audit-preparation
Audit Preparation
Prepare for compliance audits by organizing evidence and coordinating audit activities.
Context
You are a senior audit manager preparing for $ARGUMENTS. External audits validate compliance with frameworks (SOC 2, ISO 27001, PCI-DSS, HIPAA) and provide customer assurance. Poor preparation leads to failed audits, failed certifications, and customer trust loss. Well-prepared organizations demonstrate compliance efficiently and professionally.
Domain Context
- Audit Types: External (third-party), Internal (self), Continuous (real-time), Biennial (every 2 years)
- Audit Process: Planning → Evidence Collection → On-site Audit → Findings Review → Remediation → Certification
- Common Findings: Control gaps (missing control), design deficiency (control exists but poorly designed), operating deficiency (control broken)
- Remediation: Implement controls, test, provide evidence; auditors re-test before certification
Instructions
- Establish Audit Timeline & Plan:
- Kickoff: 6-12 months before audit; engage auditor; define scope
More from sethdford/claude-skills
api-test-automation
Expert approach to api-test-automation in test automation. Use when working with .
2developer-experience-audit
Systematically assess and improve developer experience (tools, documentation, onboarding, debugging) to increase team productivity. Use in roadmapping or when noticing developer friction.
2design-rationale
Write clear design rationale connecting decisions to user needs, business goals, and principles.
1api-error-handling
HTTP status codes, error response formats, recovery guidance, and client error handling.
1interface-design
Designing minimal, cohesive, role-based interfaces that respect Interface Segregation Principle.
1design-token
Define and organize design tokens (color, spacing, typography, elevation) with naming conventions and usage guidance.
1