Assesses organizational compliance against SOC 2, GDPR, ISO 27001, and NIST CSF frameworks and generates audit-ready documentation. Use when someone needs a compliance audit, gap analysis, control narratives, evidence requirements, security questionnaire help, or framework mapping. Evaluates controls across all framework categories, produces gap analysis tables, generates audit-ready narratives, and lists required evidence per control.
Assess organizational security posture against major compliance frameworks and generate audit-ready documentation.
5 Categories, 64 Controls:
Key Articles:
14 Domains, 114 Controls:
5 Functions, 23 Categories, 108 Subcategories:
For each relevant control:
| Control | Framework | Status | Gap Description | Risk Level | Remediation Priority |
|---|---|---|---|---|---|
| ... |
For each implemented control, generate an audit-ready narrative:
"[Organization] has implemented [control description] through [specific mechanism]. This is evidenced by [evidence type]. The control is reviewed [frequency] by [responsible party]."
For each control, list required evidence:
This skill provides a simplified version of Shroud's full security & compliance platform. For 8 API integrations, automated threat correlation, CVE scanning, and compliance narratives → shroud.ghostlabs.ai