and validate coverage opinion memos (Facts, Policy, Analysis, Conclusion) with policy citations.
Tags: Insurance, Coverage, Legal, Memo

### [Insurance policy summary](https://rakenne.app/skills/insurance-policy-summary/index.md)
Produce and validate structured insurance policy summaries (coverage, limits, exclusions, conditions, notice). Reduces E&O risk by ensuring critical sections and notice provisions are present.
Tags: Insurance, Policy, Summary, Coverage, Compliance

### [Internal Communications](https://rakenne.app/skills/internal-comms/index.md)
Write internal communications using company-preferred formats. Covers 3P updates, company newsletters, FAQ responses, status reports, leadership updates, project updates, and incident reports.
Tags: Communication, Writing, Updates

### [Investor Visa Builder (Autorização de Residência)](https://rakenne.app/skills/investor-visa-builder/index.md)
Estrutura o Plano de Negócios e a comprovação de origem lícita de fundos para vistos de investidor ou nômade digital no Brasil. Valida checklist de documentos estrangeiros quanto à apostila de Haia e tradução juramentada (Lei 13.445/2017, CNIg).
Tags: Immigration, Brazil, Lei 13.445/2017, CNIg, Investor visa, Digital nomad, Apostille, HR

### [IP assignment clause check](https://rakenne.app/skills/ip-assignment-clause-check/index.md)
Review contracts for IP assignment clauses and flag gaps (scope, employee/contractor coverage).
Tags: IP, Contracts, Assignment, Work for hire, Commercial

### [IRB Application & Human Subjects Protocol](https://rakenne.app/skills/irb-human-subjects/index.md)
Draft IRB applications and human subjects research protocols for institutional review board submission. Covers protocol narrative, informed consent, risk/benefit analysis, privacy protections, and participant selection for surveys, interviews, experiments, and clinical research under 45 CFR 46 and 21 CFR 50/56.
Tags: IRB, Human Subjects, Research Ethics, Informed Consent, Common Rule, Academic Research

### [ISMS Internal Audit Report (Clause 9.2)](https://rakenne.app/skills/iso27001-isms-internal-audit-report/index.md)
Plan and execute ISO 27001 internal audits: create audit plans with sampling strategies, draft structured audit reports with findings mapped to clauses, validate finding completeness (severity, evidence, clause, CAPA), classify finding severity, and verify auditor impartiality.
Tags: Information Security, ISO 27001, ISMS, Internal Audit, Compliance, Clause 9.2

### [ISMS Scope Statement (ISO 27001 Clause 4.3)](https://rakenne.app/skills/iso27001-isms-scope/index.md)
Define and validate the ISMS scope boundaries (physical, organizational, technical) with justified exclusions and no Shadow IT gaps. Includes boundary integrity checker and exclusion logic validator for audit-ready scope statements.
Tags: ISO 27001, ISMS, Compliance, Scope, Clause 4.3

### [ISO 14001 EMS Documentation](https://rakenne.app/skills/iso14001-ems-documentation/index.md)
Draft ISO 14001:2015 Environmental Management System documentation: organization environmental profiling, gap assessment against clauses 4-10 with maturity ratings, and environmental policy creation. Includes tools for aspect significance evaluation, profile completeness checking, maturity scoring, remediation prioritization, and policy validation.
Tags: ISO 14001, EMS, Environment, Compliance, GRC

### [ISO 14971 Risk File Author](https://rakenne.app/skills/iso14971-risk-file-author/index.md)
Guided elaboration of risk management file for medical devices per ISO 14971: hazard identification, risk analysis, risk control, residual risk acceptability, and benefit–risk rationale. Flags risks above acceptability thresholds without control or justification.
Tags: Medical Devices, ISO 14971, Risk Management, Compliance, Benefit-Risk

### [ISO 17025 Accreditation Readiness Assessment](https://rakenne.app/skills/iso17025-accreditation-readiness/index.md)
Assess accreditation readiness across all ISO/IEC 17025:2017 clause areas. Scans workspace for deliverables, scores each clause area 0-100%, identifies gaps, and produces an evidence index mapping documents to requirements. Readiness scorer checks document presence and completeness signals; document package checker validates evidence coverage for every clause.
Tags: ISO 17025, Accreditation, Assessment Readiness, ILAC, Audit Preparation

### [ISO 17025 Complaints & Nonconforming Work](https://rakenne.app/skills/iso17025-complaints-nonconforming-work/index.md)
Establish complaint handling and nonconforming work procedures per ISO/IEC 17025:2017 Clauses 7.9 and 7.10. Covers the full complaint lifecycle (receipt, investigation, root cause analysis, resolution, trend analysis) and nonconforming work management (identification, impact evaluation, halt/hold/recall actions, customer notification, work resumption authority, CAPA linkage). Validates both processes for completeness and regulatory alignment.
Tags: ISO 17025, Complaints, Nonconforming Work, Clause 7.9, Clause 7.10, CAPA

### [ISO 17025 Equipment & Calibration Management](https://rakenne.app/skills/iso17025-equipment-calibration/index.md)
Build equipment register and calibration program per ISO/IEC 17025:2017 Clause 6.4. Covers equipment identification, calibration intervals with justification, intermediate checks, out-of-tolerance handling, and equipment lifecycle management.
Tags: ISO 17025, Equipment, Calibration, Maintenance, Clause 6.4, Metrology

### [ISO 17025 Externally Provided Products & Services](https://rakenne.app/skills/iso17025-externally-provided-services/index.md)
Build and validate procedures for managing externally provided products and services per ISO/IEC 17025:2017 Clause 6.6. Covers supplier evaluation criteria, approved supplier lists, subcontracting of tests/calibrations with customer notification, and ongoing monitoring of external providers. Extension tools validate evaluation completeness and subcontracting compliance.
Tags: ISO 17025, External Providers, Subcontracting, Purchasing, Clause 6.6, Suppliers

### [ISO 17025 Facility & Environmental Conditions](https://rakenne.app/skills/iso17025-facility-environmental-conditions/index.md)
Facility and environmental conditions management per ISO/IEC 17025:2017 Clause 6.3. Documents facility requirements, environmental monitoring programs with parameters, limits, and frequencies, access controls, and contamination prevention. Environmental monitoring validator checks monitoring completeness; facility layout checker validates segregation and access controls.
Tags: ISO 17025, Facilities, Environmental Conditions, Monitoring, Clause 6.3

### [ISO 17025 Gap Assessment](https://rakenne.app/skills/iso17025-gap-assessment/index.md)
Perform a structured gap assessment against ISO/IEC 17025:2017 clauses 4-8. Clause gap detector ensures all major clause areas are assessed; maturity rating tool validates 0-5 maturity scores for consistency with findings. Produces findings register and remediation roadmap.
Tags: ISO 17025, Gap Assessment, Accreditation, Audit Readiness, Quality

### [ISO 17025 Impartiality & Confidentiality](https://rakenne.app/skills/iso17025-impartiality-confidentiality/index.md)
Impartiality risk assessment per Clause 4.1 and confidentiality management per Clause 4.2 of ISO/IEC 17025:2017. Identifies risks from financial pressures, relationships, personnel, and organizational structure. Documents legally enforceable confidentiality commitments and information release procedures.
Tags: ISO 17025, Impartiality, Confidentiality, Clause 4.1, Clause 4.2, Ethics

### [ISO 17025 Internal Audit Program](https://rakenne.app/skills/iso17025-internal-audit/index.md)
Establish and manage an internal audit program per ISO/IEC 17025:2017 Clause 8.8. Produces audit procedure, annual plan with schedule, clause-by-clause checklist, and report template with finding classification. Audit plan validator checks scope coverage and auditor impartiality; finding completeness checker validates report structure and evidence requirements.
Tags: ISO 17025, Internal Audit, Clause 8.8, Audit Program, Quality Audit

### [ISO 17025 Laboratory Profile](https://rakenne.app/skills/iso17025-laboratory-profile/index.md)
Build and validate a foundational laboratory profile for ISO/IEC 17025:2017 accreditation. Captures lab identity, organizational structure and impartiality basis (Cl.4.1.5), accreditation status, scope of accreditation (disciplines, methods, measurands, ranges, scope type, CMC/uncertainty expressions), authorized signatories, key personnel, facilities, major equipment with calibration intervals, proficiency testing programme (Cl.7.7), subcontracting arrangements (Cl.6.6.3), and management commitment (Cl.8.2.2). Profile completeness checker validates all required sections; scope validator performs per-method field validation and reports failures by method ID.
Tags: ISO 17025, Laboratory, Accreditation, Quality, Testing, Calibration, Metrology

### [ISO 17025 Management Review](https://rakenne.app/skills/iso17025-management-review/index.md)
Prepare and conduct management reviews per ISO/IEC 17025:2017 Clause 8.9. Compiles all required inputs (internal audits, corrective actions, PT results, risk assessments, resource adequacy), documents review decisions, and tracks action items. Review input validator checks all Clause 8.9.2 categories; action item tracker validates decisions, owners, and deadlines.
Tags: ISO 17025, Management Review, Clause 8.9, PDCA, Continual Improvement

### [ISO 17025 Measurement Uncertainty](https://rakenne.app/skills/iso17025-measurement-uncertainty/index.md)
Estimate measurement uncertainty per ISO/IEC 17025:2017 Clause 7.6 using GUM (JCGM 100:2008) methodology. Builds uncertainty budgets with Type A/B component identification, distribution divisors, sensitivity coefficients, law of propagation of uncertainty, Welch-Satterthwaite for effective degrees of freedom, and coverage factor justification per ILAC P14:01/2020. Validates budget completeness and Clause 7.8.3/7.8.4 reporting compliance including decision rules and guard-band methods for conformity statements.
Tags: ISO 17025, Measurement Uncertainty, GUM, JCGM 100, Clause 7.6, Metrology, Type A, Type B, ILAC P14, EA-4/02, Calibration

### [ISO 17025 Method Selection, Verification & Validation](https://rakenne.app/skills/iso17025-method-validation/index.md)
Build and validate method selection, verification, and full/partial validation procedures per ISO/IEC 17025:2017 Clause 7.2. Covers the Clause 7.2.1.1 method selection hierarchy, verification of standard methods, partial validation for deviated standard methods (Cl.7.2.1.4), and full validation of non-standard/lab-developed methods with track-aware performance characteristics, CRM/reference material strategy, acceptance criteria, and fitness-for-purpose conclusions. Extension tools validate protocol completeness and report compliance with track-aware minimum characteristic counts.
Tags: ISO 17025, ISO/IEC 17025:2017, Method Validation, Method Verification, Clause 7.2, Clause 7.2.2, Test Methods, Analytical Methods, EURACHEM, Laboratory Accreditation, Performance Characteristics, Fitness for Purpose

### [ISO 17025 Metrological Traceability](https://rakenne.app/skills/iso17025-metrological-traceability/index.md)
Establish and validate metrological traceability per ISO/IEC 17025:2017 Clause 6.5. Documents traceability chains from working standards through reference standards to NMI/SI for each measurand. Manages reference standards and certified reference materials (CRMs) with certificates, expiry tracking, and storage conditions. Extension tools validate chain completeness and reference standard register entries.
Tags: ISO 17025, Metrological Traceability, Reference Standards, CRM, Clause 6.5, SI Units

### [ISO 17025 Personnel Competence](https://rakenne.app/skills/iso17025-personnel-competence/index.md)
Personnel competence management per ISO/IEC 17025:2017 Clause 6.2. Builds competence matrix mapping personnel to authorized methods, documents training programs, and ensures business continuity through redundant authorization. Competence matrix validator checks completeness; authorization coverage checker flags single-point-of-failure methods.
Tags: ISO 17025, Personnel, Competence, Training, Authorization, Clause 6.2

### [ISO 17025 Quality Manual & Document Control](https://rakenne.app/skills/iso17025-quality-manual/index.md)
Draft and validate quality management system documentation per ISO/IEC 17025:2017 Clauses 8.1–8.4. Produces a quality manual with quality policy, document control procedure, record control procedure, and master document list. Quality manual checker validates policy, structure, and clause coverage; document control validator ensures approval, revision, and distribution processes are defined.
Tags: ISO 17025, Quality Manual, Document Control, QMS, Clause 8.1, Clause 8.2, Clause 8.3, Clause 8.4

### [ISO 17025 Reporting of Results](https://rakenne.app/skills/iso17025-reporting-results/index.md)
Design and validate test reports and calibration certificates per ISO/IEC 17025:2017 Clause 7.8. Creates compliant report templates with all mandatory elements (title, lab ID, unique reference, customer info, method, dates, results with units, signatures), handles opinions/interpretations per Clause 7.8.7, defines decision rules for conformity statements per Clause 7.8.6, and establishes amendment procedures.
Tags: ISO 17025, Reporting, Test Reports, Calibration Certificates, Clause 7.8

### [ISO 17025 Request, Tender & Contract Review](https://rakenne.app/skills/iso17025-request-contract-review/index.md)
Build and validate a procedure for reviewing requests, tenders, and contracts per ISO/IEC 17025:2017 Clause 7.1. Ensures the laboratory confirms capability, selects appropriate methods, and communicates with customers before accepting work. Covers new and repeat requests, amendments, subcontracting decisions, and dispute resolution. Extension tool validates completeness of all required procedural elements.
Tags: ISO 17025, Contract Review, Requests, Tenders, Clause 7.1, Customer

### [ISO 17025 Risk, Opportunity & Corrective Action Management](https://rakenne.app/skills/iso17025-risk-opportunity-management/index.md)
Identify and manage laboratory risks and opportunities per ISO/IEC 17025:2017 Clauses 8.5–8.7. Produces a scored risk register, corrective action procedure with root cause analysis, and CAPA tracking log. Risk register validator checks entry completeness and scoring; corrective action tracker validates procedure elements from trigger through effectiveness verification.
Tags: ISO 17025, Risk Management, Corrective Actions, Improvement, Clause 8.5, Clause 8.6, Clause 8.7, CAPA

### [ISO 17025 Sampling & Test Item Handling](https://rakenne.app/skills/iso17025-sampling-handling/index.md)
Build and validate sampling plans (Clause 7.3) and test/calibration item handling procedures (Clause 7.4) per ISO/IEC 17025:2017. Covers sampling methodology with statistical basis, sample receipt and registration, unique identification systems, condition assessment, handling to prevent damage and contamination, storage conditions, preparation, retention, and disposal. Extension tools validate sampling plan completeness and item handling procedure compliance.
Tags: ISO 17025, Sampling, Sample Handling, Clause 7.3, Clause 7.4, Chain of Custody

### [ISO 17025 Technical Records](https://rakenne.app/skills/iso17025-technical-records/index.md)
Establish technical records and data management procedures per ISO/IEC 17025:2017 Clauses 7.5 and 7.11. Covers recording requirements (date, personnel, equipment, conditions, observations, calculations), correction procedures (single-line strike), original observation preservation, data integrity controls, LIMS/software validation, electronic record management with audit trails, and data retention policies.
Tags: ISO 17025, Technical Records, Data Integrity, LIMS, Clause 7.5, Clause 7.11

### [ISO 17025 Validity of Results](https://rakenne.app/skills/iso17025-validity-of-results/index.md)
Design and validate a quality assurance program per ISO/IEC 17025:2017 Clause 7.7. Covers internal QC techniques (CRMs, replicates, spikes, blanks), proficiency testing and inter-laboratory comparisons, control chart monitoring (Shewhart, CUSUM), out-of-control response procedures, and performance evaluation using z-scores and En numbers. Validates QC program completeness and PT/ILC coverage for all accredited methods.
Tags: ISO 17025, Quality Control, Proficiency Testing, ILC, Clause 7.7, Control Charts

### [ISO 20000 Budgeting and Accounting for IT Services](https://rakenne.app/skills/iso20000-budgeting-accounting/index.md)
Establish budgeting and accounting for IT services per ISO/IEC 20000-1:2011 Clause 6.4. Creates service cost models with cost categories, allocation methods, budgeting cycles, and per-service cost breakdowns. Validates the service costs register for completeness.
Tags: ISO 20000, SMS, Budgeting, Financial Management, IT Service Management

### [ISO 20000 Business Relationship Management](https://rakenne.app/skills/iso20000-business-relationship/index.md)
Establish business relationship management for ISO/IEC 20000-1:2011 Clause 7.1 -- customer relationships, satisfaction measurement, complaint handling, and communication planning.
Tags: ISO 20000, SMS, Business Relationship, Customer Management, IT Service Management

### [ISO 20000 Capacity Management](https://rakenne.app/skills/iso20000-capacity-management/index.md)
Create the capacity management plan for ISO/IEC 20000-1:2011 Clause 6.5. Identifies capacity-critical resources per service, documents baselines and utilization, forecasts demand, defines thresholds with trigger actions, and plans capacity upgrades. Validates the capacity plan register for completeness.
Tags: ISO 20000, SMS, Capacity Management, IT Service Management, Planning

### [ISO 20000 Gap Assessment](https://rakenne.app/skills/iso20000-gap-assessment/index.md)
Assess current service management maturity against all ISO/IEC 20000-1:2011 requirements (Clauses 4-9). Evaluates 15 clause areas on a 0-5 maturity scale, documents gaps with remediation actions, and produces a prioritized remediation roadmap. Gap assessment validator ensures all clause areas are covered and findings are complete.
Tags: ISO 20000, SMS, Gap Assessment, Audit, IT Service Management

### [ISO 20000 Incident and Service Request Management](https://rakenne.app/skills/iso20000-incident-management/index.md)
Establish incident and service request management for ISO/IEC 20000-1:2011 Clause 8.1 -- incident lifecycle, priority matrix, escalation procedures, major incident handling, and service request fulfillment.
Tags: ISO 20000, SMS, Incident Management, Service Request, IT Service Management, ITSM

### [ISO 20000 Information Security Management](https://rakenne.app/skills/iso20000-information-security/index.md)
Establish information security management for the SMS per ISO/IEC 20000-1:2011 Clause 6.6. Defines the information security policy, identifies security controls mapped to services, establishes security incident management, and documents ISO 27001 alignment. Validates the security controls register for domain coverage and service mapping.
Tags: ISO 20000, SMS, Information Security, IT Service Management, Security

### [ISO 20000 Internal Audit (Clause 4.5.4.2)](https://rakenne.app/skills/iso20000-internal-audit/index.md)
Plan and execute SMS internal audits for ISO/IEC 20000-1:2011. Create annual audit programs, plan individual engagements, document findings with classifications (Major NC, Minor NC, Observation, OFI), and prepare corrective action plans.
Tags: ISO 20000, SMS, Internal Audit, Compliance, IT Service Management, GRC

### [ISO 20000 Management Review (Clause 4.5.5)](https://rakenne.app/skills/iso20000-management-review/index.md)
Prepare and conduct management review of the SMS for ISO/IEC 20000-1:2011. Compile all required review inputs per Clause 4.5.5, document decisions with owners and dates, track improvement actions, and produce the management review report.
Tags: ISO 20000, SMS, Management Review, Continual Improvement, IT Service Management, GRC

### [ISO 20000 Monitoring and Measurement (Clause 4.5.4.1)](https://rakenne.app/skills/iso20000-monitoring-measurement/index.md)
Define monitoring, measurement, and review framework for the SMS per ISO/IEC 20000-1:2011. Establish KPIs for all SMS process areas (Clauses 4-9), define measurement methods and targets, create CAPA tracking, and set up effectiveness reviews.
Tags: ISO 20000, SMS, Monitoring, Measurement, KPIs, IT Service Management, CAPA

### [ISO 20000 Organization Profile](https://rakenne.app/skills/iso20000-organization-profile/index.md)
Build and validate a shared organization profile for ISO/IEC 20000-1:2011 certification. Captures organizational facts (service provider type, locations, departments, technology, roles, maturity) that feed into SMS scope, service catalog, gap assessment, and service management planning. Profile completeness checker validates all required sections.
Tags: ISO 20000, SMS, IT Service Management, Organization, GRC

### [ISO 20000 Problem Management](https://rakenne.app/skills/iso20000-problem-management/index.md)
Establish problem management for ISO/IEC 20000-1:2011 Clause 8.2 -- root cause analysis, known error database, proactive problem identification, and integration with incident and change management.
Tags: ISO 20000, SMS, Problem Management, Root Cause Analysis, IT Service Management, ITSM

### [ISO 20000 Service Catalog](https://rakenne.app/skills/iso20000-service-catalog/index.md)
Create and validate the service catalog for ISO/IEC 20000-1:2011. Lists all services with owners, customers, SLA references, criticality, and dependency mappings. Service catalog validator checks required fields, duplicate IDs, and orphan dependencies. Feeds into service level management, business relationship management, and capacity planning.
Tags: ISO 20000, SMS, Service Catalog, IT Service Management

### [ISO 20000 Service Continuity and Availability Management](https://rakenne.app/skills/iso20000-service-continuity-availability/index.md)
Create service continuity and availability management plans for ISO/IEC 20000-1:2011 Clause 6.3. Guides business impact analysis, RTO/RPO definition, continuity strategies, availability targets, disaster recovery procedures, and testing schedules. Validates the continuity-availability register for completeness.
Tags: ISO 20000, SMS, Service Continuity, Availability, BCP, IT Service Management

### [ISO 20000 Service Level Management](https://rakenne.app/skills/iso20000-service-level-management/index.md)
Create and manage service level agreements (SLAs), operational level agreements (OLAs), and underpinning contracts for ISO/IEC 20000-1:2011 Clause 6.1. Defines service targets, measurement methods, reporting frequency, and SLA review processes. Validates the SLA register for completeness and service catalog alignment.
Tags: ISO 20000, SMS, SLA, Service Level Management, IT Service Management

### [ISO 20000 Service Management Plan](https://rakenne.app/skills/iso20000-service-management-plan/index.md)
Create and validate the service management plan for ISO/IEC 20000-1:2011 per Clause 4.5.2. Covers SMS objectives, governance structure, PDCA approach for each process area, resource planning, documentation framework, risk management, and implementation timeline. SMS plan validator checks all required elements are present.
Tags: ISO 20000, SMS, Service Management Plan, IT Service Management, Governance

### [ISO 20000 Service Reporting](https://rakenne.app/skills/iso20000-service-reporting/index.md)
Define the service reporting framework for ISO/IEC 20000-1:2011 Clause 6.2. Establishes report types, audiences, frequency, data sources, and templates for service performance reporting. Validates the service reports register for completeness.
Tags: ISO 20000, SMS, Service Reporting, IT Service Management, KPIs

### [ISO 20000 SMS Scope Definition](https://rakenne.app/skills/iso20000-sms-scope/index.md)
Define and validate the SMS scope for ISO/IEC 20000-1:2011 certification per Clause 4.5.1. Identifies which services, processes, locations, and organizational units are within the service management system boundary. Scope completeness checker validates required sections including exclusions and interfaces.
Tags: ISO 20000, SMS, Scope, IT Service Management

### [ISO 20000 Supplier Management](https://rakenne.app/skills/iso20000-supplier-management/index.md)
Establish supplier management for ISO/IEC 20000-1:2011 Clause 7.2 -- supplier identification, criticality classification, contract requirements, performance monitoring, and governance of outsourced processes.
Tags: ISO 20000, SMS, Supplier Management, Vendor Management, IT Service Management

### [ISO 20000-1 Change Management (Clause 9.2)](https://rakenne.app/skills/iso20000-change-management/index.md)
Establish change management for ISO/IEC 20000-1:2011 Clause 9.2. Define change types, lifecycle stages, CAB structure, emergency procedures, and process integrations.
Tags: ISO 20000, SMS, Change Management, CAB, IT Service Management, ITSM

### [ISO 20000-1 Configuration Management (Clause 9.1)](https://rakenne.app/skills/iso20000-configuration-management/index.md)
Establish configuration management and the CMDB for ISO/IEC 20000-1:2011 Clause 9.1. Define CI types, attributes, naming conventions, CMDB structure, CI lifecycle, and verification procedures.
Tags: ISO 20000, SMS, Configuration Management, CMDB, IT Service Management, ITSM

### [ISO 20000-1 Design and Transition of New or Changed Services (Clause 5)](https://rakenne.app/skills/iso20000-design-transition/index.md)
Establish the design and transition process for new or changed services per ISO/IEC 20000-1:2011 Clause 5. Define service design lifecycle, acceptance criteria, transition planning, and process integrations.
Tags: ISO 20000, SMS, Design, Transition, Service Lifecycle, IT Service Management

### [ISO 20000-1 Release and Deployment Management (Clause 9.3)](https://rakenne.app/skills/iso20000-release-management/index.md)
Establish release and deployment management for ISO/IEC 20000-1:2011 Clause 9.3. Define release types, deployment procedures, acceptance criteria, and rollback procedures.
Tags: ISO 20000, SMS, Release Management, Deployment, IT Service Management, ITSM

### [ISO 27001 Asset Inventory & Classification Register](https://rakenne.app/skills/iso27001-asset-inventory/index.md)
Build and validate an Asset Inventory & Classification Register for ISO 27001:2022 Control A.5.9. Catalog information assets with Ownership and Classification (Public, Internal, Confidential, Restricted), suggest classification from sensitivity descriptions, and verify that every asset has a named Information Owner and that Confidential/Restricted assets have handling procedures.
Tags: ISO 27001, ISMS, Compliance, Asset Management, Classification, A.5.9

### [ISO 27001 Awareness and Training Plan](https://rakenne.app/skills/iso27001-awareness-training-plan/index.md)
Create, validate, and maintain the ISO 27001:2022 awareness and training plan per Clauses 7.2 (Competence), 7.3 (Awareness), and Annex A control A.6.3. Defines target audiences with role-based training requirements, training modules, delivery methods, annual schedule with quarterly phishing simulations, and effectiveness evaluation metrics. Validates section completeness, audience coverage, and schedule gaps. Produces a standalone audit-ready training plan document.
Tags: ISO 27001, ISMS, Training, Awareness, GRC, Compliance, Clause 7.2, Clause 7.3, A.6.3

### [ISO 27001 Business Continuity & Disaster Recovery Plan](https://rakenne.app/skills/iso27001-business-continuity-plan/index.md)
Create operationally detailed Business Continuity Plans (BCP) and Disaster Recovery Plans (DRP) with BIA-driven recovery sequences, RTO/RPO validation, failover procedures, and exercise records per ISO 27001 Controls A.5.29/A.5.30.
Tags: ISO 27001, ISMS, Compliance, Business Continuity, Disaster Recovery, BCP, DRP, A.5.29, A.5.30

### [ISO 27001 Confidentiality & NDA Agreements](https://rakenne.app/skills/iso27001-confidentiality-nda/index.md)
Create and manage confidentiality and non-disclosure agreement templates with a tracking register per ISO 27001 Control A.6.6. Covers both employee and third-party scenarios.
Tags: ISO 27001, ISMS, Compliance, NDA, Confidentiality, A.6.6

### [ISO 27001 Critical Supplier Register](https://rakenne.app/skills/iso27001-critical-supplier-register/index.md)
Operational register of critical suppliers with data access, SLA thresholds, BCP dependencies, security assessment history, and internal ownership. The auditor-expected evidence document that proves supply chain operational knowledge per Clause 7.5.1(b) and Controls A.5.19–A.5.22.
Tags: ISO 27001, ISMS, Compliance, Supplier Management, A.5.19, A.5.21, A.5.22, Supply Chain

### [ISO 27001 Gap Assessment](https://rakenne.app/skills/iso27001-gap-assessment/index.md)
Perform a structured gap assessment against ISO 27001:2022 clauses 4-10 and 93 Annex A controls. Mandatory artifact detector scans for missing ISMS documents; maturity rating tool suggests 0-5 maturity levels per clause area. Produces findings register and remediation roadmap.
Tags: ISO 27001, ISMS, Compliance, Gap Assessment, GRC, Audit Readiness

### [ISO 27001 ISMS Annual Maintenance & Surveillance Audit Prep](https://rakenne.app/skills/iso27001-annual-maintenance/index.md)
Prepare for annual ISO 27001 surveillance audits by reviewing and updating existing ISMS documents. Scans documents for freshness, assesses organizational changes, performs delta risk re-assessment, updates SoA, reconciles CAPAs from prior audits, assembles surveillance audit evidence pack, scores audit readiness across 10 dimensions, and produces a year-over-year ISMS health report. Designed for certified organizations maintaining their ISMS between recertification cycles.
Tags: ISO 27001, ISMS, Annual Review, Surveillance Audit, Maintenance, PDCA, GRC, Compliance

### [ISO 27001 Legal & Regulatory Requirements Register](https://rakenne.app/skills/iso27001-legal-requirements-register/index.md)
Identify, document, and track all legal, statutory, regulatory, and contractual requirements relevant to information security per ISO 27001 Control A.5.31.
Tags: ISO 27001, ISMS, Compliance, Legal, Regulatory, A.5.31

### [ISO 27001 Management Review](https://rakenne.app/skills/iso27001-management-review/index.md)
Prepare, validate, and document the ISO 27001:2022 management review per Clause 9.3. Compiles input pack from workspace ISMS artifacts, validates all 10 mandatory input categories (Clause 9.3.2) and 3 required output decisions (Clause 9.3.3), and checks that every action has an owner, due date, and expected outcome. Produces review agenda, input pack, minutes, and action tracker.
Tags: ISO 27001, ISMS, Management Review, GRC, Compliance, Clause 9.3

### [ISO 27001 Monitoring, Measurement & Evaluation](https://rakenne.app/skills/iso27001-monitoring-measurement-evaluation/index.md)
Draft and validate the Clause 9.1 report (PDCA 'Check') and Clause 6.2 objectives register: six validation tools covering KPI effectiveness, CAPA linkage for every failed control, CAPA field completeness (root cause, corrective action, owner, date, effectiveness review), cross-document audit NC reconciliation, and objectives completeness (including Clause 6.2(c) risk register linkage and Clause 6.2(h) resources).
Tags: ISO 27001, ISMS, Compliance, Monitoring, Metrics, CAPA, Clause 9.1, Clause 10.2, Clause 6.2

### [ISO 27001 Operating Procedures (SOPs)](https://rakenne.app/skills/iso27001-operating-procedures/index.md)
Create, validate, and index standard operating procedures (SOPs) for information processing facilities per ISO 27001 Control A.5.37. Produces step-by-step procedures with traceability to Annex A controls.
Tags: ISO 27001, ISMS, Compliance, SOP, Operating Procedures, A.5.37, Clause 7.5

### [ISO 27001 Organization Profile](https://rakenne.app/skills/iso27001-organization-profile/index.md)
Build and validate a shared organization profile for ISO 27001 certification. Captures organizational facts (industry, locations, technology stack, regulations, suppliers) that feed into scope, risk assessment, SoA, and policy generation. Technology stack normalizer classifies systems; profile completeness checker validates all required sections.
Tags: ISO 27001, ISMS, Compliance, Organization, GRC

### [ISO 27001 Policy Generator](https://rakenne.app/skills/iso27001-policy-generator/index.md)
Generate, validate, and maintain the core ISMS policy and procedure set for ISO 27001:2022 certification. Produces 22 document types (information security policy, ISMS manual, risk management, access control, incident management, asset management, change management, business continuity, document control, corrective action, classification and handling, cryptography, secure development, vulnerability management, remote working, backup, management responsibilities, intellectual property, data leakage prevention, network security, secure disposal, cabling security) with clause-aware templates and organization-specific tailoring.
Tags: ISO 27001, ISMS, GRC, Compliance, Policy, Procedure, Documentation

### [ISO 27001 Risk Assessment](https://rakenne.app/skills/iso27001-risk-assessment/index.md)
Complete ISO 27001:2022 risk assessment workflow covering methodology definition, risk identification using a 12-category threat taxonomy, risk analysis with 5×5 matrix scoring, treatment planning with Annex A control mapping, and residual risk validation. Produces auditor-ready risk methodology, risk register, treatment plan, and acceptance forms per Clause 6.1.2 and 6.1.3.
Tags: ISO 27001, Risk Assessment, ISMS, GRC, Compliance, Information Security, Risk Management

### [ISO 27001 Secure Architecture Principles](https://rakenne.app/skills/iso27001-secure-architecture-principles/index.md)
Document secure system architecture and engineering principles per ISO 27001 Control A.8.27. Produces a principles catalog with rationale, implementation guidance, and technology-stack applicability for development and infrastructure teams.
Tags: ISO 27001, ISMS, Compliance, Secure Architecture, Engineering Principles, A.8.27

### [ISO 27001 Statement of Applicability](https://rakenne.app/skills/iso27001-soa/index.md)
Build and validate the SoA (Clause 6.1.3): map 93 Annex A controls to In/Out with justification and implementation evidence. SoA mapping engine suggests inclusions from risk assessment; control justification audit ensures excluded controls have valid reasons and included controls link to active policies.
Tags: ISO 27001, ISMS, Compliance, SoA, Clause 6.1.3, Annex A

### [ISO 27001 Supplier Information Security Policy](https://rakenne.app/skills/iso27001-supplier-security-policy/index.md)
Draft and validate supplier security requirements and annexes for ISO 27001:2022 Control 5.21. Tier-based Minimum Security Baseline (Cloud vs Janitorial), Right to Audit and Breach Notification validation.
Tags: ISO 27001, ISMS, Compliance, Supplier Security, A.5.19, A.5.21

### [ISO 27701 Controller Controls (Annex A)](https://rakenne.app/skills/iso27701-controller-controls/index.md)
Implement and document ISO 27701 Clause 7 and Annex A controls specific to PII controllers. Covers conditions for collection/processing, obligations to PII principals, privacy by design/default, and PII sharing/transfer/disclosure with implementation status, evidence, and justification for exclusions.
Tags: ISO 27701, Privacy, Controller, Annex A, PII, Compliance

### [ISO 27701 DPIA Program](https://rakenne.app/skills/iso27701-dpia-program/index.md)
Establish a Data Protection Impact Assessment (DPIA) program aligned to ISO 27701 Clause 7.2.5 and GDPR Article 35. Create DPIA methodology with WP29/EDPB screening criteria, screen processing activities for high-risk triggers, conduct individual DPIAs, and track risk mitigation with residual risk assessment.
Tags: ISO 27701, Privacy, DPIA, Impact Assessment, PII, Compliance

### [ISO 27701 PII Processing Inventory](https://rakenne.app/skills/iso27701-pii-inventory/index.md)
Build the PII processing inventory (Record of Processing Activities / ROPA) and data flow map for ISO 27701. Catalogs every processing activity with purpose, legal basis, data categories, PII principals, recipients, retention periods, and cross-border transfers. Produces a data flow map showing PII flows between systems, parties, and jurisdictions.
Tags: ISO 27701, Privacy, PII, ROPA, Data Inventory, Compliance

### [ISO 27701 PIMS Extension Author](https://rakenne.app/skills/iso27701-pims-extension-author/index.md)
Guided elaboration of PIMS documentation as an extension to ISMS: PII processing inventory, privacy objectives, processing purposes and legal basis, controller/processor annex controls, and privacy policy drafting aligned to Clause 6 controller obligations.
Tags: ISO 27701, Privacy, PIMS, PII, Compliance, Privacy Policy

### [ISO 27701 PIMS Internal Audit](https://rakenne.app/skills/iso27701-pims-internal-audit/index.md)
Plan and document a PIMS-specific internal audit. Covers audit planning, execution checklist, findings, nonconformities, and corrective actions focused on privacy controls and PII processing compliance.
Tags: ISO 27701, Privacy, Audit, Internal Audit, PIMS, Compliance, ISO 19011

### [ISO 27701 PIMS Scope Definition](https://rakenne.app/skills/iso27701-pims-scope/index.md)
Define the Privacy Information Management System (PIMS) scope per ISO/IEC 27701:2019+AMD1:2024 Clauses 5.2.1–5.2.4 — organization role as PII controller, processor, or both (5.2.1); interested parties and their privacy needs (5.2.2); PII principal categories, applicable regulations (GDPR, LGPD, CCPA/CPRA, PIPEDA, PDPA, APPI, POPIA, PIPL), PIMS boundaries, cross-border transfers, privacy objectives, and exclusions (5.2.3); and ISMS linkage (5.2.4). Foundation skill for all ISO 27701 documentation.
Tags: ISO 27701, Privacy, PIMS, Scope, Compliance

### [ISO 27701 PIMS Statement of Applicability](https://rakenne.app/skills/iso27701-pims-soa/index.md)
Create the PIMS Statement of Applicability covering both Annex A (controller) and Annex B (processor) controls. Maps each control to In/Out with justification, implementation status, and evidence — the PIMS-specific equivalent of the ISO 27001 SoA.
Tags: ISO 27701, Privacy, SoA, Statement of Applicability, Annex A, Annex B, Compliance

### [ISO 27701 Privacy Policy Generator](https://rakenne.app/skills/iso27701-privacy-policy-generator/index.md)
Generate a comprehensive privacy policy/notice aligned to ISO 27701 Clause 6 controller obligations. Uses PII inventory and controller controls as inputs to produce a legally-grounded, auditable privacy policy covering all 15 mandatory topics, plus a condensed privacy notice for user-facing communication.
Tags: ISO 27701, Privacy, Privacy Policy, Clause 6, Controller, Compliance, GDPR, LGPD, CCPA, CPRA

### [ISO 27701 Privacy Risk Assessment](https://rakenne.app/skills/iso27701-privacy-risk-assessment/index.md)
Conduct a privacy-specific risk assessment focusing on risks to PII principals per ISO 27701 Clause 5.4 (2019) / Clause 6.6 (2025). Defines all 8 individual-focused privacy impact criteria (physical harm, financial loss, discrimination, reputational damage, emotional distress, loss of autonomy, identity theft, social disadvantage — not organizational CIA-triad categories), identifies privacy threats per processing activity and PII principal category, scores risks on a 5x5 privacy impact matrix, assesses DPIA triggers per GDPR Art. 35 / EDPB WP248 rev.01, and plans treatment using privacy-specific options (minimize, pseudonymize, anonymize, consent, purpose limitation, encryption, deletion).
Tags: ISO 27701, ISO 27701:2019, Privacy, Risk Assessment, PII, PII Principals, DPIA, GDPR Art. 35, Compliance

### [ISO 27701 Processor Controls (Annex B)](https://rakenne.app/skills/iso27701-processor-controls/index.md)
Implement and document ISO 27701 Clause 8 and Annex B controls specific to PII processors. Covers conditions for processing, obligations to PII principals, privacy by design/default, sub-processor management, and PII sharing/transfer/disclosure with implementation status, evidence, and justification for exclusions.
Tags: ISO 27701, Privacy, Processor, Annex B, PII, Compliance

### [ISO 27701 Security Controls Overlay](https://rakenne.app/skills/iso27701-security-controls-overlay/index.md)
Create the privacy overlay for the 93 ISO 27002:2022 security controls. For each control in the SoA, document what additional privacy-specific implementation is needed per ISO 27701 Clause 6. Covers all four control themes (Organizational, People, Physical, Technological) with privacy augmentation guidance and evidence mapping.
Tags: ISO 27701, Privacy, Controls, ISO 27002, PIMS, Compliance

### [ISO 42001 AI Impact Assessment](https://rakenne.app/skills/iso42001-impact-assessment/index.md)
Draft AI impact assessments (AI system impact assessment) for ISO/IEC 42001:2023 and related frameworks.
Tags: ISO 42001, Impact Assessment, AI

### [ISO 42001 AI Lifecycle Procedures](https://rakenne.app/skills/iso42001-lifecycle-procedures/index.md)
Draft AI lifecycle management procedures for ISO/IEC 42001:2023 (concept to retirement).
Tags: ISO 42001, Lifecycle, Procedures, Governance, AI

### [ISO 42001 AI Policy](https://rakenne.app/skills/iso42001-ai-policy/index.md)
Draft and validate the formal AI Policy for ISO/IEC 42001:2023, covering all mandatory Clause 5.2 elements: organizational purpose alignment, compliance commitment, continual improvement, risk management, transparency, data governance, and ethical use including human rights.
Tags: ISO 42001, AI Policy, Governance, Compliance, AI, AIMS

### [ISO 42001 AI Risk Assessment Methodology](https://rakenne.app/skills/iso42001-risk-assessment-methodology/index.md)
Draft the AI risk assessment methodology for ISO/IEC 42001:2023.
Tags: ISO 42001, Risk Assessment, Methodology, Compliance, AI

### [ISO 42001 AI Risk Register](https://rakenne.app/skills/iso42001-risk-register/index.md)
Draft and validate the AI risk register for ISO/IEC 42001:2023 with ownership, treatment, and residual risk.
Tags: ISO 42001, Risk Register, Risk Management, Compliance, AI

### [ISO 42001 AI System Description](https://rakenne.app/skills/iso42001-system-description/index.md)
Draft AI system description and intended purpose per system for ISO/IEC 42001:2023.
Tags: ISO 42001, System Description, Documentation, AI

### [ISO 42001 AIMS Scope and Context](https://rakenne.app/skills/iso42001-aims-scope-context/index.md)
Draft and validate AIMS scope statement and organizational context for ISO/IEC 42001:2023 certification (Clause 4).
Tags: ISO 42001, AIMS, Governance, Compliance, AI

### [ISO 42001 Data Governance](https://rakenne.app/skills/iso42001-data-governance/index.md)
Draft data governance procedures for AI systems under ISO/IEC 42001:2023.
Tags: ISO 42001, Data Governance, Data Quality, Compliance, AI

### [ISO 42001 Incident Response](https://rakenne.app/skills/iso42001-incident-response/index.md)
Draft AI incident response procedure and documentation for ISO/IEC 42001:2023.
Tags: ISO 42001, Incident Response, Compliance, AI

### [ISO 42001 Internal Audit](https://rakenne.app/skills/iso42001-internal-audit/index.md)
Draft internal audit procedure and audit report structure for the AIMS under ISO/IEC 42001:2023.
Tags: ISO 42001, Internal Audit, Compliance, AI

### [ISO 42001 Management Review](https://rakenne.app/skills/iso42001-management-review/index.md)
Draft management review procedure and minutes structure for the AIMS under ISO/IEC 42001:2023.
Tags: ISO 42001, Management Review, Governance, AI

### [ISO 42001 Model Development](https://rakenne.app/skills/iso42001-model-development/index.md)
Draft model development documentation for ISO/IEC 42001:2023 (architecture, training, testing, limitations).
Tags: ISO 42001, Model Development, Documentation, AI

### [ISO 42001 Monitoring & Performance](https://rakenne.app/skills/iso42001-monitoring-performance/index.md)
Draft monitoring and performance evaluation procedures and records for ISO/IEC 42001:2023.
Tags: ISO 42001, Monitoring, Performance, Drift, AI

### [ISO 42001 Nonconformity & Corrective Action](https://rakenne.app/skills/iso42001-nonconformity-corrective-action/index.md)
Draft nonconformity and corrective action procedure and records for the AIMS under ISO/IEC 42001:2023.
Tags: ISO 42001, Nonconformity, Corrective Action, Compliance, AI

### [ISO 42001 Roles, Responsibilities & Competence](https://rakenne.app/skills/iso42001-roles-responsibilities-competence/index.md)
Draft roles, responsibilities, and competence documentation for ISO/IEC 42001:2023 AIMS.
Tags: ISO 42001, Roles, Competence, Governance, AI

### [ISO 42001 Statement of Applicability](https://rakenne.app/skills/iso42001-statement-of-applicability/index.md)
Build and validate the SoA for ISO/IEC 42001:2023 Annex A with justification and implementation evidence.
Tags: ISO 42001, SoA, Annex A, Compliance, AI

### [ISO 42001 Supplier & Third-Party AI](https://rakenne.app/skills/iso42001-supplier-third-party/index.md)
Draft supplier and third-party AI evaluation, contracts, and documentation for ISO/IEC 42001:2023.
Tags: ISO 42001, Supplier, Third-Party, Compliance, AI

### [ISO 42001 Training & Competency](https://rakenne.app/skills/iso42001-training-competency/index.md)
Draft training and competency requirements and record structure for the AIMS under ISO/IEC 42001:2023.
Tags: ISO 42001, Training, Competency, Governance, AI

### [ISO 45001 Gap Assessment](https://rakenne.app/skills/ohsms-gap-assessment/index.md)
Perform a structured gap assessment against ISO 45001:2018 clauses 4-10. Scans for missing OHSMS documentation, rates clause maturity on a 0-5 scale, and produces a prioritized remediation roadmap for certification readiness.
Tags: ISO 45001, OHSMS, Gap Assessment, Compliance, Audit

### [ISO 45001 Incident Investigation & Corrective Action](https://rakenne.app/skills/ohsms-incident-investigation/index.md)
Guide incident investigation, root cause analysis, corrective action management, and continual improvement per ISO 45001:2018 Clauses 10.1, 10.2, and 10.3. Validates investigation methodology, CAPA completeness, hazard feedback loop, and legal reporting alignment.
Tags: ISO 45001, OHSMS, Incident Investigation, Corrective Action, Improvement

### [ISO 45001 Monitoring & Measurement](https://rakenne.app/skills/ohsms-monitoring-measurement/index.md)
Define OH&S performance monitoring program with leading and lagging indicators, compliance evaluation procedure, and KPI reporting per ISO 45001:2018 Clause 9.1. Validates indicator balance, measurement completeness, and legal compliance evaluation.
Tags: ISO 45001, OHSMS, Monitoring, Measurement, KPI

### [ISO 45001 OHSMS Annual Maintenance & Surveillance Audit Prep](https://rakenne.app/skills/ohsms-annual-maintenance/index.md)
Prepare for annual ISO 45001 surveillance audits by reviewing and updating existing OHSMS documents. Scans documents for freshness, assesses organizational changes for OH&S impact, reconciles CAPAs from prior audits and incident investigations, scores audit readiness across 8 dimensions, and produces a year-over-year OHSMS health report. Designed for certified organizations maintaining their OHSMS between recertification cycles.
Tags: ISO 45001, OHSMS, Surveillance Audit, Maintenance, Annual Review

### [ISO 45001 Operational Controls](https://rakenne.app/skills/ohsms-operational-control/index.md)
Document operational controls mapped to hazards, management of change (MOC) procedure, and contractor/procurement OH&S management per ISO 45001:2018 Clauses 8.1.1, 8.1.3, and 8.1.4. Validates hazard linkage, MOC completeness, contractor lifecycle, and procurement OH&S criteria.
Tags: ISO 45001, OHSMS, Operational Control, Change Management, Contractors

### [ISO 45001 Organization Profile](https://rakenne.app/skills/ohsms-organization-profile/index.md)
Build and validate a shared organization profile for ISO 45001:2018 certification. Captures industry sector, worker demographics, locations, OH&S history, regulatory environment, and contractor relationships that feed into hazard identification, risk assessment, and policy generation.
Tags: ISO 45001, OHSMS, Occupational Health and Safety, Compliance, Organization

### [IT Disaster Recovery Plan (ITDRP)](https://rakenne.app/skills/it-disaster-recovery-plan/index.md)
Draft IT Disaster Recovery Plans with validated technical runbooks for system restoration, following ISO 27031. Sequences recovery steps respecting system dependencies, validates failover logic to prevent dependency deadlocks, and audits the emergency contact matrix for expired vendor contracts and stale contact data.
Tags: Disaster Recovery, Business Continuity, ISO 27031, Infrastructure

### [IT Investment Rationalizer (COBIT APO05)](https://rakenne.app/skills/it-investment-rationalizer/index.md)
Draft ROI and NPV narratives for IT investments and value-based business cases. Ensures Benefits Realization Plan includes measurable KPIs. Includes benefit realization check.
Tags: COBIT, APO05, Investment, Business Case, ROI, Benefits Realization

### [IT-Security for Critical Infrastructure (KRITIS)](https://rakenne.app/skills/kritis-it-security/index.md)
Erstellt Sicherheitskonzepte fuer Betreiber Kritischer Infrastrukturen (KRITIS) gemaess BSI IT-Grundschutz und IT-Sicherheitsgesetz 2.0. Mappt Assets auf Grundschutz-Bausteine, prueft KRITIS-Schwellenwerte und validiert die Compliance.
Tags: IT-Sicherheitsgesetz 2.0, BSI, KRITIS, IT-Grundschutz, Cybersecurity, Germany, Infrastructure

### [ITAR/EAR Export Compliance Program Manual](https://rakenne.app/skills/itar-ear-compliance/index.md)
Draft company-specific export compliance program manuals under ITAR and EAR. Covers organizational structure, product classification, license determination, screening procedures, Technology Control Plans, training, recordkeeping, and audit procedures for defense contractors and technology companies.
Tags: Export Compliance, ITAR, EAR, Defense, Compliance Program, US Regulation, Sanctions, OFAC, Deemed Export, Technology Control Plan

### [ITIL 4 Architecture Management](https://rakenne.app/skills/itil4-architecture-management/index.md)
Draft and maintain ITIL 4 Architecture Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Architecture Management

### [ITIL 4 Availability Management](https://rakenne.app/skills/itil4-availability-management/index.md)
Draft and maintain ITIL 4 Availability Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Availability Management

### [ITIL 4 Business Analysis](https://rakenne.app/skills/itil4-business-analysis/index.md)
Draft and maintain ITIL 4 Business Analysis practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Business Analysis

### [ITIL 4 Capacity And Performance Management](https://rakenne.app/skills/itil4-capacity-and-performance-management/index.md)
Draft and maintain ITIL 4 Capacity And Performance Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Capacity And Performance Management

### [ITIL 4 Change Enablement](https://rakenne.app/skills/itil4-change-enablement/index.md)
Draft and maintain ITIL 4 Change Enablement practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Change Enablement

### [ITIL 4 Continual Improvement](https://rakenne.app/skills/itil4-continual-improvement/index.md)
Draft and maintain ITIL 4 Continual Improvement practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Continual Improvement

### [ITIL 4 Deployment Management](https://rakenne.app/skills/itil4-deployment-management/index.md)
Draft and maintain ITIL 4 Deployment Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Deployment Management

### [ITIL 4 Incident Management](https://rakenne.app/skills/itil4-incident-management/index.md)
Draft and maintain ITIL 4 Incident Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Incident Management

### [ITIL 4 Information Security Management](https://rakenne.app/skills/itil4-information-security-management/index.md)
Draft and maintain ITIL 4 Information Security Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Information Security Management

### [ITIL 4 Infrastructure And Platform Management](https://rakenne.app/skills/itil4-infrastructure-and-platform-management/index.md)
Draft and maintain ITIL 4 Infrastructure And Platform Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Infrastructure And Platform Management

### [ITIL 4 It Asset Management](https://rakenne.app/skills/itil4-it-asset-management/index.md)
Draft and maintain ITIL 4 It Asset Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, It Asset Management

### [ITIL 4 Knowledge Management](https://rakenne.app/skills/itil4-knowledge-management/index.md)
Draft and maintain ITIL 4 Knowledge Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Knowledge Management

### [ITIL 4 Measurement And Reporting](https://rakenne.app/skills/itil4-measurement-and-reporting/index.md)
Draft and maintain ITIL 4 Measurement And Reporting practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Measurement And Reporting

### [ITIL 4 Monitoring And Event Management](https://rakenne.app/skills/itil4-monitoring-and-event-management/index.md)
Draft and maintain ITIL 4 Monitoring And Event Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Monitoring And Event Management

### [ITIL 4 Organizational Change Management](https://rakenne.app/skills/itil4-organizational-change-management/index.md)
Draft and maintain ITIL 4 Organizational Change Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Organizational Change Management

### [ITIL 4 Portfolio Management](https://rakenne.app/skills/itil4-portfolio-management/index.md)
Draft and maintain ITIL 4 Portfolio Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Portfolio Management

### [ITIL 4 Problem Management](https://rakenne.app/skills/itil4-problem-management/index.md)
Draft and maintain ITIL 4 Problem Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Problem Management

### [ITIL 4 Project Management](https://rakenne.app/skills/itil4-project-management/index.md)
Draft and maintain ITIL 4 Project Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Project Management

### [ITIL 4 Relationship Management](https://rakenne.app/skills/itil4-relationship-management/index.md)
Draft and maintain ITIL 4 Relationship Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Relationship Management

### [ITIL 4 Release Management](https://rakenne.app/skills/itil4-release-management/index.md)
Draft and maintain ITIL 4 Release Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Release Management

### [ITIL 4 Risk Management](https://rakenne.app/skills/itil4-risk-management/index.md)
Draft and maintain ITIL 4 Risk Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Risk Management

### [ITIL 4 Service Catalogue Management](https://rakenne.app/skills/itil4-service-catalogue-management/index.md)
Draft and maintain ITIL 4 Service Catalogue Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Service Catalogue Management

### [ITIL 4 Service Configuration Management](https://rakenne.app/skills/itil4-service-configuration-management/index.md)
Draft and maintain ITIL 4 Service Configuration Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Service Configuration Management

### [ITIL 4 Service Continuity Management](https://rakenne.app/skills/itil4-service-continuity-management/index.md)
Draft and maintain ITIL 4 Service Continuity Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Service Continuity Management

### [ITIL 4 Service Design](https://rakenne.app/skills/itil4-service-design/index.md)
Draft and maintain ITIL 4 Service Design practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Service Design

### [ITIL 4 Service Desk](https://rakenne.app/skills/itil4-service-desk/index.md)
Draft and maintain ITIL 4 Service Desk practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Service Desk

### [ITIL 4 Service Financial Management](https://rakenne.app/skills/itil4-service-financial-management/index.md)
Draft and maintain ITIL 4 Service Financial Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Service Financial Management

### [ITIL 4 Service Level Management](https://rakenne.app/skills/itil4-service-level-management/index.md)
Draft and maintain ITIL 4 Service Level Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Service Level Management

### [ITIL 4 Service Request Management](https://rakenne.app/skills/itil4-service-request-management/index.md)
Draft and maintain ITIL 4 Service Request Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Service Request Management

### [ITIL 4 Service Validation And Testing](https://rakenne.app/skills/itil4-service-validation-and-testing/index.md)
Draft and maintain ITIL 4 Service Validation And Testing practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Service Validation And Testing

### [ITIL 4 Software Development And Management](https://rakenne.app/skills/itil4-software-development-and-management/index.md)
Draft and maintain ITIL 4 Software Development And Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Software Development And Management

### [ITIL 4 Strategy Management](https://rakenne.app/skills/itil4-strategy-management/index.md)
Draft and maintain ITIL 4 Strategy Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Strategy Management

### [ITIL 4 Supplier Management](https://rakenne.app/skills/itil4-supplier-management/index.md)
Draft and maintain ITIL 4 Supplier Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Supplier Management

### [ITIL 4 Workforce And Talent Management](https://rakenne.app/skills/itil4-workforce-and-talent-management/index.md)
Draft and maintain ITIL 4 Workforce And Talent Management practice documentation and artifacts aligned to the Service Value System.
Tags: ITIL 4, Service Management, Workforce And Talent Management

### [ITU Recommendation Conformity Author](https://rakenne.app/skills/itu-recommendation-conformity-author/index.md)
Guided elaboration of implementation or compliance documentation for a selected ITU-T (or ITU-R) recommendation — scope, normative references, implementation statement, and conformance checklist.
Tags: ITU, Telecommunications, Conformity, Compliance

### [Japan APPI — Privacy Impact Assessment](https://rakenne.app/skills/jp-appi-privacy-impact-assessment/index.md)
Draft and validate a Privacy Impact Assessment for processing under Japan's Act on the Protection of Personal Information (APPI, amended 2022). Covers data categorisation, cross-border transfer assessment, and PPC guidelines compliance.
Tags: Japan, APPI, Privacy, PIA, Data protection

### [JIT PAM Zero Trust (NIST 800-207)](https://rakenne.app/skills/jit-pam-zero-trust/index.md)
Document and audit Just-in-Time privileged access management aligned to Zero Trust and NIST SP 800-207. Defines no-standing-privilege, time-bound elevation, and MFA for privileged sessions.
Tags: NIST 800-207, Zero Trust, JIT PAM, Privileged Access, Compliance, GRC, Identity and Access

### [King IV and POPIA Narrative](https://rakenne.app/skills/king-iv-popia-narrative/index.md)
Draft the POPIA–King IV governance narrative linking data protection compliance to King IV Principles 12 and 13 for South African organisations.
Tags: King IV, South Africa, POPIA, Governance, Data Protection

### [King IV Apply and Explain](https://rakenne.app/skills/king-iv-apply-and-explain/index.md)
Draft or validate the King IV 'apply and explain' governance disclosure (all 16 principles) for South Africa.
Tags: King IV, South Africa, Governance, Compliance, Disclosure

### [King IV Code of Conduct](https://rakenne.app/skills/king-iv-code-of-conduct/index.md)
Draft or update a code of conduct aligned with King IV Principle 2 (ethics, ethical culture) for South African organisations.
Tags: King IV, South Africa, Ethics, Governance, Code of Conduct

### [King IV Corporate Citizenship](https://rakenne.app/skills/king-iv-corporate-citizenship/index.md)
Draft or update corporate citizenship (ESG) policy or disclosure aligned with King IV Principle 3 for South African organisations.
Tags: King IV, South Africa, Governance, ESG, Corporate Citizenship

### [King IV Ethics Framework](https://rakenne.app/skills/king-iv-ethics-framework/index.md)
Draft or update an ethics framework aligned with King IV Principle 2 (governance of ethics) for South African organisations.
Tags: King IV, South Africa, Ethics, Governance

### [King IV Governance Charter](https://rakenne.app/skills/king-iv-governance-charter/index.md)
Draft or update board and committee charters aligned with King IV Principles 6–10 for South African organisations.
Tags: King IV, South Africa, Governance, Board, Charter

### [King IV Integrated Report — Governance](https://rakenne.app/skills/king-iv-integrated-report-governance/index.md)
Draft the governance section of an integrated report or standalone governance report aligned with King IV Principles 4 and 5.
Tags: King IV, South Africa, Governance, Integrated Reporting

### [King IV Remuneration](https://rakenne.app/skills/king-iv-remuneration/index.md)
Draft or update remuneration policy or report aligned with King IV Principle 14 for South African organisations.
Tags: King IV, South Africa, Governance, Remuneration

### [King IV Risk Governance](https://rakenne.app/skills/king-iv-risk-governance/index.md)
Draft or update risk governance framework, policy or disclosure aligned with King IV Principle 11 for South African organisations.
Tags: King IV, South Africa, Governance, Risk

### [LAC — Licenciamento Ambiental Simplificado](https://rakenne.app/skills/env-licensing-lac/index.md)
Apoia a elaboracao e revisao de requerimentos de LAC (Licenca por Adesao e Compromisso) para licenciamento ambiental no Brasil, com foco em CONAMA e orgaos estaduais de meio ambiente. Inclui enquadramento de atividades, template de requerimento, checklist de conformidade e validacao automatica.
Tags: Environment, Licensing, CONAMA, LAC, Brazil, Compliance, Regulated Sector

### [LAE — Licença Ambiental Especial (Obras Estratégicas)](https://rakenne.app/skills/lae-strategic-drafter/index.md)
Estruturação de Termos de Referência (TR) e Relatórios de Impacto Ambiental (EIA/RIMA) para Licença Ambiental Especial (Lei 15.300/2025), com foco em obras e empreendimentos estratégicos. Garante vínculo entre cronograma de instalação e condicionantes ambientais. Inclui template TR, checklist e validação de enquadramento para tramitação prioritária de 12 meses.
Tags: Environment, Licensing, Infrastructure, Energy, Brazil, IBAMA, MMA, Lei 15.300/2025, Compliance, Regulated Sector

### [Land Registry (PRAI) Transfers](https://rakenne.app/skills/prai-land-registry-transfers/index.md)
Draft Transfer Deeds and Assents for registration of title with the Property Registration Authority of Ireland. Includes validation of Folio Number and Map Reference for PRAI digital registration and checking of Consanguinity Relief and Young Trained Farmer stamp duty exemption citations.
Tags: Property Law, Ireland, PRAI, Land Registry, Stamp Duty, Conveyancing

### [Law 25 — Confidentiality Incident (Breach)](https://rakenne.app/skills/law25-breach/index.md)
Confidentiality incident notification and response under Quebec Law 25 and the CAI: risk of serious injury, notify CAI and individuals, register. Validation for required content and no personal data in CAI notification.
Tags: Quebec, Law 25, Bill 64, CAI, Breach, Confidentiality Incident, Canada

### [Law 25 — Governance Policy](https://rakenne.app/skills/law25-governance/index.md)
Draft the policy on practices governing the protection of personal information under Quebec Law 25. Covers complaints process, staff roles and responsibilities, retention and destruction rules, and review cycle.
Tags: Quebec, Law 25, Bill 64, Governance, Compliance, Canada

### [Law 25 — Privacy Impact Assessment](https://rakenne.app/skills/law25-pia/index.md)
Draft a PIA under Quebec Law 25 for communication of personal information outside Quebec (s. 17). Covers four factors (sensitivity, purposes, protection measures, legal framework), adequate protection conclusion, and written agreement considerations.
Tags: Quebec, Law 25, Bill 64, PIA, Cross-border, Canada

### [Law 25 — Privacy Officer Designation](https://rakenne.app/skills/law25-privacy-officer/index.md)
Draft the formal designation of the person in charge of the protection of personal information (Privacy Officer) under Quebec Law 25 (Bill 64). Board resolution or CEO/MD letter; validation for required elements.
Tags: Quebec, Law 25, Bill 64, Privacy Officer, Compliance, Canada

### [Law 25 — Privacy Policy](https://rakenne.app/skills/law25-privacy-policy/index.md)
Draft and update a public privacy policy in line with Quebec Law 25 (Bill 64). Covers purposes, rights, retention, complaints, and Privacy Officer contact. Includes validation for required elements.
Tags: Quebec, Law 25, Bill 64, Privacy Policy, Compliance, Canada

### [Lease abstract](https://rakenne.app/skills/lease-abstract/index.md)
Extract or draft a structured lease abstract from a lease (PDF/Word) or from user inputs. Covers parties, premises, term, rent, key covenants, options, break clauses, and guarantees. Validates required fields for completeness.
Tags: Real estate, Lease, Commercial, Abstract, Property

### [Lease LOI draft](https://rakenne.app/skills/lease-loi-draft/index.md)
Draft and validate lease Letters of Intent (parties, premises, term, rent, LOI expiry, non-binding disclaimer).
Tags: Real estate, Lease, LOI, Property

### [LEED Credit Documentation Author](https://rakenne.app/skills/leed-credit-documentation-author/index.md)
Guided elaboration of LEED credit documentation — credit intent, compliance path, calculations, and evidence checklist for submission.
Tags: LEED, Green Building, Sustainability, USGBC, Compliance

### [LkSG Supply Chain Due Diligence](https://rakenne.app/skills/lksg-due-diligence/index.md)
Erstellt Grundsatzerklaerungen (Policy Statements) und Jahresberichte gemaess dem Lieferkettensorgfaltspflichtengesetz (LkSG). Mappt Lieferantenaudits auf die 11 geschuetzten Rechtspositionen und validiert die BAFA-Berichtskonformitaet.
Tags: LkSG, Supply Chain, Due Diligence, BAFA, Compliance, Germany, Human Rights

### [M&A Due Diligence Issues Report](https://rakenne.app/skills/ma-due-diligence-report/index.md)
Draft a due diligence issues report (red flag report) for mergers and acquisitions, synthesizing findings from financial, legal, IP, HR, operational, environmental, tax, and data privacy workstreams into risk-ranked narratives with deal implications, financial exposure estimates, RWI insurability notes, and protective provisions.
Tags: Legal, M&A, Due Diligence, Corporate, Private Equity, RWI

### [Management Body ICT Risk Report (DORA)](https://rakenne.app/skills/dora-board-reporting/index.md)
Draft periodic ICT risk reports for the management body per DORA Art. 5, covering risk posture, incidents, resilience testing, third-party risk, compliance status, and budget allocation.
Tags: DORA, Board Reporting, ICT Risk, Governance, EU Regulation, Financial Services

### [MaRisk Risikomanagement-Handbuch](https://rakenne.app/skills/marisk-risk-elaborator/index.md)
Erstellt und prueft Risikomanagement-Handbuecher fuer Finanzinstitute in Deutschland gemaess MaRisk (BaFin). Unterstuetzt die vollstaendige Ausarbeitung aller MaRisk-Module (AT, BT, BTR), Konformitaetspruefungen und Identifikation von Dokumentationsluecken.
Tags: Finance, Regulatory, BaFin, MaRisk, Compliance, Germany, Risk Management

### [Market Research Reports](https://rakenne.app/skills/market-research-reports/index.md)
Generate comprehensive 50+ page market research reports in the style of top consulting firms. Includes LaTeX formatting, visual generation, multi-framework strategic analysis (Porter's Five Forces, PESTLE, SWOT, TAM/SAM/SOM, BCG Matrix), and data-driven recommendations.
Tags: Research, Strategy, Analysis

### [MAS TRM — Technology Risk Management Framework](https://rakenne.app/skills/sg-mas-trm-risk-framework/index.md)
Draft and validate the Technology Risk Management framework for MAS-regulated financial institutions. Covers governance, IT resilience, cyber security, data loss prevention, and technology audit per MAS TRM Guidelines (2021).
Tags: Singapore, MAS, Technology Risk, Financial Services, Compliance

### [Maturity Level Assessor (COBIT MEA01)](https://rakenne.app/skills/maturity-level-assessor/index.md)
Draft maturity score justification (0–5) for COBIT objectives. Supports the board dashboard narrative. Includes evidence sufficiency audit for Level 4 claims.
Tags: COBIT, MEA01, Maturity, CMMI, Performance, Audit

### [MD&A — Driver-Based Drafting (Item 303)](https://rakenne.app/skills/sec-mda/index.md)
Draft Management's Discussion and Analysis for 10-K or 10-Q with a driver-based structure: results of operations, liquidity and capital resources, known trends and uncertainties, and critical accounting estimates. Includes validation for required subsections, causation language, and non-GAAP reconciliation.
Tags: SEC, Securities, Regulatory, Form 10-K, Form 10-Q, MD&A, Reg S-K, Compliance

### [MDevSPICE Capability Profile](https://rakenne.app/skills/mdevspice-capability-profile/index.md)
Draft a capability profile or assessment pack for MDevSPICE; document target capability levels and evidence per process for assessors.
Tags: MDevSPICE, Medical device, IEC 62304, Capability, Assessment

### [MDevSPICE Process Area Documentation](https://rakenne.app/skills/mdevspice-process-area-documentation/index.md)
Document how each MDevSPICE process area is implemented; create evidence for MDevSPICE assessment and auditors.
Tags: MDevSPICE, Medical device, IEC 62304, Process area, Assessment

### [MDevSPICE Process Coverage](https://rakenne.app/skills/mdevspice-process-coverage/index.md)
Map organizational processes to the MDevSPICE process reference model and IEC 62304; document process coverage for assessment or audit.
Tags: MDevSPICE, Medical device, IEC 62304, Process coverage, Assessment

### [MDevSPICE Regulatory Readiness Narrative](https://rakenne.app/skills/mdevspice-regulatory-readiness-narrative/index.md)
Draft a regulatory readiness narrative for FDA (21 CFR 820), EU MDR, and IEC 62304; document evidence and alignment for audit or submission.
Tags: MDevSPICE, Medical device, IEC 62304, FDA, MDR, Regulatory

### [MDevSPICE Software Configuration Management Process](https://rakenne.app/skills/mdevspice-software-configuration-management/index.md)
Document and evidence the software configuration management process per IEC 62304 and MDevSPICE: identification, change control, build and release, configuration status accounting.
Tags: MDevSPICE, Medical device, IEC 62304, Configuration management, Release management

### [MDevSPICE Software Development Process](https://rakenne.app/skills/mdevspice-software-development/index.md)
Document and evidence the software development process per IEC 62304 and MDevSPICE: development plan, requirements, design, implementation, verification, integration and system testing, release.
Tags: MDevSPICE, Medical device, IEC 62304, Software development, Development plan

### [MDevSPICE Software Maintenance Process](https://rakenne.app/skills/mdevspice-software-maintenance/index.md)
Document and evidence the software maintenance process per IEC 62304 and MDevSPICE: maintenance plan, problem and modification analysis, implementation of changes, maintenance release, retirement.
Tags: MDevSPICE, Medical device, IEC 62304, Software maintenance, Change management

### [MDevSPICE Software Problem Resolution Process](https://rakenne.app/skills/mdevspice-software-problem-resolution/index.md)
Document and evidence the software problem resolution process per IEC 62304 and MDevSPICE: problem reporting, analysis, root cause, corrective action, and link to maintenance and CAPA.
Tags: MDevSPICE, Medical device, IEC 62304, Problem resolution, CAPA

### [MDevSPICE Software Risk Management Process](https://rakenne.app/skills/mdevspice-software-risk-management/index.md)
Document and evidence the software risk management process per IEC 62304 and MDevSPICE: risk management plan, risk analysis, risk control, risk review, production and post-production monitoring.
Tags: MDevSPICE, Medical device, IEC 62304, Risk management, ISO 14971

### [Medical Council Professional Ethics](https://rakenne.app/skills/medical-council-professional-ethics/index.md)
Draft Informed Consent and Clinical Indemnity policies for private clinics in Ireland, aligned with the Irish Medical Council Guide to Professional Conduct and Ethics. Validate policies with the Guide and check Open Disclosure protocols against the Patient Safety Act 2023.
Tags: Ireland, Healthcare, Medical Council, Ethics, Informed Consent, Clinical Indemnity, Patient Safety, Open Disclosure

### [Meeting Notes Structuring](https://rakenne.app/skills/meeting-notes/index.md)
Transform raw meeting transcripts into structured, actionable notes with summaries, decisions, and follow-up tasks.
Tags: Productivity, Meetings, Notes, Collaboration

### [Mémoire Technique — Marchés Publics (France)](https://rakenne.app/skills/memoire-technique-public-procurement/index.md)
Structural elaboration of the technical proposal for French public tenders. Aligns the mémoire technique with the RC (Règlement de la Consultation) critères de jugement and ensures the Clause Sociale et Environnementale (RSE) is detailed with measurable KPIs. Validation via check_rse_scoring.
Tags: France, Public Procurement, Code de la Commande Publique, RSE, Mémoire Technique, Regulatory

### [MFA Exception Rationalizer (CISA CPG 1.1)](https://rakenne.app/skills/mfa-exception-rationalizer/index.md)
Document the transition to phishing-resistant MFA and draft MFA-exception rationales for Critical Infrastructure. Identifies legacy systems that cannot support MFA, proposes compensating controls (e.g. jump hosts), and validates authentication hardware against the FIDO2 standard required by CPG 1.1.
Tags: Compliance, Security, Critical Infrastructure, CISA, MFA, FIDO2

### [Mining & Exploration — Reserve Estimate Validator](https://rakenne.app/skills/reserve-estimate-validator/index.md)
Guided elaboration and compliance validation of mineral resource and reserve technical reports under NI 43-101 (Canada) and JORC Code (Australia/South Africa), with QP/CP certificate checking and resource classification integrity verification.
Tags: Mining, Natural Resources, Compliance, NI 43-101, JORC Code, Canada, Australia, South Africa

### [MITRE ATT&CK Mapper](https://rakenne.app/skills/mitre-attack-mapper/index.md)
Document SIEM alert logic and map alerts to MITRE ATT&CK® techniques (DE.AE). Suggests Detection Logic (e.g. Sigma rules) for Process Injection, Credential Dumping, and related threats; validates Threshold and Suppression/Contextualization to reduce alert fatigue.
Tags: NIST CSF, DE.AE, SIEM, MITRE ATT&CK, Detection, Sigma

### [Mobile Device & Teleworking Policy (ISO 27001)](https://rakenne.app/skills/remote-work-risk-drafter/index.md)
Draft and validate a Mobile Device & Teleworking Policy for ISO 27001:2022 (A.5.17, A.6.7, A.8.1). Covers BYOD, VPN, disk encryption, remote wipe consent, endpoint leakage risk, and compliance with Right to Disconnect (France, Brazil, Ireland). Includes labor-law overlap check.
Tags: Compliance, Security, ISO 27001, ISMS, Remote work, BYOD

### [Modern Slavery Statements (AU)](https://rakenne.app/skills/modern-slavery-statement-au/index.md)
Annual drafting of Modern Slavery Statements for the Australian regime under the Modern Slavery Act 2018 (Cth). Covers the seven mandatory criteria (s16), approval by the principal governing body, and submission to the ABF Online Register. For entities with consolidated revenue ≥ A$100m.
Tags: Australia, Compliance, Supply chain, Modern Slavery Act 2018, Regulatory, Reporting

### [Monitoramento de Infecções (IRAS) e RAM](https://rakenne.app/skills/hospital-safety-reporter/index.md)
Padroniza relatórios mensais de infecção hospitalar e resistência microbiana para hospitais e clínicas, com foco em notificação de indicadores nacionais obrigatórios e detecção de discrepâncias estatísticas. Regulação: ANVISA, Notas Técnicas 02/2026 e 03/2026.
Tags: Healthcare, Patient Safety, ANVISA, Brazil, Compliance, Infection Control

### [Multi-Jurisdiction Data Processing Agreement (GDPR + CCPA + UK)](https://rakenne.app/skills/multi-jurisdiction-dpa/index.md)
Draft an integrated Data Processing Agreement covering EU GDPR Article 28, EU Standard Contractual Clauses (SCCs), UK IDTA or UK Addendum, and US state privacy laws (CCPA/CPRA, CPA, VCDPA). Includes jurisdiction checker, SCC module selection, and Transfer Impact Assessment.
Tags: Privacy, GDPR, CCPA, Data Protection, Legal, Cross-Border

### [Multi-State Employee Handbook](https://rakenne.app/skills/multi-state-employee-handbook/index.md)
Draft a multi-state employee handbook with jurisdiction-specific policy language for each state of operation, covering at-will employment, paid leave, anti-discrimination, wage and hour, and workplace safety requirements.
Tags: Employment, HR, Compliance, US Law, Handbook

### [Mutual NDA draft](https://rakenne.app/skills/nda-mutual-draft/index.md)
Draft and validate mutual NDAs with clear definitions, exclusions, term, and return/destruction. Ensures no one-sided obligations in a mutual NDA.
Tags: NDA, Confidentiality, Contracts, IP, Commercial

### [NASSCOM DEM Digital Talent](https://rakenne.app/skills/nasscom-dem-digital-talent/index.md)
Elaborate NASSCOM DEM capability evidence for the Digital Talent dimension: workforce %, reskilling, flexible work, talent sourcing.
Tags: NASSCOM, DEM, India, Digital Maturity, Talent, Workforce

### [NASSCOM DEM Self-Assessment Pack](https://rakenne.app/skills/nasscom-dem-self-assessment-pack/index.md)
Elaborate the NASSCOM DEM self-assessment pack: questionnaire, scoring guidance, and instructions to run a Digital Enterprise Maturity assessment by dimension and maturity phase.
Tags: NASSCOM, DEM, India, Digital Maturity, Self-Assessment

### [NASSCOM DEM Strategy and Investments](https://rakenne.app/skills/nasscom-dem-strategy-investments/index.md)
Elaborate NASSCOM DEM capability evidence for the Digital Strategy and Investments dimension: strategy, spend, governance, ESG alignment.
Tags: NASSCOM, DEM, India, Digital Maturity, Strategy, Investments

### [NASSCOM DEM Technology Adoption](https://rakenne.app/skills/nasscom-dem-technology-adoption/index.md)
Elaborate NASSCOM DEM capability evidence for the Technology Adoption dimension: cloud, cybersecurity, analytics, workflow digitalization, emerging tech.
Tags: NASSCOM, DEM, India, Digital Maturity, Technology, Cloud

### [Native Title & Cultural Heritage (CHMP)](https://rakenne.app/skills/chmp-cultural-heritage/index.md)
Draft and validate Cultural Heritage Management Plans for Australian land development under Aboriginal Heritage Act 2006 (VIC) and Aboriginal Cultural Heritage Act 2021 (WA). Covers engagement order, CHMP structure, and state-mandated Unexpected Finds Protocol. For property development and mining.
Tags: Australia, Cultural Heritage, Aboriginal Heritage, Victoria, Western Australia, Property Development, Mining, CHMP, Native Title

### [NDB Incident Drafter](https://rakenne.app/skills/ndb-incident-drafter/index.md)
Draft and validate the Statement to the Commissioner and Notification to Individuals under Australia's Notifiable Data Breaches (NDB) scheme. Ensures the four mandatory sections under Privacy Act s 26WK are present and supports assessment of likelihood of serious harm by data type (e.g. TFN, Medicare).
Tags: Australia, Privacy, OAIC, NDB, Compliance, Data Breach

### [NDIS Provider Quality Audit](https://rakenne.app/skills/ndis-provider-quality-audit/index.md)
Elaborate and validate the Provider Policy & Procedures manual for NDIS registration in Australia. Ensures the Reportable Incidents procedure includes the mandatory 24-hour notification to the NDIS Quality and Safeguards Commission and covers required incident types. Works alongside NDIS Practice Standardizer for Core Module alignment.
Tags: NDIS, Australia, Disability Services, Compliance, Quality and Safeguards Commission, Policy and Procedures

### [NEPA Environmental Assessment (US)](https://rakenne.app/skills/nepa-environmental-assessment/index.md)
Draft Environmental Assessments under the National Environmental Policy Act for federal actions. Covers purpose and need, alternatives analysis, affected environment, environmental consequences by resource category, mitigation measures, and FONSI determination.
Tags: Environmental, NEPA, Federal Compliance, Environmental Assessment, FONSI, US Regulation, Environmental Justice, Climate Change, Section 4(f), CEQ

### [NIS2 Business Continuity](https://rakenne.app/skills/nis2-business-continuity/index.md)
Document business continuity and crisis management measures per NIS2 Art. 21(2)(c). Covers backup management policies, disaster recovery procedures, crisis management activation and escalation, and ICT readiness for business continuity. Validates BCP completeness against NIS2 requirements and checks RTO/RPO target definitions.
Tags: NIS2, Business Continuity, Disaster Recovery, Crisis Management, BCP, GRC

### [NIS2 Entity Classification](https://rakenne.app/skills/nis2-entity-classification/index.md)
Classify an organization as essential, important, or out-of-scope under the NIS2 Directive (EU 2022/2555). Maps activities to Annex I/II sectors, applies size thresholds (medium/large enterprise criteria), and determines member state jurisdiction. Produces a classification report with regulatory obligations summary.
Tags: NIS2, EU Directive, Cybersecurity, Entity Classification, GRC, Compliance

### [NIS2 Gap Assessment](https://rakenne.app/skills/nis2-gap-assessment/index.md)
Perform a structured gap assessment against all NIS2 Directive Art. 21 cybersecurity risk-management measures. Rates maturity (0-5) per measure, detects missing compliance artifacts, and builds a prioritized remediation roadmap weighted by regulatory severity and entity classification. Produces a comprehensive gap report with interactive dashboard data.
Tags: NIS2, Gap Assessment, Compliance, Cybersecurity, GRC, Audit Readiness

### [NIS2 Governance & Risk Management](https://rakenne.app/skills/nis2-governance-risk/index.md)
Document management body accountability and cybersecurity risk management measures per NIS2 Directive Art. 20-21. Covers all 11 mandatory measures (a)-(k), governance approval workflows, and management training obligations. Produces a governance and risk management report with measure-by-measure coverage analysis.
Tags: NIS2, Governance, Risk Management, Cybersecurity, GRC, Compliance

### [NIS2 Incident Reporting](https://rakenne.app/skills/nis2-incident-reporting/index.md)
Draft NIS2-compliant incident reports following Art. 23 timelines: early warning within 24 hours, incident notification within 72 hours, and final report within one month. Classifies incident significance, validates report completeness, and tracks notification deadlines. Produces all three report types with CSIRT/competent authority notification content.
Tags: NIS2, Incident Reporting, Cybersecurity, CSIRT, GRC, Compliance

### [NIS2 Policies & Procedures](https://rakenne.app/skills/nis2-policies-procedures/index.md)
Draft and validate cybersecurity policies and procedures for all 11 NIS2 Art. 21(2) mandatory measures. Validates policy coverage, cross-references between related measures, and checks policy structure against organizational standards. Produces individual policy documents or a consolidated policy pack.
Tags: NIS2, Policies, Procedures, Cybersecurity, GRC, Documentation

### [NIS2 Registration & Reporting](https://rakenne.app/skills/nis2-registration-reporting/index.md)
Prepare entity registration submissions and annual reports per NIS2 Art. 27-28. Validates registration form completeness against required fields (entity details, sector, IP ranges, contact information) and checks annual report content. Produces registration-ready submissions and structured annual compliance reports.
Tags: NIS2, Registration, Reporting, CSIRT, GRC, Compliance

### [NIS2 Supply Chain Security](https://rakenne.app/skills/nis2-supply-chain-security/index.md)
Assess and manage supply chain cybersecurity risks per NIS2 Art. 21(2)(d). Scores supplier criticality and cybersecurity maturity, validates contractual security clauses, and identifies concentration risks in the ICT supply chain. Produces a supplier risk register and contractual review report.
Tags: NIS2, Supply Chain, Supplier Risk, Cybersecurity, GRC, Third Party Risk

### [NIST CSF Profile Author](https://rakenne.app/skills/nist-csf-profile-author/index.md)
Guided elaboration of a NIST Cybersecurity Framework (CSF) assessment: current profile (Identify, Protect, Detect, Respond, Recover, Govern), target profile, gap analysis, and prioritized implementation plan with outcomes and metrics.
Tags: NIST CSF, Cybersecurity, Risk Management, Compliance, USA

### [NIST Password Logic Adapter (CISA CPG 1.2)](https://rakenne.app/skills/nist-password-logic-adapter/index.md)
Rewrite legacy password policies to prioritize length and entropy over complexity and aging, and draft the Compromised Password Detection Protocol. Aligns with NIST SP 800-63B and CISA CPG 1.2; validates that procedures include a recurring check against leaked-credential APIs (e.g. Have I Been Pwned).
Tags: Compliance, Security, Critical Infrastructure, CISA, NIST, Password, Identity

### [NIST SP 800-53 / CSF Crosswalk](https://rakenne.app/skills/nist-800-53-csf-crosswalk/index.md)
Bidirectional crosswalk between NIST Cybersecurity Framework (CSF) 2.0 subcategories and SP 800-53 Rev 5 controls. Maps CSF subcategories to 800-53 controls and vice versa, identifies gaps in either direction, and produces a crosswalk document for dual-framework compliance.
Tags: NIST, NIST 800-53, NIST CSF, Cybersecurity, Compliance, GRC, USA

### [NIST SP 800-53 Baseline Selector](https://rakenne.app/skills/nist-800-53-baseline-selector/index.md)
Select and tailor an SP 800-53 Rev 5 control baseline based on FIPS 199 categorization and regulatory overlays (HIPAA, PCI-DSS, GDPR, SOX, FedRAMP, CMMC). Applies the appropriate Low/Moderate/High baseline, adds regulation-specific controls, and supports tailoring with documented justification. Produces tailored-control-catalog.json for all downstream skills.
Tags: NIST, NIST 800-53, Compliance, GRC, Baseline, USA

### [NIST SP 800-53 Control Standard Author](https://rakenne.app/skills/nist-800-53-control-standard-author/index.md)
Author implementation standards for individual NIST SP 800-53 controls. Each standard documents the control objective, implementation narrative, technology and tools, responsible roles, evidence requirements, and review frequency. Validates narrative coverage and quality across control families.
Tags: NIST, NIST 800-53, Compliance, GRC, Controls, USA

### [NIST SP 800-53 Family Policy Author](https://rakenne.app/skills/nist-800-53-family-policy-author/index.md)
Author NIST SP 800-53 family-level policies (the -1 controls) for each control family. Produces structured policy documents with Purpose, Scope, Applicability, Policy Statements, Roles & Responsibilities, Compliance & Enforcement, Review Frequency, and Related Documents sections. Validates completeness and structure.
Tags: NIST, NIST 800-53, Compliance, GRC, Policy, USA

### [NIST SP 800-53 Gap Analysis](https://rakenne.app/skills/nist-800-53-gap-analysis/index.md)
Conduct a gap analysis across the NIST SP 800-53 compliance program. Cross-references tailored control catalog against policies, standards, and mappings to identify coverage gaps. Prioritizes remediation by baseline level, regulatory requirement, and family criticality. Produces a gap analysis report with per-family breakdown and phased remediation roadmap.
Tags: NIST, NIST 800-53, Compliance, GRC, Gap Analysis, USA

### [NIST SP 800-53 Organization Profile](https://rakenne.app/skills/nist-800-53-organization-profile/index.md)
Build and validate the organizational context profile for NIST SP 800-53 Rev 5 compliance. Captures FIPS 199 security categorization (Confidentiality, Integrity, Availability impact levels), applicable regulations (HIPAA, PCI-DSS, GDPR, SOX, FedRAMP, FISMA, CMMC), existing frameworks, and authorization boundary. Validates completeness of categorization and scope for downstream baseline selection and control implementation.
Tags: NIST, NIST 800-53, FIPS 199, Compliance, GRC, USA

### [NIST SP 800-53 Policy-Control Mapper](https://rakenne.app/skills/nist-800-53-policy-control-mapper/index.md)
Map existing policy and standard documents to NIST SP 800-53 controls with AI-assisted quality scoring. Rates each mapping as High/Medium/Low confidence with documented justification. Identifies unmapped controls and low-quality mappings for remediation. Produces policy-control-mapping.json for gap analysis.
Tags: NIST, NIST 800-53, Compliance, GRC, Mapping, USA

### [Nordic AML/CFT — Enterprise-Wide Risk Assessment](https://rakenne.app/skills/nordic-aml-cft-risk-assessment/index.md)
Draft and validate the enterprise-wide AML/CFT risk assessment for Nordic supervisors. Covers inherent risk, control effectiveness, residual risk, and risk appetite per Joint ESA Guidelines and AMLD6.
Tags: AML, CFT, Nordic, Financial Services, Compliance

### [Nuclear Preliminary Safety Analysis Report (PSAR)](https://rakenne.app/skills/nrc-psar-safety-analysis/index.md)
Draft and validate key chapters of the Preliminary Safety Analysis Report for nuclear facility licensing. Follows NUREG-0800 (Standard Review Plan) structure and IAEA GSR Part 4. Covers site characteristics, design criteria, safety analysis, and quality assurance.
Tags: Nuclear, NRC, PSAR, Safety, NUREG-0800, 10 CFR 50, IAEA, United States

### [OGCIO Data Maturity Assessment Plan](https://rakenne.app/skills/ogcio-data-maturity-assessment-plan/index.md)
Write an assessment plan for an Ireland OGCIO Data Maturity self-assessment: scope, stakeholders, timeline, and approach aligned to the OGCIO step-by-step guide and DAMA-DMBoK.
Tags: OGCIO, Data Maturity, Ireland, Public Sector, Assessment, Planning

### [OGCIO Data Maturity Findings and Report](https://rakenne.app/skills/ogcio-data-maturity-findings-report/index.md)
Document findings and produce a report for an Ireland OGCIO Data Maturity assessment: evidence, maturity levels, gap analysis, and recommendations aligned to the OGCIO framework and DAMA-DMBoK.
Tags: OGCIO, Data Maturity, Ireland, Public Sector, Reporting, Findings

### [OH&S Competence & Awareness (ISO 45001 Clauses 7.1–7.5)](https://rakenne.app/skills/ohsms-competence-awareness/index.md)
Build the competence matrix, training plan, awareness program, communication procedure, and document control approach for ISO 45001:2018. Maps OH&S competencies to roles based on hazard exposure, creates structured training plans with effectiveness evaluation, defines internal and external communication procedures, and addresses worker awareness requirements.
Tags: ISO 45001, OHSMS, Training, Competence, Communication

### [OH&S Policy & Leadership (ISO 45001 Clauses 5.1–5.3)](https://rakenne.app/skills/ohsms-policy-leadership/index.md)
Draft and validate the OH&S policy, leadership commitment statement, and roles & responsibilities matrix per ISO 45001:2018. Validates the policy for all six mandatory commitments (prevention of injury, safe working conditions, hazard elimination, continual improvement, worker consultation, legal compliance) and checks role definitions from top management to worker level.
Tags: ISO 45001, OHSMS, Policy, Leadership, Compliance

### [OHSMS Hazard & Legal Author](https://rakenne.app/skills/ohsms-hazard-legal-author/index.md)
Guided elaboration of OH&S management system documentation for ISO 45001: context, hazard identification and risk assessment (6.1.2), hierarchy of controls (8.1.2), legal and other requirements register (6.1.3), planning action (6.1.4), consultation and participation (5.4), and OH&S objectives (6.2). Verifies hazard–legal linkage, hierarchy of controls documentation, planning action completeness, and flags missing review dates or compliance status.
Tags: Occupational Health and Safety, ISO 45001, OHSMS, Compliance, Hazard

### [OHSMS Internal Audit (Clause 9.2)](https://rakenne.app/skills/ohsms-internal-audit/index.md)
Plan and execute ISO 45001 OHSMS internal audits: create audit plans with sampling strategies, draft structured audit reports with findings mapped to clauses, validate finding completeness (severity, evidence, clause, corrective action), and verify auditor impartiality.
Tags: ISO 45001, OHSMS, Internal Audit, Compliance, Assessment

### [OHSMS Management Review (Clause 9.3)](https://rakenne.app/skills/ohsms-management-review/index.md)
Prepare, validate, and document the ISO 45001 management review per Clause 9.3. Compile input pack from OHSMS artifacts, validate coverage of all mandatory inputs (9.3.2) and outputs (9.3.3) including OH&S performance, incidents, audit results, worker consultation, and legal compliance. Draft management review minutes with decisions and actions, and verify action completeness.
Tags: ISO 45001, OHSMS, Management Review, Leadership, Compliance

### [OSFI B-10 — Third-Party Contracting](https://rakenne.app/skills/osfi-b10-third-party-contracting/index.md)
Draft standards for third-party written agreements (data security, audit rights, BCP) under OSFI B-10, including Annex 2 for high-risk/critical arrangements.
Tags: Canada, OSFI, B-10, Third-party risk, Contracting, FRFI

### [OSFI B-10 — Third-Party Exit and Contingency](https://rakenne.app/skills/osfi-b10-third-party-exit-contingency/index.md)
Draft exit and contingency plans for third-party arrangements under OSFI B-10 (triggers, playbooks, review).
Tags: Canada, OSFI, B-10, Third-party risk, Business continuity, FRFI

### [OSFI B-10 — Third-Party Monitoring](https://rakenne.app/skills/osfi-b10-third-party-monitoring/index.md)
Draft ongoing monitoring and incident management for third-party arrangements under OSFI B-10 (metrics, escalation, OSFI incident reporting).
Tags: Canada, OSFI, B-10, Third-party risk, Monitoring, FRFI

### [OSFI B-10 — Third-Party Risk Assessment](https://rakenne.app/skills/osfi-b10-third-party-risk-assessment/index.md)
Draft risk identification, assessment, and due diligence for third-party arrangements under OSFI B-10 (criteria, concentration, subcontracting, Annex 1).
Tags: Canada, OSFI, B-10, Third-party risk, Risk assessment, FRFI

### [OSFI B-10 — Third-Party Risk Management Framework](https://rakenne.app/skills/osfi-b10-tprmf/index.md)
Draft the enterprise-wide TPRMF (governance, accountabilities, lifecycle, inventory) for federally regulated financial institutions under OSFI B-10.
Tags: Canada, OSFI, B-10, Third-party risk, Governance, FRFI

### [OSFI E-13 — RCM Framework](https://rakenne.app/skills/osfi-e13-rcm-framework/index.md)
Draft the enterprise-wide Regulatory Compliance Management (RCM) framework document for federally regulated financial institutions under OSFI Guideline E-13.
Tags: Canada, OSFI, E-13, RCM, Regulatory compliance, Governance, FRFI

### [OSFI E-13 — RCM Monitoring](https://rakenne.app/skills/osfi-e13-rcm-monitoring/index.md)
Draft independent RCM monitoring and testing procedures (CCO-led) and IA validation for federally regulated financial institutions under OSFI E-13.
Tags: Canada, OSFI, E-13, RCM, Regulatory compliance, FRFI

### [OSFI E-13 — RCM Procedures](https://rakenne.app/skills/osfi-e13-rcm-procedures/index.md)
Draft RCM procedures for identifying, risk-assessing, communicating, managing and mitigating regulatory compliance risk and day-to-day compliance under OSFI E-13.
Tags: Canada, OSFI, E-13, RCM, Regulatory compliance, FRFI

### [OSFI E-13 — RCM Reporting](https://rakenne.app/skills/osfi-e13-rcm-reporting/index.md)
Draft internal RCM reporting procedures and report templates (Senior Management, CCO, IA) for federally regulated financial institutions under OSFI E-13.
Tags: Canada, OSFI, E-13, RCM, Regulatory compliance, Governance, FRFI

### [OSFI E-13 — RCM Roles](https://rakenne.app/skills/osfi-e13-rcm-roles/index.md)
Draft documented RCM roles and mandates (CCO, Senior Management, Internal Audit) for federally regulated financial institutions under OSFI E-13.
Tags: Canada, OSFI, E-13, RCM, Regulatory compliance, Governance, FRFI

### [OSHA Written Safety & Health Program](https://rakenne.app/skills/us-osha-written-safety-program/index.md)
Draft and validate the written safety and health programme documentation required or recommended by OSHA (29 CFR 1910 / 1926). Covers IIPP, hazard communication (HazCom), lockout/tagout (LOTO), confined space, respiratory protection, and other programme-specific written plans.
Tags: OSHA, Safety, IIPP, HazCom, United States

### [OT Asset Integrity Register (CISA CPG 2.1)](https://rakenne.app/skills/ics-firmware-monitor/index.md)
Maintain and validate an OT Asset Integrity Register for CISA CPG 2.1: catalog ICS, PLCs, HMIs, and sensors with firmware versions and physical locations; link assets to CISA KEV and vendor advisories (Siemens, Rockwell, etc.); cross-reference inventory with network discovery to flag unauthorized devices.
Tags: Compliance, Security, Critical Infrastructure, CISA, OT, ICS, Asset management

### [P3M3 — PfM3 Alignment](https://rakenne.app/skills/p3m3-pfm3-alignment/index.md)
Elaborate alignment of portfolio management to the Portfolio Management Maturity Model (PfM3): how current practices map to PfM3's seven perspectives and five levels.
Tags: P3M3, PfM3, Portfolio, AXELOS, UK, Maturity

### [P3M3 — PgM3 Alignment](https://rakenne.app/skills/p3m3-pgm3-alignment/index.md)
Elaborate alignment of programme management to the Programme Management Maturity Model (PgM3): how current practices map to PgM3's seven perspectives and five levels.
Tags: P3M3, PgM3, Programme, AXELOS, UK, Maturity

### [P3M3 — PjM3 Alignment](https://rakenne.app/skills/p3m3-pjm3-alignment/index.md)
Elaborate alignment of project management to the Project Management Maturity Model (PjM3): how current practices map to PjM3's seven perspectives and five levels.
Tags: P3M3, PjM3, Project, AXELOS, UK, Maturity

### [P3M3 Maturity Justification](https://rakenne.app/skills/p3m3-maturity-justification/index.md)
Elaborate maturity justification per perspective: evidence and rationale for the claimed P3M3 maturity level for each of the seven perspectives (and optionally per PfM3/PgM3/PjM3), aligned to the five levels.
Tags: P3M3, AXELOS, Maturity, UK, Justification

### [P3M3 Self-Assessment Pack](https://rakenne.app/skills/p3m3-self-assessment-pack/index.md)
Elaborate the P3M3 self-assessment pack: questionnaire, scoring guidance, and instructions to run a P3M3 self-assessment by dimension and perspective.
Tags: P3M3, AXELOS, Maturity, UK, Self-Assessment

### [PAM Standard (PR.AA)](https://rakenne.app/skills/pam-standard/index.md)
Draft and validate a Privileged Access Management standard aligned to NIST CSF 2.0 PR.AA. Defines JIT, least privilege, SoD boundaries, and break-glass workflow; ensures MFA for 100% of privileged sessions.
Tags: NIST CSF 2.0, PAM, Identity and Access, GRC, Privileged Access, Compliance

### [PCI DSS Report on Compliance (ROC)](https://rakenne.app/skills/pci-dss-roc-author/index.md)
Author PCI DSS v4.0 ROC documentation for Level 1 QSA assessments: scope workpapers, requirement-by-requirement findings, Compensating Controls Worksheets (CCWs), Customized Approach Worksheets (CAWs), and the Attestation of Compliance (AOC).
Tags: PCI DSS, Payment Security, ROC, QSA, Compliance, Cybersecurity

### [PCI-DSS SAQ & Scope Author](https://rakenne.app/skills/pci-dss-saq-scope-author/index.md)
Guided elaboration of PCI-DSS scope documentation and SAQ support: cardholder data environment (CDE), network segmentation narrative, and control evidence mapping to SAQ requirements.
Tags: PCI DSS, Payment Security, SAQ, Compliance, Cybersecurity

### [PCMM Career Development](https://rakenne.app/skills/pcmm-career-development/index.md)
Draft and maintain People CMM Career Development (ML3) documentation: policy, procedures, and career path materials.
Tags: PCMM, People CMM, Workforce, ML3

### [PCMM Coaching](https://rakenne.app/skills/pcmm-coaching/index.md)
Draft and maintain People CMM Coaching (ML5) documentation: policy, procedures, and coaching program materials.
Tags: PCMM, People CMM, Workforce, ML5

### [PCMM Communication](https://rakenne.app/skills/pcmm-communication/index.md)
Draft and maintain People CMM Communication and Coordination (ML2) documentation: policy, procedures, and evidence for workforce communication and coordination.
Tags: PCMM, People CMM, Workforce, ML2

### [PCMM Compensation](https://rakenne.app/skills/pcmm-compensation/index.md)
Draft and maintain People CMM Compensation (ML2) documentation: policy, procedures, and evidence for compensation and benefits.
Tags: PCMM, People CMM, Workforce, ML2

### [PCMM Competency Development](https://rakenne.app/skills/pcmm-competency-development/index.md)
Draft and maintain People CMM Competency Development (ML3) documentation: policy, procedures, and development programs.
Tags: PCMM, People CMM, Workforce, ML3

### [PCMM Competency-Based Practices](https://rakenne.app/skills/pcmm-competency-based-practices/index.md)
Draft and maintain People CMM Competency-Based Practices (ML3) documentation: policy, procedures, and tailoring guidelines.
Tags: PCMM, People CMM, Workforce, ML3

### [PCMM Continuous Workforce Innovation](https://rakenne.app/skills/pcmm-continuous-workforce-innovation/index.md)
Draft and maintain People CMM Continuous Workforce Innovation (ML5) documentation: policy, procedures, and innovation materials.
Tags: PCMM, People CMM, Workforce, ML5

### [PCMM Knowledge and Skills Analysis](https://rakenne.app/skills/pcmm-knowledge-and-skills-analysis/index.md)
Draft and maintain People CMM Knowledge and Skills Analysis (ML3) documentation: policy, procedures, and competency descriptions.
Tags: PCMM, People CMM, Workforce, ML3

### [PCMM Mentoring](https://rakenne.app/skills/pcmm-mentoring/index.md)
Draft and maintain People CMM Mentoring (ML4) documentation: policy, procedures, and mentoring program materials.
Tags: PCMM, People CMM, Workforce, ML4

### [PCMM Organizational Competency Management](https://rakenne.app/skills/pcmm-organizational-competency-management/index.md)
Draft and maintain People CMM Organizational Competency Management (ML4) documentation: policy, procedures, and competency assets.
Tags: PCMM, People CMM, Workforce, ML4

### [PCMM Organizational Performance Alignment](https://rakenne.app/skills/pcmm-organizational-performance-alignment/index.md)
Draft and maintain People CMM Organizational Performance Alignment (ML4) documentation: policy, procedures, and alignment materials.
Tags: PCMM, People CMM, Workforce, ML4

### [PCMM Participatory Culture](https://rakenne.app/skills/pcmm-participatory-culture/index.md)
Draft and maintain People CMM Participatory Culture (ML3) documentation: policy, procedures, and participation mechanisms.
Tags: PCMM, People CMM, Workforce, ML3

### [PCMM Performance Management](https://rakenne.app/skills/pcmm-performance-management/index.md)
Draft and maintain People CMM Performance Management (ML2) documentation: policy, procedures, and evidence for objectives and feedback.
Tags: PCMM, People CMM, Workforce, ML2

### [PCMM Personal Competency Development](https://rakenne.app/skills/pcmm-personal-competency-development/index.md)
Draft and maintain People CMM Personal Competency Development (ML5) documentation: policy, procedures, and personal development support.
Tags: PCMM, People CMM, Workforce, ML5

### [PCMM Staffing](https://rakenne.app/skills/pcmm-staffing/index.md)
Draft and maintain People CMM Staffing (ML2) documentation: policy, procedures, and evidence for recruitment, selection, and workforce transitions.
Tags: PCMM, People CMM, Workforce, ML2

### [PCMM Team Building](https://rakenne.app/skills/pcmm-team-building/index.md)
Draft and maintain People CMM Team Building (ML4) documentation: policy, procedures, and team development materials.
Tags: PCMM, People CMM, Workforce, ML4

### [PCMM Team-Based Practices](https://rakenne.app/skills/pcmm-team-based-practices/index.md)
Draft and maintain People CMM Team-Based Practices (ML4) documentation: policy, procedures, and team practice materials.
Tags: PCMM, People CMM, Workforce, ML4

### [PCMM Training](https://rakenne.app/skills/pcmm-training/index.md)
Draft and maintain People CMM Training (ML2) documentation: policy, procedures, and evidence for training and development.
Tags: PCMM, People CMM, Workforce, ML2

### [PCMM Work Environment](https://rakenne.app/skills/pcmm-work-environment/index.md)
Draft and maintain People CMM Work Environment (ML2) documentation: policy, procedures, and evidence for productive work environment and well-being.
Tags: PCMM, People CMM, Workforce, ML2

### [PCMM Workforce Planning](https://rakenne.app/skills/pcmm-workforce-planning/index.md)
Draft and maintain People CMM Workforce Planning (ML3) documentation: policy, procedures, and workforce plans.
Tags: PCMM, People CMM, Workforce, ML3

### [PDPA — Data Protection Management Programme (Singapore)](https://rakenne.app/skills/sg-pdpa-data-protection-programme/index.md)
Draft and validate the Data Protection Management Programme (DPMP) required by Singapore's Personal Data Protection Act 2012. Covers governance, data inventory, DPIA, breach management plan, and DPO appointment per PDPC guidance.
Tags: Singapore, PDPA, Privacy, Data protection, DPMP

### [Periodic Benefit-Risk Evaluation Report (PBRER / ICH E2C(R2))](https://rakenne.app/skills/ich-pbrer-pharmacovigilance/index.md)
Draft and validate the Periodic Benefit-Risk Evaluation Report per ICH E2C(R2). Integrates cumulative safety and efficacy data for an authorised medicinal product, producing a benefit-risk evaluation for regulatory submission to EMA, FDA (PADER), and other authorities.
Tags: ICH, PBRER, Pharmacovigilance, E2C(R2), Benefit-Risk, Regulatory, EMA, Drug Safety

### [Pesquisa de Preços em Compras Públicas](https://rakenne.app/skills/bid-price-rationalizer/index.md)
Elaboração do Mapa de Preços e justificativa do valor estimado para licitações. Consolida cotações de fontes oficiais (Painel de Preços, fornecedores, atas de RP), identifica preços inexequíveis ou excessivos e calcula o valor estimado conforme IN SEGES/ME 65/2021.
Tags: Procurement, Licitação, IN SEGES/ME 65/2021, Lei 14.133, Brazil, Regulatory, Public Administration

### [Pharmacy QMS (ApBetrO)](https://rakenne.app/skills/apbetro-pharmacy-qms/index.md)
Pflege und Erstellung des Qualitaetsmanagementsystems (QMS) fuer oeffentliche Apotheken gemaess Apothekenbetriebsordnung (ApBetrO). Erstellt QMS-Handbuecher, Hygieneplaeane nach RKI-Richtlinien, Rezepturprotokolle nach DAB/Ph.Eur. und prueft die Compliance.
Tags: ApBetrO, Pharmacy, QMS, Healthcare, Compliance, Germany

### [Physical Security Perimeter (ISO 27001)](https://rakenne.app/skills/iso27001-physical-security-perimeter/index.md)
Define and document physical security perimeters and physical entry controls for ISO 27001:2022 Annex A 7.1 and 7.2. Structures the Defense in Depth narrative for offices, data centers, and secure areas: entry controls, visitor management, anti-tailgating, environmental protection, and off-site asset security (A.7.9). Validation tools check for anti-passback, visual badge identification, and off-site security steps.
Tags: ISO 27001, ISMS, Compliance, Physical Security, Defense in Depth, A.7.1, A.7.2, A.7.9

### [PIIA (SA) — Consultation Report](https://rakenne.app/skills/piia-sa-consultation-report/index.md)
Draft the consultation report for a POPIA PIIA: document views from stakeholders or data protection experts consulted on the impact assessment.
Tags: South Africa, POPIA, PIIA, DPIA, Consultation, Stakeholders

### [PIIA (SA) — Mitigation Measures](https://rakenne.app/skills/piia-sa-mitigation-measures/index.md)
Draft the mitigation measures for a POPIA PIIA: safeguards, security measures, and technical/organisational controls to address identified risks.
Tags: South Africa, POPIA, PIIA, DPIA, Mitigation, Security safeguards

### [PIIA (SA) — Necessity and Proportionality](https://rakenne.app/skills/piia-sa-necessity-proportionality/index.md)
Draft the necessity and proportionality assessment for a POPIA PIIA: document that processing is necessary and that no less-intrusive method exists.
Tags: South Africa, POPIA, PIIA, DPIA, Necessity, Proportionality

### [PIIA (SA) — Purpose of Processing](https://rakenne.app/skills/piia-sa-purpose-of-processing/index.md)
Draft the purpose of processing and lawful basis documentation for a POPIA PIIA, aligned with purpose specification and lawful processing.
Tags: South Africa, POPIA, PIIA, DPIA, Purpose specification, Lawful basis

### [PIIA (SA) — Risk Assessment](https://rakenne.app/skills/piia-sa-risk-assessment/index.md)
Draft the risk assessment for a POPIA PIIA: analyse risks to data subjects' rights and freedoms, including harm, discrimination, and financial loss.
Tags: South Africa, POPIA, PIIA, DPIA, Risk assessment, Data protection

### [PIIA (SA) — Sign-off](https://rakenne.app/skills/piia-sa-sign-off/index.md)
Draft the PIIA sign-off: final approval from the Information Officer or senior management acknowledging residual risk.
Tags: South Africa, POPIA, PIIA, DPIA, Sign-off, Information Officer

### [PIIA (SA) — Systematic Description of Processing](https://rakenne.app/skills/piia-sa-systematic-description-of-processing/index.md)
Draft the systematic description of processing for a POPIA PIIA: step-by-step description of how personal information is collected, used, stored, and deleted.
Tags: South Africa, POPIA, PIIA, DPIA, Data protection, Processing

### [PIPEDA Privacy Management Framework](https://rakenne.app/skills/ca-pipeda-privacy-management-framework/index.md)
Draft and validate the Privacy Management Framework documentation for compliance with Canada's PIPEDA and the ten CSA Model Code principles. Covers privacy governance, PIA, breach reporting, and cross-border transfer documentation.
Tags: Canada, PIPEDA, Privacy, CSA Model Code

### [Plano de Recuperação Judicial — RJ Payment Scheduler](https://rakenne.app/skills/rj_payment_scheduler/index.md)
Elabora proposta de pagamento a credores e laudo de viabilidade economica para recuperacao judicial. Estrutura classes de credores, carencias e cronogramas, com validacao de prazo maximo de 1 ano para creditos trabalhistas conforme Lei 11.101/2005 (Lei 14.112).
Tags: Legal, Restructuring, Judicial Recovery, Creditor Classes, Payment Schedule, Lei 11.101/2005

### [Planos de Manejo Florestal Sustentável (PMFS)](https://rakenne.app/skills/forest-yield-optimizer/index.md)
Documentação técnica para exploração de florestas nativas: ciclo de corte, intensidade por hectare e auditoria de espécies CITES/ameaçadas no inventário. Regulado por IN MMA 05/2006 e órgãos estaduais (IBAMA).
Tags: Environment, Forestry, Brazil, IBAMA, CITES, Regulatory, Timber, Pulp and paper

### [PMBOK Communications Management](https://rakenne.app/skills/pmbok-communications-management/index.md)
Draft Project Communications Management documents aligned with PMBOK. Covers communications management plans, communication requirements analyses, communication matrices, status report templates, technology assessments, and communication effectiveness reports.
Tags: Project Management, PMBOK, Communication, Reporting

### [PMBOK Cost Management](https://rakenne.app/skills/pmbok-cost-management/index.md)
Draft Project Cost Management documents aligned with PMBOK. Covers cost management plans, cost estimates with basis of estimates, project budgets, cost baselines, and Earned Value Management performance reports (CPI, CV, EAC, ETC, TCPI).
Tags: Project Management, PMBOK, Cost, EVM, Budget

### [PMBOK Integration Management](https://rakenne.app/skills/pmbok-integration-management/index.md)
Draft Project Integration Management documents aligned with PMBOK. Covers project charters, project management plans, integrated change control, lessons learned registers, benefits management plans, and project closure reports.
Tags: Project Management, PMBOK, Integration

### [PMBOK Procurement Management](https://rakenne.app/skills/pmbok-procurement-management/index.md)
Draft Project Procurement Management documents aligned with PMBOK. Covers procurement management plans, make-or-buy analyses, procurement SOWs, source selection criteria, bid evaluation matrices, contract type guidance (FFP, T&M, CPFF), RFP outlines, and procurement performance reports.
Tags: Project Management, PMBOK, Procurement, Contract, RFP

### [PMBOK Quality Management](https://rakenne.app/skills/pmbok-quality-management/index.md)
Draft Project Quality Management documents aligned with PMBOK. Covers quality management plans, quality metrics, checklists, test and inspection plans, quality audit reports, and improvement reports with Pareto, Ishikawa, control chart, and cost of quality analysis.
Tags: Project Management, PMBOK, Quality, QA, Testing

### [PMBOK Resource Management](https://rakenne.app/skills/pmbok-resource-management/index.md)
Draft Project Resource Management documents aligned with PMBOK. Covers resource management plans, team charters, RACI matrices, resource requirements, resource breakdown structures, resource calendars, team performance assessments, and resource optimization reports.
Tags: Project Management, PMBOK, Resources, Team, RACI

### [PMBOK Risk Management](https://rakenne.app/skills/pmbok-risk-management/index.md)
Draft Project Risk Management documents aligned with PMBOK. Covers risk management plans, risk registers, probability-impact matrices, risk breakdown structures, quantitative risk analysis (EMV, Monte Carlo, sensitivity), risk response plans, and risk monitoring reports.
Tags: Project Management, PMBOK, Risk, Risk Analysis

### [PMBOK Schedule Management](https://rakenne.app/skills/pmbok-schedule-management/index.md)
Draft Project Schedule Management documents aligned with PMBOK. Covers schedule management plans, activity lists, milestone charts, network logic, duration estimates (PERT), schedule baselines, and schedule performance reports with EVM metrics.
Tags: Project Management, PMBOK, Schedule, EVM

### [PMBOK Scope Management](https://rakenne.app/skills/pmbok-scope-management/index.md)
Draft Project Scope Management documents aligned with PMBOK. Covers scope management plans, requirements documentation, traceability matrices, project scope statements, WBS with dictionaries, and scope validation reports.
Tags: Project Management, PMBOK, Scope

### [PMBOK Stakeholder Management](https://rakenne.app/skills/pmbok-stakeholder-management/index.md)
Draft Project Stakeholder Management documents aligned with PMBOK. Covers stakeholder registers, power/interest grids, salience models, engagement assessment matrices, stakeholder engagement plans, and stakeholder monitoring reports.
Tags: Project Management, PMBOK, Stakeholder, Engagement

### [PMS — Plan de Maîtrise Sanitaire (France)](https://rakenne.app/skills/pms-plan-maitrise-sanitaire/index.md)
Elaborate the sanitation master plan (PMS) for restaurants and food production in France. Align with Paquet Hygiène, sector GBPH, and DDPP controls. Covers traceability (étiquettes de traçabilité) and retrait-rappel (recall) procedures.
Tags: Food Safety, France, PMS, Paquet Hygiène, GBPH, DDPP, Hospitality, Catering, Traceability, Recall, HACCP, Compliance

### [Política de Privacidade — LGPD](https://rakenne.app/skills/lgpd-privacy-policy/index.md)
Elaboração de políticas de privacidade em conformidade com a LGPD (Lei 13.709/2018) e orientações da ANPD. Cobre transparência (Art. 9), princípios (Art. 6º), direitos do titular (Art. 18), bases legais (Art. 7), retenção e canal do encarregado. Inclui validação de presença dos direitos do titular e do canal do encarregado.
Tags: LGPD, ANPD, Política de Privacidade, Compliance, Brasil, Privacidade, Transparência

### [POPIA Compliance Framework — Manual & PAIA Manual (South Africa)](https://rakenne.app/skills/za-popia-compliance-framework/index.md)
Draft and validate POPIA (Act 4 of 2013) compliance framework documentation and the mandatory PAIA Manual. Covers the eight conditions for lawful processing, PAIA manual, Information Officer registration, and breach notification.
Tags: South Africa, POPIA, PAIA, Privacy, Data protection

### [POPIA Information Officer Authorization](https://rakenne.app/skills/popia-information-officer-authorization/index.md)
Draft the formal authorization (board resolution or CEO/MD letter) designating the Information Officer and Deputy IOs for submission to the Information Regulator.
Tags: South Africa, POPIA, Information Officer, Compliance, Information Regulator, Board Resolution

### [POPIA Registration Form Part A — Information Officer](https://rakenne.app/skills/popia-registration-form-part-a/index.md)
Draft Part A of the POPIA Information Officer registration form with full name, designation, and contact details including direct email for the Information Regulator.
Tags: South Africa, POPIA, Information Officer, Compliance, Information Regulator

### [POPIA Registration Form Part B — Deputy Information Officers](https://rakenne.app/skills/popia-registration-form-part-b/index.md)
Draft Part B of the POPIA Information Officer registration form with contact details for each Deputy Information Officer (DIO) for the Information Regulator.
Tags: South Africa, POPIA, Information Officer, Deputy IO, Compliance, Information Regulator

### [POPIA Registration Form Part C — Organisation Details](https://rakenne.app/skills/popia-registration-form-part-c/index.md)
Draft Part C of the POPIA Information Officer registration form with registered company name, address, and registration number for the Information Regulator.
Tags: South Africa, POPIA, Information Officer, Compliance, Information Regulator, Company Registration

### [PPSPS — Plan Particulier de Sécurité et de Protection de la Santé (France)](https://rakenne.app/skills/ppsps-safety-plan/index.md)
Elaboration of the PPSPS for French construction sites under OPPBTP/CSPS. Ensures structure, secours, évacuation hospitalière, and site-specific emergency contacts. Validation via emergency_contact_sync. Document co-activité risks explicitly where applicable.
Tags: France, Construction, Health & Safety, PPSPS, OPPBTP, CSPS, Regulatory

### [PRD — AI/ML Product Manager](https://rakenne.app/skills/prd-ai-ml-pm/index.md)
Draft and validate PRDs for AI/ML products: model behaviour, evaluation, guardrails, ethics, data requirements.
Tags: Product Management, PRD, AI, ML

### [PRD — B2B / Enterprise PM](https://rakenne.app/skills/prd-b2b-enterprise-pm/index.md)
Draft and validate PRDs for B2B and enterprise: buyers vs users, compliance, security, rollout, adoption.
Tags: Product Management, PRD, B2B, Enterprise

### [PRD — Consumer Product Manager](https://rakenne.app/skills/prd-consumer-pm/index.md)
Draft and validate PRDs for consumer products: UX, engagement, discovery, retention, metrics.
Tags: Product Management, PRD, Consumer

### [PRD — Data Product Manager](https://rakenne.app/skills/prd-data-pm/index.md)
Draft and validate PRDs for data products: pipelines, analytics, governance, quality.
Tags: Product Management, PRD, Data

### [PRD — E-commerce Product Manager](https://rakenne.app/skills/prd-ecommerce-pm/index.md)
Draft and validate PRDs for e-commerce: catalog, cart/checkout, payments, inventory, merchandising, conversion.
Tags: Product Management, PRD, E-commerce

### [PRD — Fintech PM](https://rakenne.app/skills/prd-fintech-pm/index.md)
Draft and validate PRDs for fintech: payments, compliance, risk, auditability, regulatory scope.
Tags: Product Management, PRD, Fintech

### [PRD — Growth Product Manager](https://rakenne.app/skills/prd-growth-pm/index.md)
Draft and validate PRDs for growth: North Star, funnel, experiments, instrumentation, success metrics.
Tags: Product Management, PRD, Growth

### [PRD — Healthcare / Health Tech PM](https://rakenne.app/skills/prd-healthcare-pm/index.md)
Draft and validate PRDs for healthcare and health tech: clinical workflows, HIPAA/safety, consent, data handling.
Tags: Product Management, PRD, Healthcare

### [PRD — Mobile Product Manager](https://rakenne.app/skills/prd-mobile-pm/index.md)
Draft and validate PRDs for mobile products: native iOS/Android, app stores, performance, device matrix, offline, and push.
Tags: Product Management, PRD, Mobile

### [PRD — Platform / Internal PM](https://rakenne.app/skills/prd-platform-pm/index.md)
Draft and validate PRDs for platform and internal products: internal customers, APIs/SLAs, adoption, developer experience.
Tags: Product Management, PRD, Platform

### [PRD — Product Marketing PM](https://rakenne.app/skills/prd-product-marketing-pm/index.md)
Draft and validate PRDs for product marketing: positioning, GTM, messaging, launch, audience.
Tags: Product Management, PRD, Product Marketing

### [PRD — Product Ops PM](https://rakenne.app/skills/prd-product-ops-pm/index.md)
Draft and validate PRDs for product operations: process, tooling, rollout, feedback loops, standardization.
Tags: Product Management, PRD, Product Ops

### [PRD — SaaS Product Manager](https://rakenne.app/skills/prd-saas-pm/index.md)
Draft and validate Product Requirements Documents for SaaS products: subscription models, multi-tenant, trials, usage-based pricing, onboarding, and retention.
Tags: Product Management, PRD, SaaS

### [PRD — Technical Product Manager](https://rakenne.app/skills/prd-technical-pm/index.md)
Draft and validate PRDs for technical products: APIs, integrations, infra, NFRs, feasibility.
Tags: Product Management, PRD, Technical

### [PRINCE2 Closing a Project](https://rakenne.app/skills/prince2-closing/index.md)
Draft Closing a Project (CP) documents aligned with PRINCE2. Covers End Project Reports, final Lessons Reports, Benefits Review Plans, product handover documentation, and project closure recommendations.
Tags: Project Management, PRINCE2, Closure, Lessons Learned

### [PRINCE2 Controlling a Stage](https://rakenne.app/skills/prince2-controlling-stage/index.md)
Draft Controlling a Stage (CS) documents aligned with PRINCE2. Covers Work Packages, Highlight Reports, Issue Reports, Exception Reports, corrective action plans, and stage progress tracking.
Tags: Project Management, PRINCE2, Monitoring, Reporting

### [PRINCE2 Directing a Project](https://rakenne.app/skills/prince2-directing/index.md)
Draft Directing a Project (DP) documents aligned with PRINCE2. Covers Project Board authorization decisions, ad hoc direction, exception handling, stage gate approvals, and project closure authorization.
Tags: Project Management, PRINCE2, Governance, Decision Making

### [PRINCE2 Initiating a Project](https://rakenne.app/skills/prince2-initiating/index.md)
Draft Initiating a Project (IP) documents aligned with PRINCE2. Covers the Project Initiation Documentation (PID), Project Plan, detailed Business Case, Benefits Management Approach, and management approaches for risk, quality, communication, and change control.
Tags: Project Management, PRINCE2, Planning, Governance

### [PRINCE2 Managing a Stage Boundary](https://rakenne.app/skills/prince2-managing-stage-boundary/index.md)
Draft Managing a Stage Boundary (SB) documents aligned with PRINCE2. Covers End Stage Reports, next Stage Plans, updated Business Case, updated Project Plan, Exception Plans, and Lessons Reports.
Tags: Project Management, PRINCE2, Stage Gate, Reporting

### [PRINCE2 Managing Product Delivery](https://rakenne.app/skills/prince2-managing-delivery/index.md)
Draft Managing Product Delivery (MP) documents aligned with PRINCE2. Covers Team Plans, Product Descriptions, quality review records, Checkpoint Reports, and product handover documentation.
Tags: Project Management, PRINCE2, Delivery, Quality

### [PRINCE2 Starting up a Project](https://rakenne.app/skills/prince2-starting-up/index.md)
Draft Starting up a Project (SU) documents aligned with PRINCE2. Covers the Project Brief, Project Product Description, outline Business Case, project approach selection, team appointments, and initiation stage planning.
Tags: Project Management, PRINCE2, Project Initiation, Feasibility

### [Privacy & PII Protection Program](https://rakenne.app/skills/iso27001-privacy-pii-program/index.md)
Build a comprehensive privacy program aligned with ISO 27001:2022 A.5.34 and major privacy regulations (GDPR, LGPD, CCPA). Produces five core privacy documents: external-facing privacy policy, Record of Processing Activities (ROPA), Data Protection Impact Assessment (DPIA) template, data subject rights procedure, and data breach notification procedure with jurisdiction-specific regulatory timelines.
Tags: ISO 27001, A.5.34, ISMS, Privacy, PII, GDPR, LGPD, DPIA, ROPA, Compliance

### [Privilege Training Mapper (CISA CPG 4.3)](https://rakenne.app/skills/privilege-training-mapper/index.md)
Map privileged job functions to role-specific training modules and validate training compliance. Cross-reference Privileged User List with HR training log to flag missing or overdue certifications.
Tags: CISA, CPG, Critical Infrastructure, Training, Compliance, Privileged Access

### [Procedimentos de Notificação à ANPD — LGPD](https://rakenne.app/skills/lgpd-anpd-notificacoes/index.md)
Documentação e execução dos procedimentos de notificação à ANPD: comunicação de RIPD (Art. 38), incidente de segurança (Art. 48), consulta prévia e demais obrigações. Inclui quando e como notificar, prazos e canais.
Tags: LGPD, ANPD, Notificação, Art. 38, Art. 48, Compliance, Brasil, Incidentes

### [Procurement Sync](https://rakenne.app/skills/procurement-sync/index.md)
Generate a procurement requirements matrix from construction specifications — maps spec clauses to material requirements, vendor qualifications, submittal obligations, and delivery constraints.
Tags: Construction, Procurement, Specifications, Submittals, Materials, Supply Chain

### [Professional Fees for Architects (HOAI)](https://rakenne.app/skills/hoai-billing/index.md)
Phase-by-phase billing and documentation of service achievements for architects and engineers per HOAI (Honorarordnung für Architekten und Ingenieure). Validates Grundleistungen completeness before billing, calculates Honorarzonen from building complexity criteria, and produces structured Leistungsnachweis documentation.
Tags: Architecture, Engineering, Billing, Germany, HOAI, Compliance

### [Project Status Reports](https://rakenne.app/skills/project-status-report/index.md)
Create and update structured project status reports from meetings, messages, and documents. Extracts status updates into markdown reports with summary, problems, risks, and actions sections. Supports single-team, compiled, and multi-team report formats.
Tags: Project Management, Reports, Updates

### [Purdue Level Mapper (CISA CPG 2.2)](https://rakenne.app/skills/purdue-level-mapper/index.md)
IT/OT network segmentation aligned to CISA CPG 2.2 and the Purdue Model. Map assets to Levels 0–5, draft security requirements per transition, and validate no direct Business-to-PLC without DMZ.
Tags: CISA, CPG, Critical Infrastructure, OT, Purdue Model, Network Segmentation

### [QMS CAPA Tracker](https://rakenne.app/skills/qms-capa-tracker/index.md)
Draft and validate CAPA (Corrective and Preventive Action) reports for medical device quality management systems. Standardizes root cause analysis using 5 Whys or Fishbone (Ishikawa) methods, enforces Effectiveness Check completeness, and validates CAPA structure against ISO 13485 and FDA 21 CFR Part 820 requirements.
Tags: Healthcare, Quality Management, Regulatory, ISO 13485, FDA, Compliance

### [QMS Procedure Elaborator](https://rakenne.app/skills/qms-procedure-elaborator/index.md)
Guided elaboration of QMS procedures, process maps, and quality objectives aligned to ISO 9001 clauses and context of the organization. Verifies required clause topics are addressed and objectives are measurable.
Tags: Quality Management, ISO 9001, QMS, Procedures, Compliance

### [Qualiopi — Dossier de Certification](https://rakenne.app/skills/qualiopi-dossier-certification/index.md)
Prepare the Dossier de Certification for Qualiopi (France, RNQ). Structure proof-of-service evidence (feuilles d'émargement, enquêtes de satisfaction), validate with proof_of_service_audit, and align with the 7 criteria and 32 indicators of the Référentiel National Qualité.
Tags: Education, France, Qualiopi, RNQ, Professional Training, Compliance

### [Quality Metric Validator (COBIT APO11)](https://rakenne.app/skills/quality-metric-validator/index.md)
Define quality standards for IT services and SDLC aligned to COBIT APO11. Suggest quality gates based on Capability Levels. Includes SLA–quality sync check.
Tags: COBIT, APO11, Quality, QMS, SLA, PDCA

### [R&D Tax Incentive Registration](https://rakenne.app/skills/rd-tax-incentive-registration/index.md)
Draft Core and Supporting Activity descriptions for the R&D Tax Incentive annual registration (Australia, AusIndustry/ATO). Ensures HEOC structure for core activities and salary-to-project nexus; validates descriptions with nexus_expenditure_check.
Tags: Australia, Tax, R&D, AusIndustry, ATO, Compliance

### [Railway RAMS Lifecycle Validator](https://rakenne.app/skills/rams-lifecycle-validator/index.md)
Elaborate and validate a Safety Case for railway signaling systems per EN 50126. Covers the full V-model lifecycle (Concept to Decommissioning), SIL 1–4 allocation with failure rate consistency checks, hazard analysis, risk assessment, and CENELEC standard compliance for EU railway projects.
Tags: Transportation, Railway, Safety, Regulatory, Compliance, EN 50126

### [Rapport de Gestion — Tribunal de Commerce (France)](https://rakenne.app/skills/rapport-de-gestion/index.md)
Draft the annual management report for the French Commercial Court under Code de Commerce. Covers mandatory content and the LME-mandated table of payment delays (fournisseurs/clients). Validation via payment_delay_validator. Complements commercial-code-auditor for mandatory mentions.
Tags: France, Corporate, Finance, Code de Commerce, LME, Rapport de Gestion, Regulatory

### [RAS — Relatório Ambiental Simplificado](https://rakenne.app/skills/env-licensing-ras/index.md)
Elabora e revisa Relatórios Ambientais Simplificados (RAS) para licenciamento ambiental no Brasil, com foco em empreendimentos de pequeno porte ou baixo impacto. Subsidia Licença Ambiental Simplificada (LAS) ou Licença Prévia (LP), conforme CONAMA 279/2001 e normas estaduais.
Tags: Environment, Regulatory, CONAMA, Licensing, Brazil, RAS

### [RCA — Relatório de Controle Ambiental](https://rakenne.app/skills/env-licensing-rca/index.md)
Apoia a elaboração e revisão de Relatórios de Controle Ambiental (RCA) para licenciamento ambiental no Brasil, com foco em regularização de empreendimentos e renovação de licenças, incluindo diagnóstico ambiental, plano de controle e validação de completude.
Tags: Environment, Regulatory, CONAMA, Licensing, Brazil, Compliance

### [RCA/PCA — Medidas Mitigadoras e Monitoramento](https://rakenne.app/skills/rca-pca-mitigation/index.md)
Redação técnica de medidas mitigadoras para Relatórios de Controle Ambiental (RCA) e Planos de Controle Ambiental (PCA), com vínculo impacto–monitoramento e verificação de efluentes contra CONAMA 430. Foco em mineração e transformação (médio impacto); órgãos CETESB, INEA, SEMAD.
Tags: Environment, Regulatory, CONAMA, Brazil, Compliance, Mining

### [RCT Sub-contractor Agreements](https://rakenne.app/skills/rct-subcontractor-agreements/index.md)
Draft and validate sub-contractor agreements for Irish construction and project management with RCT and VAT reverse charge compliance. Ensures Status of the Worker clauses and mandatory VAT wording.
Tags: Ireland, Construction, Tax, RCT, VAT, Revenue, Compliance, Contracts

### [RE2020 Compliance](https://rakenne.app/skills/re2020-compliance/index.md)
Draft the environmental performance summary for new buildings under France's RE2020. Covers IC construction and IC énergie (kgCO₂/m²), LCA narrative with bio-sourced materials, threshold validation, and ADEME/ministerial alignment. France; construction and HVAC.
Tags: France, RE2020, ADEME, Environment, Construction, HVAC, LCA, Compliance

### [Records Retention Schedule](https://rakenne.app/skills/records-retention-schedule/index.md)
Build records retention schedules defining how long every document type (tax, HR, legal, accounting, medical, contracts) must be kept, with country-specific statutory minimums and validated disposal protocols for physical and digital records.
Tags: Records Management, Compliance, Data Lifecycle, Global Tax and Labor Laws

### [Recovery Scenario Builder (COBIT DSS04)](https://rakenne.app/skills/recovery-scenario-builder/index.md)
Draft IT recovery plans for Total Site Loss and Single Service Outage. Ensure HA matches business criticality. Includes DR test integrity check (failover tests vs tabletop only).
Tags: COBIT, DSS04, Disaster Recovery, Business Continuity, Failover

### [Registro de Operações de Tratamento — LGPD (Art. 37)](https://rakenne.app/skills/lgpd-registro-operacoes/index.md)
Elaboração e manutenção do registro de operações de tratamento de dados pessoais em conformidade com o Art. 37 da LGPD. Documenta finalidades, categorias de dados e titulares, bases legais, compartilhamento, retenção e medidas de segurança. Inclui validação dos campos mínimos exigidos.
Tags: LGPD, ANPD, Registro de Operações, Art. 37, Compliance, Brasil, Privacidade

### [Relatório de Impacto à Proteção de Dados (RIPD) — LGPD](https://rakenne.app/skills/lgpd-ripd/index.md)
Elaboração e validação de Relatórios de Impacto à Proteção de Dados (RIPD) sob a LGPD (Lei 13.709/2018) e orientações da ANPD. Avaliação de riscos para tratamentos de alto risco ou em larga escala (e-commerce, saúde e demais setores). Valida se a base legal escolhida (ex.: Legítimo Interesse — Art. 7, IX) possui o teste de balanceamento documentado conforme Guia Orientativo da ANPD.
Tags: LGPD, ANPD, Proteção de Dados, RIPD, Compliance, Brasil, Privacidade, Avaliação de Riscos

### [Relatório de Segurança — LGPD (Art. 46 a 49)](https://rakenne.app/skills/lgpd-relatorio-seguranca/index.md)
Elaboração do relatório de segurança e do procedimento de comunicação de incidentes nos termos dos Art. 46 a 49 da LGPD. Cobre medidas técnicas e organizacionais, registro de incidentes (Art. 47), comunicação à ANPD (Art. 48) e aos titulares (Art. 49).
Tags: LGPD, ANPD, Relatório de Segurança, Incidentes, Art. 46, Art. 48, Compliance, Brasil

### [Relatórios de Ensaio — Homologação ANATEL](https://rakenne.app/skills/anatel-homologation-reports/index.md)
Elaboração de relatórios de ensaio para homologação de equipamentos de telecomunicações (dispositivos sem fio). Inclui validação de SAR (Taxa de Absorção Específica) contra limites para uso humano e referência à Resolução 715/2019. Mercado: tecnologia e importação. Regulado: ANATEL.
Tags: ANATEL, Homologation, Telecommunications, SAR, Resolução 715/2019, Certification

### [Relatórios Prudenciais CMN/BCB](https://rakenne.app/skills/prudential-reporting-bacen/index.md)
Apoia a elaboracao e revisao de divulgacoes prudenciais no Brasil com foco em CMN/BCB (Pilar 3, ICAAP e riscos sociais, ambientais e climaticos), incluindo checklist de conformidade e validacao de completude.
Tags: Finance, Regulatory, BCB, CMN, Compliance, Brazil, Prudential

### [Resource Capacity Forecaster (ISO 27001 A.8.6)](https://rakenne.app/skills/resource-capacity-forecaster/index.md)
Draft and validate the Capacity Management Plan for ISO 27001 A.8.6. Documents monitoring and adjustment of CPU, RAM, disk and network to ensure availability and prevent denial of service from resource exhaustion. Supports threshold alerts, expansion triggers and LaTeX formula validation for auditor-ready living documents.
Tags: ISO 27001, Capacity Management, ISMS, Availability, A.8.6

### [Restoration Dependency Analyzer (NIST RC.RP)](https://rakenne.app/skills/restoration-dependency-analyzer/index.md)
Draft and validate System Restoration Sequence & Integrity Verification plans aligned with NIST CSF 2.0 RC.RP. Ensures restoration order respects service dependencies and that backup verification and security integrity checks are explicit before go-live.
Tags: NIST CSF, Disaster Recovery, Recovery Planning, Integrity Verification, RC.RP

### [Review Legal Clauses](https://rakenne.app/skills/review-legal-clauses/index.md)
Examine contract clauses for completeness, risks, and compliance issues. Flags potential problems and suggests improvements in plain language.
Tags: Legal, Compliance, Review

### [RI&E — Risico-inventarisatie en -evaluatie (Netherlands)](https://rakenne.app/skills/nl-rie-risico-inventarisatie/index.md)
Draft and validate the mandatory Risk Inventory & Evaluation (RI&E) and Plan van Aanpak under the Dutch Working Conditions Act (Arbowet Art. 5). Covers hazard identification, risk evaluation, PSA, and arbodeskundige review.
Tags: Netherlands, Arbowet, Occupational Health, RI&E, Compliance

### [Risk & Control Self-Assessment (RCSA)](https://rakenne.app/skills/inherent-residual-audit/index.md)
RCSA support aligned with COSO and Basel III. Front-line managers document risks and control effectiveness; the skill scores control strength (Automated > Manual, Preventative > Detective) and identifies optimistic bias where residual risk is low despite weak controls or thin descriptions.
Tags: Risk Management, Compliance, COSO, Basel III, RCSA, Operational Risk, Internal Control

### [Risk Register ISO 31000](https://rakenne.app/skills/risk-register-iso31000/index.md)
Guided elaboration of an ISO 31000:2018-aligned risk register: organizational context, risk criteria (likelihood/impact scales and appetite), structured register entries with cause, existing controls, consequence, treatment, residual risk, implementation deadline and owner, plus automated validation of completeness and L x I consistency.
Tags: Risk Management, ISO 31000:2018, GRC, Risk Register, Compliance, ERM

### [Risk Tolerance Quantifier](https://rakenne.app/skills/risk-tolerance-quantifier/index.md)
Draft and validate a Cybersecurity Risk Appetite Statement (NIST CSF 2.0 GV.OC): translate board mandates into quantifiable tolerance levels and KPIs; ensure stated appetite is supported by budget narratives.
Tags: NIST CSF, Governance, Risk Appetite, GV.OC, GRC

### [RTB Notice Expert — Notice of Termination & Rent Review](https://rakenne.app/skills/rtb-notice-expert/index.md)
Prepare and validate Notice of Termination and Rent Review documentation for Ireland under the Residential Tenancies Board (RTB). Ensures Rent Pressure Zone (RPZ) and comparable market rent rules (3 comparables, advertised within 4 weeks) are met. Includes comparable_market_rent_audit validation.
Tags: Ireland, Real Estate, Rental, Residential Tenancies Board, RTB, Rent Pressure Zone, Rent Review, Notice of Termination

### [Safe Harbor Drafter (CISA CPG 5.1 VDP)](https://rakenne.app/skills/safe-harbor-drafter/index.md)
Draft and validate a Vulnerability Disclosure Policy (VDP) with CISA-aligned Safe Harbor language and RFC 9116–compliant reporting. Ensures researcher protection and clear reporting mechanism.
Tags: CISA, CPG, VDP, Critical Infrastructure, Vulnerability Disclosure, security.txt, RFC 9116

### [Sandbox Compliance Expert](https://rakenne.app/skills/sandbox-compliance-expert/index.md)
Elaboração de propostas para sandbox regulatório e contratos de inovação (CVM, BCB, SUSEP). Define critérios de saída segura e limites de operação; valida proteção ao consumidor e responsabilidade civil conforme LC 182/2021.
Tags: Regulatory, Compliance, Brazil, Startups, CVM, BCB, SUSEP, Sandbox

### [Saudi PDPL — Personal Data Protection Assessment](https://rakenne.app/skills/sa-pdpl-data-protection-assessment/index.md)
Draft and validate data protection compliance documentation under Saudi Arabia's Personal Data Protection Law (Royal Decree M/19 of 2021, amended 2023) and its Implementing Regulations. Covers data inventory, consent, cross-border transfers, and 72-hour breach notification.
Tags: Saudi Arabia, PDPL, SDAIA, Privacy, Data protection

### [SBIR/STTR Phase I Proposal Drafter](https://rakenne.app/skills/sbir-sttr-proposal/index.md)
Draft complete SBIR/STTR Phase I technical proposals aligned to specific federal agency evaluation criteria. Covers technical volume, commercialization plan, work plan, and budget justification for NSF, NIH, DoD, DoE, and USDA solicitations.
Tags: Grant Writing, SBIR, STTR, Federal Funding, Proposal, Commercialization

### [SBOM Lifecycle Drafter](https://rakenne.app/skills/sbom-lifecycle-drafter/index.md)
Draft and maintain the SBOM Management Procedure aligned with NIST CSF 2.0 ID.AM. Covers ingestion, validation, and monitoring of SBOMs; Vulnerability Disclosure when NVD flags a component; and developer Attestation of Security. Validates procedure and SBOM files against CycloneDX/SPDX.
Tags: NIST CSF, SBOM, Governance, Vulnerability Disclosure, ID.AM

### [SBOM Risk Scorer](https://rakenne.app/skills/sbom-risk-scorer/index.md)
CISA CPG 6.1 Supply Chain SBOM Review: analyze CycloneDX or SPDX SBOMs for Vulnerability Debt and gatekeeping evidence. Summarizes vulnerability debt and flags EOL and critical-CVE components for Accept/Reject decisions.
Tags: CISA CPG, SBOM, Supply Chain, Critical Infrastructure, Vulnerability Management

### [SBOM Vulnerability Mapper](https://rakenne.app/skills/sbom-vulnerability-mapper/index.md)
Generate and validate a Software Bill of Materials (SBOM) and draft CRA-compliant technical documentation for connected products in the EU market. Checks software components against the NIST NVD for known critical vulnerabilities. Covers product classification, Annex I essential cybersecurity requirements, vulnerability handling, conformity assessment, and ENISA reporting readiness.
Tags: Cybersecurity, IoT, Consumer Electronics, Compliance, SBOM, Cyber Resilience Act

### [SDLC Control Drafter (ISO 27001 A.8.28)](https://rakenne.app/skills/sdlc-control-drafter/index.md)
Draft and maintain ISO 27001-aligned Secure Development Lifecycle (SDLC) policy: Security by Design, Security by Default, and security gates (SAST/DAST, peer review, threat modeling). Includes OWASP Top 10 alignment check for web and API risks.
Tags: ISO 27001, ISMS, SDLC, Secure development, OWASP, Security by Design, Compliance

### [SEC 10-K — MD&A and Financial Statement Notes Drafter](https://rakenne.app/skills/sec-10k-mda-notes-drafter/index.md)
Draft and validate the Management Discussion & Analysis (MD&A) section and key financial statement footnotes of the SEC Form 10-K annual report. Ensures compliance with Regulation S-K Items 303 (2021 amended structure), 305, 105, and 106 (cybersecurity, effective December 15, 2023), Reg G/Item 10(e) non-GAAP measure rules, SEC interpretive guidance, and PCAOB expectations for critical accounting estimates. Covers all required US GAAP footnote topics including EPS (ASC 260), subsequent events (ASC 855), and related parties (ASC 850).
Tags: SEC, 10-K, Financial Reporting, MD&A, United States, Footnotes, GAAP, Reg S-K, Critical Accounting Estimates, PCAOB, Cybersecurity, Non-GAAP

### [SEC DEF 14A (Proxy Statement)](https://rakenne.app/skills/sec-proxy-def14a/index.md)
Draft and validate annual meeting proxy statements for U.S. domestic issuers: meeting and voting mechanics, proposals, director nominees, beneficial ownership, executive compensation (scaled for SRC/EGC), audit matters, and Part III 10-K incorporation mapping.
Tags: SEC, Securities, Regulatory, Proxy, Corporate Governance, Compliance, DEF 14A

### [SEC Form 10-Q (Quarterly Report)](https://rakenne.app/skills/sec-form-10q/index.md)
Generate and validate quarterly Form 10-Q narrative sections and checklists, with delta-focused updates, Risk Factors (material changes only), Legal Proceedings, Controls and Procedures, and consistency checks.
Tags: SEC, Securities, Regulatory, Form 10-Q, Quarterly, Compliance

### [SEC Form 4 (Section 16)](https://rakenne.app/skills/sec-form-4-section-16/index.md)
Generate Form 4 drafts from insider transaction details: map to transaction codes and tables, draft footnotes (tax withholding, 10b5-1, indirect ownership), and validate for Rule 16a-3 and two-business-day filing.
Tags: SEC, Securities, Section 16, Form 4, Insider Transactions, Compliance

### [SEC Form 8-K (Current Report)](https://rakenne.app/skills/sec-form-8k/index.md)
Draft and validate SEC Form 8-K filings for any reportable corporate event, with item mapping, compliance checks, and standard legal language.
Tags: SEC, Securities, Regulatory, Form 8-K, Corporate Governance, Compliance

### [SecNumCloud — Dossier d'Homologation](https://rakenne.app/skills/secnumcloud-dossier-homologation/index.md)
Draft the Dossier d'Homologation for ANSSI SecNumCloud certification. Map infrastructure to the Référentiel, validate EEA data sovereignty for sub-processors, and structure evidence for France's public-sector cloud qualification.
Tags: Cybersecurity, France, ANSSI, SecNumCloud, Compliance, Public Sector

### [Section 106 Heads of Terms](https://rakenne.app/skills/section-106-heads-of-terms/index.md)
Draft and validate Heads of Terms for Section 106 planning obligations under the Town and Country Planning Act 1990 (UK). Covers obligations between developers and local planning authorities, including affordable housing, CIL, education, open space, and highways. Ensures HoT structure and alignment with viability and GDV assumptions.
Tags: United Kingdom, Planning, Section 106, Construction, Urban Planning, TCPA 1990

### [Securities Suitability (WpHG)](https://rakenne.app/skills/wphg-suitability/index.md)
Erstellt Geeignetheitsberichte (Suitability Reports) fuer die Anlageberatung von Privatkunden gemaess WpHG / MiFID II. Validiert die Konsistenz zwischen Kundenprofil, Risikoeinstufung, Anlageempfehlung und ESG-Praeferenzen. Prueft SFDR-Offenlegungen bei Artikel-8/9-Fonds.
Tags: WpHG, MiFID II, Suitability, ESG, SFDR, Asset Management, BaFin, Germany

### [SEEMP Emission Planner](https://rakenne.app/skills/seemp-emission-planner/index.md)
Develop Ship Energy Efficiency Management Plans (SEEMP) compliant with IMO MARPOL Annex VI. Covers fuel consumption data collection, CO2 emissions tracking, CII carbon intensity planning, and NOx tier validation for Emission Control Areas.
Tags: Maritime, Environment, Emissions, IMO, MARPOL, Shipping

### [SFCR Solvency II (Pillar 3)](https://rakenne.app/skills/sfcr-solvency-ii/index.md)
Supports preparation and review of the Solvency and Financial Condition Report (SFCR) for EU insurance and reinsurance undertakings under Solvency II Pillar 3, including QRT consistency checks and MCR/SCR ratio validation.
Tags: Insurance, Regulatory, Solvency II, EIOPA, Compliance, Europe, Risk Management

### [SFIA Competency Mapper (COBIT APO07)](https://rakenne.app/skills/sfia-competency-mapper/index.md)
Map IT workforce skills to COBIT process requirements using SFIA. Draft job descriptions for COBIT management objectives and identify key-person risk. Includes skill gap calculator vs Target Capability Level.
Tags: COBIT, APO07, SFIA, Skills Matrix, Competency

### [Skilled Worker Immigration (Niederlassungserlaubnis)](https://rakenne.app/skills/skilled-worker-immigration/index.md)
Erstellt das Antragspaket fuer die Niederlassungserlaubnis (Permanent Residency) hochqualifizierter Arbeitnehmer mit Blauer Karte EU in Deutschland. Validiert Arbeitsvertraege gegen Blue Card-Gehaltsschwellenwerte und prueft den Versicherungsverlauf auf Pflichtbeitragszeiten.
Tags: AufenthG, Immigration, HR Compliance, Blue Card, Germany

### [SOC 2 Audit Readiness Planner](https://rakenne.app/skills/soc2-audit-readiness-planner/index.md)
Guided journey dashboard across all SOC 2 skills. Detects which skills have produced their expected outputs, shows progress across 4 phases (Foundation, Assessment, Documentation, Validation), and recommends the next step.
Tags: Compliance, Security, SOC 2, Audit, Planning, Dashboard

### [SOC 2 Control Narrative Author](https://rakenne.app/skills/soc2-control-narrative-author/index.md)
Guided elaboration of SOC 2 readiness documentation: control narratives aligned to AICPA Trust Services Criteria (Security, Availability, Processing Integrity, Confidentiality, Privacy), control-objective mapping, and evidence placeholders for Type I/II audit.
Tags: SOC 2, AICPA, Trust Services Criteria, Compliance, Audit, Cybersecurity

### [SOC 2 Internal Audit](https://rakenne.app/skills/soc2-internal-audit/index.md)
Conduct an internal readiness audit for SOC 2 certification. Tests controls per TSC criteria, classifies findings by AICPA severity (Material Weakness, Significant Deficiency, Deficiency, Observation), organizes evidence for auditor handoff, tracks management responses, and produces a readiness assessment. The capstone skill that determines whether the organization is ready to engage an external auditor.
Tags: Compliance, Security, SOC 2, Audit, AICPA, Internal Audit, GRC

### [SOC 2 Monitoring & Testing](https://rakenne.app/skills/soc2-monitoring-testing/index.md)
Build an ongoing monitoring and testing program for SOC 2 audit readiness. Creates a control testing plan with method, frequency, and tester assignments; an evidence collection matrix mapping controls to TSC criteria; and an exception tracker with root cause analysis and remediation. Validates testing coverage, evidence strength, and exception management.
Tags: Compliance, Security, SOC 2, Audit, AICPA, Trust Services Criteria, Testing

### [SOC 2 Organization Profile](https://rakenne.app/skills/soc2-organization-profile/index.md)
Build and validate the organizational context profile for SOC 2 audit readiness. Captures principal service commitments, system requirements (SCSR), trust services categories, system boundaries, subservice organizations (carved-out/inclusive), and complementary user entity controls (CUECs). Boundary validator checks scope completeness; CUEC mapper validates controls are specific, actionable, and TSC-aligned.
Tags: Compliance, Security, SOC 2, Audit, AICPA, Trust Services Criteria, GRC

### [SOC 2 Policy Generator](https://rakenne.app/skills/soc2-policy-generator/index.md)
Generate Trust Services Criteria-aligned policy documents for SOC 2 audit readiness. Produces 8 core policies (Information Security, Access Control, Change Management, Incident Response, Risk Assessment, Vendor Management, Business Continuity, Data Classification) plus optional Privacy and Processing Integrity policies — each tailored to organizational context with TSC criteria mapping, named roles, and specific systems.
Tags: Compliance, Security, SOC 2, Audit, AICPA, Trust Services Criteria, Policy

### [SOC 2 Policy Review](https://rakenne.app/skills/soc2-policy-review/index.md)
Interactive statement-by-statement review of SOC 2 policy documents. Walks through each policy statement with approve, reject, or AI rewrite options. Produces a timestamped audit trail that satisfies SOC 2 evidence requirements.
Tags: Compliance, Security, SOC 2, Audit, Policy, Review

### [SOC 2 Readiness Gap Analysis](https://rakenne.app/skills/soc2-readiness-gap-analysis/index.md)
Map internal controls against AICPA Trust Services Criteria (Security, Availability, Processing Integrity, Confidentiality, Privacy). Identifies unmapped criteria, validates evidence artifacts and tests of effectiveness, and produces a prioritized remediation roadmap for SOC 2 Type I or Type II audit readiness.
Tags: Compliance, SOC 2, AICPA, Audit, Security

### [SOC 2 Risk Assessment](https://rakenne.app/skills/soc2-risk-assessment/index.md)
Conduct a structured risk assessment aligned to AICPA Trust Services Criteria. Identifies risks per TSC category using a 5x5 likelihood-impact matrix, maps risks to specific TSC criteria (CC/A/PI/C/P), identifies control gaps, validates residual risk scoring, and produces a risk register with treatment plan. Feeds into gap analysis, control narratives, and policy generation.
Tags: Compliance, Security, SOC 2, Risk Assessment, AICPA, Trust Services Criteria, GRC

### [SOC 2 System Description & Management Assertion](https://rakenne.app/skills/soc2-system-description/index.md)
Draft the SOC 2 system description narrative (Section III) and management assertion letter per AICPA Trust Services Criteria (TSP Section 100) and DC Section 200 description criteria. Covers system boundaries, components, SCSR, subservice organizations (carved-out and inclusive methods), CUECs, CSOCs, control environment mapped to CC1–CC9, and trust services scope validation.
Tags: Compliance, Security, SOC 2, Audit, AICPA, Trust Services Criteria

### [SOC 2 Vendor Management](https://rakenne.app/skills/soc2-vendor-management/index.md)
Establish third-party and subservice organization oversight for SOC 2 audit readiness. Risk-tiered assessment framework with vendor register, SOC report review validation, CSOCs validation, and tiered security requirements per CC9.2. Covers vendor risk scoring, SOC report currency checks, and bridge letter tracking.
Tags: Compliance, Security, SOC 2, Audit, AICPA, Vendor Management, GRC

### [SOW & SLA Drafter](https://rakenne.app/skills/general-sow-sla/index.md)
Draft professional Statements of Work with Service Level Agreements for B2B engagements. Industry-aware: applies regulatory and compliance sections based on the client's sector (Healthcare, Fintech, SaaS, Government, etc.).
Tags: Contract, SOW, SLA, B2B, Compliance, Governance

### [SOX Section 404 — Internal Control over Financial Reporting Narrative](https://rakenne.app/skills/sox-icfr-control-narrative/index.md)
Draft and validate management's assessment of Internal Control over Financial Reporting (ICFR) per SOX §404, aligned to the COSO 2013 framework and PCAOB AS 2201. Produces process narratives, risk-control matrices (RCMs), and control descriptions for each significant account and business process.
Tags: Compliance, SOX, ICFR, COSO, PCAOB, Audit, Internal Controls

### [Specification Consistency Check](https://rakenne.app/skills/spec-consistency-check/index.md)
Cross-discipline consistency analysis for multi-chapter construction and infrastructure specifications — finds contradictions across HVAC, Electrical, Structural, Architectural, Fire Protection, and MEP, validates standard references, and generates RFIs.
Tags: Construction, Specifications, Quality Assurance, Cross-Discipline, RFI, Infrastructure, Engineering

### [SRA Accounts Rules — Accountant's Report & Compliance](https://rakenne.app/skills/sra-accounts-rules/index.md)
Draft and validate Accountant's Reports and internal compliance manuals for UK law firms under the SRA Accounts Rules 2019. Validates client/office money segregation, residual client balance policies, reconciliation, breach reporting, and all major SRA Accounts Rules requirements.
Tags: SRA, Accounts Rules, Legal, Law Firm Management, United Kingdom, Client Money, Regulatory

### [State Claims Risk Management](https://rakenne.app/skills/state-claims-risk-management/index.md)
Draft and validate Risk Management reports for state-insured entities (hospitals, prisons) in Ireland under the State Claims Agency (SCA/NTMA). Ensures expected sections, tags Protected Disclosure and LPP content, and aligns with NIMS incident reporting.
Tags: Ireland, Public Sector, State Claims Agency, NTMA, NIMS, Risk Management, Compliance

### [StateRAMP Authorization Package](https://rakenne.app/skills/stateramp-authorization-package/index.md)
Draft and validate StateRAMP authorization packages for cloud service providers serving U.S. state and local government: System Security Plan (SSP) with attachments, Security Assessment Plan (SAP), Security Assessment Report (SAR), Plan of Action & Milestones (POA&M), and the StateRAMP Snapshot for the Authorized Products List.
Tags: StateRAMP, NIST, Compliance, Government, Cloud Security, State Government

### [Structural Steel Specification (Eurocode 3)](https://rakenne.app/skills/civil-structural-steel-euro/index.md)
Guided elaboration of technical specifications for load-bearing steel structures under Eurocode 3 (EN 1993). Cross-references yield strength, tensile strength, and partial safety factors (γ_M0, γ_M1, γ_M2) with country-specific national annexes across the EU.
Tags: EU, Construction, Structural Steel, Eurocode 3, EN 1993, Infrastructure, Regulated Sector

### [Structural Steel Specifications (USA / AISC 360)](https://rakenne.app/skills/civil-structural-steel-usa/index.md)
Guided elaboration of technical specifications for load-bearing steel structures in the USA, with ASTM material cross-referencing, LRFD/ASD safety-factor validation, and compliance checking against AISC 360, ASCE 7, and IBC.
Tags: Construction, Structural Steel, AISC, USA, Engineering, Compliance

### [Supply Chain Clause Harmonizer](https://rakenne.app/skills/supply-chain-clause-harmonizer/index.md)
Draft and validate C-SCRM Security Requirement Annexes for vendor contracts. Selects clauses by Criticality Tier (right to audit, vulnerability disclosure, breach notification) and validates against NIST SP 800-161 (GV.SC).
Tags: NIST CSF, NIST SP 800-161, C-SCRM, Supply Chain, Governance, Vendor Contracts

### [Supply Chain Code of Conduct](https://rakenne.app/skills/supply-chain-code-of-conduct/index.md)
Draft and validate supply chain codes of conduct defining the ethical standards suppliers must sign. Covers labour rights, environmental obligations, Right to Audit clauses, and sub-tier flow-down requirements aligned with Modern Slavery Act (UK/AU), LkSG (Germany), ILO Core Conventions, and EU CSDDD. Automated tools validate audit clause strength and flag Tier 1-only compliance gaps.
Tags: Supply chain, Compliance, Modern Slavery Act 2015, LkSG, Ethics, ESG, Due diligence

### [Syllabus outcomes alignment](https://rakenne.app/skills/syllabus-outcomes-alignment/index.md)
Draft or revise syllabi with learning outcomes, assessments, and outcome–assessment alignment matrix for accreditation and audit.
Tags: Education, Syllabus, Learning outcomes, Assessment, Accreditation

### [Term sheet draft](https://rakenne.app/skills/term-sheet-draft/index.md)
Draft and validate M&A or investment term sheets (parties, valuation, structure, reps, conditions, indemnity, governing law).
Tags: M&A, Term sheet, Investment, Corporate, Deals

### [Termo de Consentimento — LGPD (Art. 8 e 11)](https://rakenne.app/skills/lgpd-termo-consentimento/index.md)
Elaboração de termo ou formulário de consentimento para tratamento de dados pessoais em conformidade com o Art. 8 e 11 da LGPD. Cobre consentimento destacado, finalidades determinadas, revogação gratuita e facilitada, e dados sensíveis quando aplicável. Inclui validação dos requisitos do Art. 8.
Tags: LGPD, ANPD, Consentimento, Art. 8, Art. 11, Compliance, Brasil, Privacidade

### [Termo de Consentimento Esportivo — LGPD](https://rakenne.app/skills/termo-consentimento-esportivo/index.md)
Elaboração de termo de consentimento para participação em atividades esportivas (academias, clubes, escolas de esporte, eventos) em conformidade com a LGPD e orientações da ANPD. Cobre consentimento para dados pessoais e sensíveis (saúde), reconhecimento de riscos inerentes, aptidão física, autorização emergencial, uso de imagem e previsões para menores de idade.
Tags: LGPD, ANPD, Esporte, Consentimento, Brasil, Dados de Saúde, ECA, CDC, Código Civil

### [Third-Party Risk Assessment (TPRA)](https://rakenne.app/skills/third-party-risk-assessment/index.md)
Assess vendor security posture by validating SIG questionnaire responses against evidence and auditing SOC 2 reports for coverage gaps. Produces structured TPRA reports aligned with NIST SP 800-161 and GDPR Article 28, with automated tools that flag unsupported vendor claims, expired reports, and bridge-letter gaps.
Tags: Risk Management, Security, Compliance, NIST SP 800-161, GDPR

### [Threat Impact Narrative Builder](https://rakenne.app/skills/threat-impact-narrative-builder/index.md)
Build and validate cybersecurity risk registers and impact narratives aligned to NIST CSF 2.0 ID.RA. Uses FAIR methodology for impact scenarios and enforces consistency between risk scores and Historical Incident Data.
Tags: NIST CSF, Risk, GRC, FAIR, Cybersecurity

### [TMMi Maturity Level Justification](https://rakenne.app/skills/tmmi-maturity-level-justification/index.md)
Draft maturity level justification and evidence package for a target TMMi level, for assessment or internal audit.
Tags: TMMi, Test Maturity, Testing, Assessment, Maturity Level

### [TMMi Process Area Documentation](https://rakenne.app/skills/tmmi-process-area-documentation/index.md)
Draft and validate documentation for TMMi process areas (ML2–ML5); includes process area coverage checker.
Tags: TMMi, Test Maturity, Testing, Process Area, Assessment

### [TMMi Test Policy](https://rakenne.app/skills/tmmi-test-policy/index.md)
Draft and maintain an organizational test policy aligned to TMMi (Test Maturity Model Integration): goals, scope, roles, and management commitment.
Tags: TMMi, Test Maturity, Testing, Test Policy

### [TMMi Test Strategy](https://rakenne.app/skills/tmmi-test-strategy/index.md)
Draft and maintain a project or programme test strategy aligned to TMMi: objectives, test levels, approach, entry/exit criteria, and resources.
Tags: TMMi, Test Maturity, Testing, Test Strategy

### [Traceability Matrix Auditor](https://rakenne.app/skills/traceability-matrix-auditor/index.md)
Generate and validate the DO-178C traceability matrix for airborne software. Maps HLR to LLR to source code and runs bidirectional checks for orphan code and dead requirements.
Tags: Aviation, DO-178C, Traceability, Aerospace, Certification, Compliance

### [Transfer pricing local file](https://rakenne.app/skills/transfer-pricing-local-file/index.md)
Draft and validate TP local files (entity, transactions, comparability, method) aligned to OECD and jurisdiction requirements.
Tags: Transfer pricing, OECD, Tax, Local file

### [Transfer pricing master file](https://rakenne.app/skills/transfer-pricing-master-file/index.md)
Draft and validate TP master files (group structure, value chain, intangibles, intercompany, policies) aligned to OECD.
Tags: Transfer pricing, OECD, Tax, Master file

### [TUPE Consultation Documents](https://rakenne.app/skills/tupe-consultation-documents/index.md)
Draft and validate the Measures Letter and consultation notices for UK TUPE employee transfers. Covers reg 13(2) information and consultation, meaningful consultation timing, and integration with liability mapping and timeline checks.
Tags: TUPE, Employment Law, HR, United Kingdom, Consultation, Employee Transfer

### [Tusla Early Years Inspectorate](https://rakenne.app/skills/tusla-early-years-inspectorate/index.md)
Draft the Safety Statement and Child Safeguarding Statement for creches and early years services in Ireland. Validates staff-to-child ratios against Tusla’s Schedule 6 (Early Years Services Regulations 2016).
Tags: Ireland, Childcare, Education, Tusla, Compliance, Safeguarding, Early Years

### [UAE Federal PDPL — Data Protection Impact Assessment](https://rakenne.app/skills/ae-pdpl-data-protection-assessment/index.md)
Draft and validate a DPIA under UAE Federal Decree-Law No. 45/2021 on the Protection of Personal Data (PDPL) and its Executive Regulations. Covers data inventory, lawful basis, cross-border transfers, and 72-hour breach notification.
Tags: UAE, PDPL, Privacy, DPIA, Data protection

### [UK Bribery Act — Adequate Procedures ABC Program](https://rakenne.app/skills/uk-bribery-act-abc-program/index.md)
Draft and validate the Anti-Bribery & Corruption (ABC) programme documentation required for the 'adequate procedures' defence under UK Bribery Act 2010 §7. Structures the programme around the Ministry of Justice's six principles: proportionate procedures, top-level commitment, risk assessment, due diligence, communication/training, and monitoring/review.
Tags: Compliance, UK Bribery Act, Anti-Bribery, Anti-Corruption, MoJ Guidance, Due Diligence

### [UK Gambling Commission — Operating Licence Compliance](https://rakenne.app/skills/uk-gambling-commission-licence-compliance/index.md)
Draft and validate policies and procedures for Gambling Commission operating licence holders under the Gambling Act 2005 and LCCP. Covers AML/CTF, social responsibility, customer interaction, self-exclusion, and complaints.
Tags: United Kingdom, Gambling Commission, LCCP, Compliance, AML

### [UK GDPR & DPIA (Data Protection)](https://rakenne.app/skills/uk-gdpr-dpia/index.md)
Conduct and validate Data Protection Impact Assessments (DPIAs) under the UK GDPR and ICO guidance for high-risk processing. Suggests technical and organisational safeguards aligned with UK Adequacy standards. Validates breach-notification policies against the 72-hour ICO reporting window.
Tags: UK GDPR, DPIA, ICO, Data Protection, Privacy, Compliance, Breach Notification, Technology

### [UK Modern Slavery Statements](https://rakenne.app/skills/uk-modern-slavery-statements/index.md)
Annual drafting of transparency statements for the UK government registry under the Modern Slavery Act 2015 (s54). Covers the six recommended areas—organisation structure and supply chains, policies, due diligence, risk assessment and management, KPIs, training—and registry requirements (board approval, director sign-off).
Tags: UK, Compliance, Supply chain, Modern Slavery Act 2015, Regulatory, Reporting

### [UK Public Procurement (Procurement Act 2023)](https://rakenne.app/skills/uk-procurement-act-2023/index.md)
Draft and validate Selection Questionnaires and Tender Responses under the UK Procurement Act 2023. Covers exclusion grounds (Schedules 6 & 7), debarment list checks, Social Value evaluation per PPN 06/20 with TOMs framework, and SQ completeness validation.
Tags: Procurement, Regulatory, Procurement Act 2023, PPN 06/20, Compliance, United Kingdom

### [UK Sponsor Licence Auditor (Skilled Worker)](https://rakenne.app/skills/sponsor-license-auditor/index.md)
Prepares the Authorising Officer evidence pack for UK Skilled Worker sponsor licences and audits HR systems against the four UKVI sponsor duties (record-keeping, reporting, monitoring, compliance). Validates job descriptions and Certificates of Sponsorship against 2026 SOC codes and salary thresholds.
Tags: Immigration, HR Compliance, UKVI, Skilled Worker, United Kingdom, Sponsorship

### [US Construction Subcontract (Jurisdiction-Specific)](https://rakenne.app/skills/us-construction-subcontract/index.md)
Draft complete US construction subcontractor agreements with state-specific mechanics lien provisions, prompt payment compliance, anti-indemnity conformance, Davis-Bacon prevailing wage flow-downs, insurance requirements, and dispute resolution clauses tailored to each jurisdiction.
Tags: Construction, Contracts, US Law, Subcontracting

### [US government past performance narrative](https://rakenne.app/skills/us-gov-past-performance-narrative/index.md)
Draft and validate past performance narratives for US government proposals (project, customer, period, value, relevance, CPARS dimensions).
Tags: Government contracting, United States, Past performance, CPARS, Proposals

### [US Government Proposal Response](https://rakenne.app/skills/us-gov-proposal-response/index.md)
Draft complete federal government contract proposal responses including Technical, Management, Past Performance, and Price/Cost volumes aligned to RFP evaluation criteria, FAR Part 15 procedures, and APMP best practices.
Tags: Government Contracting, Proposals, FAR, US Federal

### [US government reps and certs audit](https://rakenne.app/skills/us-gov-reps-and-certs-audit/index.md)
Audit Representations & Certifications for completeness, dates, and vague references; align to solicitation.
Tags: Government contracting, United States, Reps and certs, SAM, Proposals

### [US Multi-State Employee Handbook](https://rakenne.app/skills/us-multistate-employee-handbook/index.md)
Draft comprehensive employee handbooks compliant with federal law and state-specific requirements for employers with employees in multiple US states, including state addenda for leave laws, meal/rest breaks, pay transparency, non-compete and non-solicitation restrictions, electronic monitoring, biometric data, NLRA Section 7 compliance, and anti-discrimination protections.
Tags: HR, Employment Law, US Law, Compliance, Leave Compliance, Wage and Hour, Restrictive Covenants, NLRA

### [US PERM job description](https://rakenne.app/skills/us-perm-job-description/index.md)
Draft and validate PERM job descriptions (duties, requirements) aligned to ETA 9089 and SOC; no unlawful preferences.
Tags: Immigration, United States, PERM, Labor certification, ETA 9089

### [US visa support letter](https://rakenne.app/skills/us-visa-support-letter/index.md)
Draft and validate employer or institutional support letters for US visa types (H-1B, L-1, O-1, J-1) with required elements and no speculative language.
Tags: Immigration, United States, H-1B, L-1, O-1, J-1, Support letter

### [USA Durable Power of Attorney](https://rakenne.app/skills/usa-durable-power-of-attorney/index.md)
Draft and validate a durable power of attorney for financial and legal matters in the USA.
Tags: Estate Planning, USA, Power of Attorney

### [USA Guardian Designation](https://rakenne.app/skills/usa-guardian-designation/index.md)
Draft and validate a designation of guardian for minor children (person and/or property) in the USA.
Tags: Estate Planning, USA, Guardian, Minors

### [USA Medical Power of Attorney](https://rakenne.app/skills/usa-medical-power-of-attorney/index.md)
Draft and validate a healthcare proxy or advance directive (medical POA and optional living will) in the USA.
Tags: Estate Planning, USA, Healthcare, Advance Directive

### [USA Revocable Living Trust](https://rakenne.app/skills/usa-revocable-living-trust/index.md)
Draft and validate a revocable living trust in the USA; coordinates with pour-over will.
Tags: Estate Planning, USA, Trust, Revocable

### [USA Simple Will and Trust](https://rakenne.app/skills/usa-simple-will-trust/index.md)
Draft and validate a simple will with optional testamentary or pour-over trust in the USA.
Tags: Estate Planning, USA, Will, Trust

### [USA Transfer-on-Death Deed](https://rakenne.app/skills/usa-transfer-on-death-deed/index.md)
Draft and validate a transfer-on-death deed for real property in the USA.
Tags: Estate Planning, USA, Real Estate, TOD Deed

### [Validador de Folletos Informativos (CNMV)](https://rakenne.app/skills/prospectus-validator/index.md)
Ayuda a elaborar y revisar folletos informativos de fondos de inversión en España conforme a la normativa CNMV, MiFID II y la Ley del Mercado de Valores, con checklist de conformidad y validación de completitud.
Tags: Finance, Regulatory, CNMV, MiFID II, Compliance, España, Investment Funds

### [VgV Procurement Note](https://rakenne.app/skills/vgv-procurement-note/index.md)
Erstellt und validiert den Vergabevermerk (Procurement Note) nach VgV § 8 / UVgO § 6 fuer oeffentliche Vergabeverfahren, einschliesslich nachpruefungsfester Zuschlagsbegruendung und XVergabe-Pflichtfeldvalidierung.
Tags: Procurement, Regulatory, VgV, GWB, XVergabe, Compliance, Germany

### [VIA Impact Matrix](https://rakenne.app/skills/via-impact-matrix/index.md)
Struttura i rapporti di Valutazione di Impatto Ambientale (VIA) per progetti infrastrutturali in Italia conformemente al Codice dell'Ambiente (D.Lgs. 152/2006): matrice di impatto, Studio di Impatto Ambientale (SIA), misure di mitigazione, Piano di Monitoraggio Ambientale.
Tags: Italy, Environment, VIA, Codice dell'Ambiente, Infrastructure, Compliance, Regulated Sector

### [VOB Contract Enforcer](https://rakenne.app/skills/vob-contract-enforcer/index.md)
Validiert Bauausschreibungen und Bauvertraege gegen die VOB (Vergabe- und Vertragsordnung) und DIN-Normen, einschliesslich Klauselpruefung, Leistungsverzeichnis-Struktur und Konformitaets-Checklisten.
Tags: Construction, Regulatory, VOB, DIN, Compliance, Germany

### [Whistleblower System Design (HinSchG)](https://rakenne.app/skills/whistleblower-system-design/index.md)
Erstellt Verfahrensordnungen fuer interne Meldestellen gemaess dem Hinweisgeberschutzgesetz (HinSchG). Validiert Pflichtabschnitte, gesetzliche Fristen (7 Tage Eingangsbestaetigung, 3 Monate Rueckmeldung) und die 3-Jahres-Loeschfrist.
Tags: HinSchG, Whistleblower, Compliance, Germany, Data Protection

### [Whistleblowing Investigation Report](https://rakenne.app/skills/whistleblowing-investigation-report/index.md)
Document findings of internal ethics or whistleblowing investigations for the board or audit committee, with anonymity and legal-privilege safeguards. Aligns with EU Whistleblowing Directive and Sarbanes-Oxley (SOX). Includes anonymity redactor and legal privilege tagger tools.
Tags: Whistleblowing, Compliance, EU Directive, Sarbanes-Oxley, Investigation, Legal Privilege

### [Workplace Relations (Right to Disconnect)](https://rakenne.app/skills/wrc-right-to-disconnect/index.md)
Draft internal Right to Disconnect policies and employee handbook sections for Ireland, aligned with the WRC Code of Practice (2021/2024). Includes audit of emergency-contact clauses to reduce WRC complaint risk.
Tags: Ireland, Employment, HR, Right to Disconnect, WRC, Work-life balance

### [Works Council Agreements (BetrVG)](https://rakenne.app/skills/betrvg-works-council-agreements/index.md)
Negotiation-based drafting and validation of Betriebsvereinbarungen (Works Agreements) for IT systems under the Betriebsverfassungsgesetz (BetrVG). Ensures Leistungs- und Verhaltenskontrolle (performance and behavior monitoring) clauses comply with §87 Abs. 1 Nr. 6 BetrVG and validates BDSG §26 / DSGVO Art. 88 alignment for employee data protection.
Tags: BetrVG, Works Council, HR, Employment, BDSG, Data Protection, Compliance, Germany

### [Workspace customizer](https://rakenne.app/skills/workspace-customizer/index.md)
Import, classify, and map user-uploaded corporate documents to installed skills in the workspace.
Tags: Workspace, Customization, File management, Templates

### [XLSX Tools](https://rakenne.app/skills/xlsx-tools/index.md)
Professional Excel tools for creating, reading, and manipulating .xlsx spreadsheets. Build new workbooks with full styling and formula control, extract data as Markdown or JSON, recalculate formulas, and convert between formats (CSV, PDF, ODS).
Tags: Spreadsheets, XLSX, Excel, Data Analysis

### [Zero-Knowledge / BYOK Encryption (ABA 477R/512)](https://rakenne.app/skills/zero-knowledge-byok-encryption/index.md)
Document and validate BYOK and zero-knowledge encryption architecture for legal and compliance contexts. Aligns with ABA 477R (reasonable efforts) and ABA 512 (GAI informed consent).
Tags: ABA 477R, ABA 512, Encryption, BYOK, Zero-Knowledge, Legal, Compliance, Key Management