Skill Packages

Browse ready-made AI workflow skills for document elaboration, review, and structuring.

ISO 27001 Monitoring, Measurement & Evaluation

Draft and validate the Clause 9.1 report (PDCA 'Check') and Clause 6.2 objectives register: six validation tools covering KPI effectiveness, CAPA linkage for every failed control, CAPA field completeness (root cause, corrective action, owner, date, effectiveness review), cross-document audit NC reconciliation, and objectives completeness (including Clause 6.2(c) risk register linkage and Clause 6.2(h) resources).

    Learn More
    ISO 27001 Operating Procedures (SOPs)

    Create, validate, and index standard operating procedures (SOPs) for information processing facilities per ISO 27001 Control A.5.37. Produces step-by-step procedures with traceability to Annex A controls.

      Learn More
      ISO 27001 Organization Profile

      Build and validate a shared organization profile for ISO 27001 certification. Captures organizational facts (industry, locations, technology stack, regulations, suppliers) that feed into scope, risk assessment, SoA, and policy generation. Technology stack normalizer classifies systems; profile completeness checker validates all required sections.

        Learn More
        ISO 27001 Policy Generator

        Generate, validate, and maintain the core ISMS policy and procedure set for ISO 27001:2022 certification. Produces 22 document types (information security policy, ISMS manual, risk management, access control, incident management, asset management, change management, business continuity, document control, corrective action, classification and handling, cryptography, secure development, vulnerability management, remote working, backup, management responsibilities, intellectual property, data leakage prevention, network security, secure disposal, cabling security) with clause-aware templates and organization-specific tailoring.

          Learn More
          ISO 27001 Risk Assessment

          Complete ISO 27001:2022 risk assessment workflow covering methodology definition, risk identification using a 12-category threat taxonomy, risk analysis with 5×5 matrix scoring, treatment planning with Annex A control mapping, and residual risk validation. Produces auditor-ready risk methodology, risk register, treatment plan, and acceptance forms per Clause 6.1.2 and 6.1.3.

            Learn More
            ISO 27001 Secure Architecture Principles

            Document secure system architecture and engineering principles per ISO 27001 Control A.8.27. Produces a principles catalog with rationale, implementation guidance, and technology-stack applicability for development and infrastructure teams.

              Learn More
              ISO 27001 Statement of Applicability

              Build and validate the SoA (Clause 6.1.3): map 93 Annex A controls to In/Out with justification and implementation evidence. SoA mapping engine suggests inclusions from risk assessment; control justification audit ensures excluded controls have valid reasons and included controls link to active policies.

                Learn More
                ISO 27001 Supplier Information Security Policy

                Draft and validate supplier security requirements and annexes for ISO 27001:2022 Control 5.21. Tier-based Minimum Security Baseline (Cloud vs Janitorial), Right to Audit and Breach Notification validation.

                  Learn More
                  ISO 27701 Controller Controls (Annex A)

                  Implement and document ISO 27701 Clause 7 and Annex A controls specific to PII controllers. Covers conditions for collection/processing, obligations to PII principals, privacy by design/default, and PII sharing/transfer/disclosure with implementation status, evidence, and justification for exclusions.

                    Learn More
                    ISO 27701 DPIA Program

                    Establish a Data Protection Impact Assessment (DPIA) program aligned to ISO 27701 Clause 7.2.5 and GDPR Article 35. Create DPIA methodology with WP29/EDPB screening criteria, screen processing activities for high-risk triggers, conduct individual DPIAs, and track risk mitigation with residual risk assessment.

                      Learn More
                      ISO 27701 PII Processing Inventory

                      Build the PII processing inventory (Record of Processing Activities / ROPA) and data flow map for ISO 27701. Catalogs every processing activity with purpose, legal basis, data categories, PII principals, recipients, retention periods, and cross-border transfers. Produces a data flow map showing PII flows between systems, parties, and jurisdictions.

                        Learn More
                        ISO 27701 PIMS Extension Author

                        Guided elaboration of PIMS documentation as an extension to ISMS: PII processing inventory, privacy objectives, processing purposes and legal basis, controller/processor annex controls, and privacy policy drafting aligned to Clause 6 controller obligations.

                          Learn More

                          Ready to let your expertise drive the workflow?

                          Stop wrestling with rigid templates and generic chatbots. Describe your process, let the agent handle the rest.

                          Get Started Free — No Sign-Up