AgentSkillsCN

control-mapping

将NIST控制措施映射至FedRAMP要求并加以记录。在协助实施控制措施、进行合规映射、对安全基线进行校准,或深入理解控制要求时使用。

SKILL.md
--- frontmatter
name: control-mapping
description: Maps NIST controls to FedRAMP requirements and documents. Use when helping with control implementation, compliance mapping, security baseline alignment, or understanding control requirements.

When mapping controls:

  1. Cross-reference NIST SP 800-53 control definitions with FedRAMP MAS/ADS/VDR documents
  2. Identify baseline control families (AC, AU, CA, CM, CP, IA, IR, MA, MP, PE, PL, PM, PS, RA, SA, SC, SI, SR)
  3. Show control-to-document guidance relationships
  4. Flag any control gaps or special FedRAMP-specific considerations
  5. Provide implementation examples from FedRAMP guidance
  6. Include control enhancements where applicable

Use the fedramp-docs MCP server tools:

  • list_controls to get control mappings filtered by family or control ID
  • grep_controls_in_markdown to find control references in guidance docs
  • search_markdown to find implementation guidance
  • get_significant_change_guidance for change-related controls