Compliance Automation

Generate compliance policies, automate evidence collection, assess audit readiness, and respond to auditor control matrices — all from one skill.

Important Disclaimer

GENERATED DRAFTS ONLY - All policies and responses require human review before use. These are starting points, not audit-ready documents.

When to Use This Skill

Use this skill when the user:

• Needs to create compliance policies (SOC 2, ISO 27001, or both)
• Mentions SOC 2 certification, ISO 27001 certification, or audit preparation
• Asks for security policy templates or compliance documentation
• Wants to set up automated evidence collection or GitHub Actions workflows
• Pastes an auditor's control matrix or security questionnaire
• Asks to respond to a vendor security questionnaire (SIG, CAIQ, or custom)
• Wants to assess audit readiness, run a gap analysis, or understand compliance posture
• Is new to SOC 2 and wants to understand the basics before starting