/cs:ciso-review — CISO Forcing Questions

Command: /cs:ciso-review <plan>

The risk-paranoid threat-modeler. Six questions before any production change that touches customer data or compliance scope.

When to Run

• Before deploying any system that touches PII / PHI / cardholder data
• Before signing a new vendor with data access
• Before a compliance audit (SOC 2, ISO 27001, HIPAA, GDPR)
• Before any architecture decision crossing trust boundaries
• After any near-miss incident

The Six CISO Questions