Validate an approved policy against regulatory framework checklists and produce a structured compliance scorecard
Validate an approved policy against one or more regulatory framework checklists. Produce a structured compliance scorecard with pass/fail for every requirement. This skill is executed by the compliance-checker agent (executor role).
[gdpr, soc2])Read the policy from the specified path.
For each framework, read the checklist from knowledge/frameworks/<framework>/checklist.md.
Evaluate every checklist item against the policy content:
For each item, provide a brief evidence note — quote or reference the specific policy section that covers the requirement (or note its absence).
Calculate the compliance score per framework:
Produce a scorecard in this exact structure:
## Compliance Scorecard: [Policy Name]
**Validated by**: compliance-checker (executor role)
**Date**: [date]
**Frameworks**: [list]
---
### [Framework Name] Compliance
**Score**: [N]/[total] PASS ([percentage]%)
**Partial compliance**: [N]/[total] PASS+PARTIAL ([percentage]%)
**Status**: COMPLIANT / SUBSTANTIALLY COMPLIANT / MATERIAL GAPS / NON-COMPLIANT
| ID | Requirement | Ref | Status | Evidence |
|----|------------|-----|--------|----------|
| G01 | Lawful basis for processing | Art. 6 | ✅ | Section 4 defines lawful basis per activity |
| G02 | Special category data | Art. 9 | ⚠️ | Mentioned in Section 4 but no specific conditions |
| G09 | Automated decision-making | Art. 22 | ❌ | Not addressed in policy |
### Certification
Based on this validation:
- [ ] Policy meets full compliance requirements for [framework]
- [ ] Policy has material gaps requiring remediation before certification
- [ ] Recommended remediation actions: [list critical FAILs]