Skill Packages
Browse ready-made AI workflow skills for document elaboration, review, and structuring.
ISO 27001 Business Continuity & Disaster Recovery Plan
Create operationally detailed Business Continuity Plans (BCP) and Disaster Recovery Plans (DRP) with BIA-driven recovery sequences, RTO/RPO validation, failover procedures, and exercise records per ISO 27001 Controls A.5.29/A.5.30.
Learn MoreISO 27001 Confidentiality & NDA Agreements
Create and manage confidentiality and non-disclosure agreement templates with a tracking register per ISO 27001 Control A.6.6. Covers both employee and third-party scenarios.
Learn MoreISO 27001 Critical Supplier Register
Operational register of critical suppliers with data access, SLA thresholds, BCP dependencies, security assessment history, and internal ownership. The auditor-expected evidence document that proves supply chain operational knowledge per Clause 7.5.1(b) and Controls A.5.19–A.5.22.
Learn MoreISO 27001 Gap Assessment
Perform a structured gap assessment against ISO 27001:2022 clauses 4-10 and 93 Annex A controls. Mandatory artifact detector scans for missing ISMS documents; maturity rating tool suggests 0-5 maturity levels per clause area. Produces findings register and remediation roadmap.
Learn MoreISO 27001 ISMS Annual Maintenance & Surveillance Audit Prep
Prepare for annual ISO 27001 surveillance audits by reviewing and updating existing ISMS documents. Scans documents for freshness, assesses organizational changes, performs delta risk re-assessment, updates SoA, reconciles CAPAs from prior audits, assembles surveillance audit evidence pack, scores audit readiness across 10 dimensions, and produces a year-over-year ISMS health report. Designed for certified organizations maintaining their ISMS between recertification cycles.
Learn MoreISO 27001 Legal & Regulatory Requirements Register
Identify, document, and track all legal, statutory, regulatory, and contractual requirements relevant to information security per ISO 27001 Control A.5.31.
Learn MoreISO 27001 Management Review
Prepare, validate, and document the ISO 27001:2022 management review per Clause 9.3. Compiles input pack from workspace ISMS artifacts, validates all 10 mandatory input categories (Clause 9.3.2) and 3 required output decisions (Clause 9.3.3), and checks that every action has an owner, due date, and expected outcome. Produces review agenda, input pack, minutes, and action tracker.
Learn MoreISO 27001 Monitoring, Measurement & Evaluation
Draft and validate the Clause 9.1 report (PDCA 'Check') and Clause 6.2 objectives register: six validation tools covering KPI effectiveness, CAPA linkage for every failed control, CAPA field completeness (root cause, corrective action, owner, date, effectiveness review), cross-document audit NC reconciliation, and objectives completeness (including Clause 6.2(c) risk register linkage and Clause 6.2(h) resources).
Learn MoreISO 27001 Operating Procedures (SOPs)
Create, validate, and index standard operating procedures (SOPs) for information processing facilities per ISO 27001 Control A.5.37. Produces step-by-step procedures with traceability to Annex A controls.
Learn MoreISO 27001 Organization Profile
Build and validate a shared organization profile for ISO 27001 certification. Captures organizational facts (industry, locations, technology stack, regulations, suppliers) that feed into scope, risk assessment, SoA, and policy generation. Technology stack normalizer classifies systems; profile completeness checker validates all required sections.
Learn MoreISO 27001 Policy Generator
Generate, validate, and maintain the core ISMS policy and procedure set for ISO 27001:2022 certification. Produces 22 document types (information security policy, ISMS manual, risk management, access control, incident management, asset management, change management, business continuity, document control, corrective action, classification and handling, cryptography, secure development, vulnerability management, remote working, backup, management responsibilities, intellectual property, data leakage prevention, network security, secure disposal, cabling security) with clause-aware templates and organization-specific tailoring.
Learn MoreISO 27001 Risk Assessment
Complete ISO 27001:2022 risk assessment workflow covering methodology definition, risk identification using a 12-category threat taxonomy, risk analysis with 5×5 matrix scoring, treatment planning with Annex A control mapping, and residual risk validation. Produces auditor-ready risk methodology, risk register, treatment plan, and acceptance forms per Clause 6.1.2 and 6.1.3.
Learn More