<2-3 sentences summarising what the project addresses and solves, the target audience, and the benefit.> This repository offers "Claude Skills," installable knowledge packages that significantly enhance Claude's expertise in Governance, Risk, and Compliance (GRC) domains. Targeting information security, privacy, and regulatory professionals, these skills provide expert-level guidance for frameworks like ISO 27001, SOC 2, GDPR, and HIPAA, aiming to accelerate compliance tasks and compress extensive reference work into minutes.

How It Works

Skills are packaged as .skill files containing a SKILL.md instruction file and optional reference materials. Upon conversation topic detection, the skill automatically activates, loading core instructions into Claude's context. Deeper sub-topics trigger on-demand loading of additional reference files, enabling "progressive disclosure" for efficient context use while maintaining comprehensive knowledge access.

Quick Start & Requirements

• Installation:
  • Claude Code Marketplace (Recommended): Use the Claude Code CLI: /plugin marketplace add Sushegaad/Claude-Skills-Governance-Risk-and-Compliance followed by /plugin install <skill_name>. Teams can automate distribution via .claude/settings.json.
  • Manual Upload: Download .skill files and upload via Claude's "Customize → Skills" interface. Multiple skills can be installed.
• Prerequisites: Claude AI; Claude Code CLI for marketplace installation.

Highlighted Details

• Performance: Benchmarked skills achieved a 94% ± 10% pass rate, a +22 point improvement over baseline Claude (72% ± 28%).
• Framework Coverage: Supports ISO 27001 (2013/2022), SOC 2, FedRAMP, GDPR, HIPAA, NIST CSF (2.0/1.1), PCI DSS (v4.0.1), TSA Cybersecurity Directives, and ISO 42001 (AI Management System).
• Functionality: Automates gap analyses, policy drafting, control documentation, risk assessments, SoA generation, and compliance reporting.
• Adaptability: Skills adjust output tone (plain language vs. technical/legal) and provide framework-specific details like article citations or control IDs.

Maintenance & Community

• Support: Issues and new skill requests are managed via GitHub issues.
• Community: Active engagement and positive feedback observed on Reddit.
• Author: Hemant Naik.

Licensing & Compatibility

• License: MIT License.
• Compatibility: Permissive for commercial use and integration.

Limitations & Caveats

Outputs are informational guidance, not legal/audit advice; professional review is mandatory. Guidance must be verified against the latest official regulatory publications. The TSA Cybersecurity skill uses public summaries, not classified directive text.