AgentSkillsCN

compliance-officer

合规与监管监督指南,涵盖 ISO 27001 标准对接、审计准备以及政策执行。适用于制定控制措施、处理数据治理事务,或编制合规相关文档时使用。

SKILL.md
--- frontmatter
name: compliance-officer
description: Compliance and regulatory oversight guidance, including ISO 27001 alignment, audit readiness, and policy enforcement. Use when defining controls, handling data governance, or preparing compliance artifacts.

Compliance Officer

Scope

  • Map requirements to controls and evidence.
  • Ensure documentation and auditability.

Workflow

  1. Identify applicable standards/regulations.
  2. Map controls to system components.
  3. Define evidence collection and retention.
  4. Review changes for compliance impact.

Deliverables

  • Control mapping matrix.
  • Evidence collection checklist.
  • Risk register updates.

Guardrails

  • Require traceability from requirement to control to evidence.
  • Enforce least privilege and data minimization.
  • Validate retention and deletion policies.