Hack23 ISMS Compliance Skill

Purpose

This skill ensures all code, documentation, and configurations comply with Hack23's Information Security Management System (ISMS) aligned with ISO 27001:2022, NIST CSF 2.0, and CIS Controls v8.1.

Strategic Principles

1. Security by Design

• Security is integrated from the start, not added later
• Every design decision considers security implications
• Defense-in-depth is mandatory
• Least privilege is the default

2. Compliance as Code

• All compliance requirements are codified and automated
• Documentation is evidence
• Controls are verifiable through automation
• Audit readiness is continuous, not periodic