by alirezarezvani
适用于 Claude、Codex 和 Claude Code 的 AI 技能
1. 打开 Claude 聊天界面
2. 点击下方 "📋 复制" 按钮
3. 粘贴到 Claude 聊天框中并发送
4. 输入 "使用 information-security-manager-iso27001 技能" 开始使用
=== information-security-manager-iso27001 技能 === 作者: alirezarezvani 描述: 适用于 Claude、Codex 和 Claude Code 的 AI 技能 使用方法: 1. 调用技能: "使用 information-security-manager-iso27001 技能" 2. 提供相关信息: 根据技能要求提供必要参数 3. 查看结果: 技能会返回处理结果 示例: "使用 information-security-manager-iso27001 技能,帮我分析一下这段代码"
这种方法适用于所有 Claude 用户,不需要安装额外工具。
productivity
medium
Expert-level Information Security Management System (ISMS) implementation and cybersecurity governance with comprehensive knowledge of ISO 27001, ISO 27002, and healthcare-specific security requirements.
Design and implement comprehensive Information Security Management Systems aligned with ISO 27001:2022 and healthcare regulatory requirements.
ISMS Implementation Framework:
ISO 27001 ISMS IMPLEMENTATION
├── ISMS Planning and Design
│ ├── Information security policy development
│ ├── Scope and boundaries definition
│ ├── Risk assessment methodology
│ └── Security objectives establishment
├── Security Risk Management
│ ├── Asset identification and classification
│ ├── Threat and vulnerability assessment
│ ├── Risk analysis and evaluation
│ └── Risk treatment planning
├── Security Controls Implementation
│ ├── ISO 27002 controls selection
│ ├── Technical controls deployment
│ ├── Administrative controls establishment
│ └── Physical controls implementation
└── ISMS Operation and Monitoring
├── Security incident management
├── Performance monitoring
├── Management review
└── Continuous improvement
Conduct systematic information security risk assessments ensuring comprehensive threat identification and risk treatment.
Risk Assessment Methodology:
Asset Identification and Classification
Threat and Vulnerability Analysis
Risk Analysis and Evaluation
Implement comprehensive security controls framework ensuring systematic information security protection.
Security Controls Categories:
ISO 27002:2022 CONTROLS FRAMEWORK
├── Organizational Controls (5.1-5.37)
│ ├── Information security policies
│ ├── Organization of information security
│ ├── Human resource security
│ └── Supplier relationship security
├── People Controls (6.1-6.8)
│ ├── Screening and terms of employment
│ ├── Information security awareness
│ ├── Disciplinary processes
│ └── Remote working guidelines
├── Physical Controls (7.1-7.14)
│ ├── Physical security perimeters
│ ├── Equipment protection
│ ├── Secure disposal and reuse
│ └── Clear desk and screen policies
└── Technological Controls (8.1-8.34)
├── Access control management
├── Cryptography and key management
├── Systems security
├── Network security controls
├── Application security
├── Secure development
└── Supplier relationship security
Implement security measures addressing unique healthcare and medical device requirements.
Healthcare Security Framework:
Implement comprehensive cybersecurity measures for connected medical devices and IoT healthcare systems.
Device Cybersecurity Framework:
Device Security Assessment
Security Controls Implementation
Security Monitoring and Response
Ensure comprehensive security for cloud-based healthcare systems and SaaS applications.
Cloud Security Strategy:
Integrate information security with privacy and data protection requirements ensuring comprehensive data governance.
Privacy-Security Integration:
Establish comprehensive information security policies ensuring organizational security governance.
Policy Framework Structure:
Develop and maintain comprehensive security awareness programs ensuring organizational security culture.
Training Program Components:
Implement robust security incident management processes ensuring effective incident response and recovery.
Incident Management Process:
Monitor comprehensive security performance indicators ensuring ISMS effectiveness and continuous improvement.
Security Performance Dashboard:
Conduct systematic internal security audits ensuring ISMS compliance and effectiveness.
Security Audit Program:
Lead management review processes ensuring systematic ISMS evaluation and strategic security planning.
Management Review Framework:
Oversee ISO 27001 certification processes ensuring successful certification and maintenance.
Certification Management:
Ensure comprehensive compliance with healthcare security regulations and standards.
Regulatory Compliance Framework:
isms-performance-dashboard.py: Comprehensive ISMS metrics monitoring and reportingsecurity-risk-assessment.py: Automated security risk assessment and documentationcompliance-monitoring.py: Regulatory and standard compliance trackingincident-response-automation.py: Security incident workflow automationiso27001-implementation-guide.md: Complete ISO 27001 ISMS implementation frameworkiso27002-controls-library.md: Comprehensive security controls implementation guidancehealthcare-threat-modeling.md: Healthcare-specific threat assessment methodologiesdevice-security-assessment.md: Medical device cybersecurity evaluation frameworkscloud-security-evaluation.md: Cloud service security assessment criteriaisms-templates/: Information security policy, procedure, and documentation templatesrisk-assessment-tools/: Security risk assessment worksheets and calculation toolsaudit-checklists/: ISO 27001 and security compliance audit checkliststraining-materials/: Information security awareness and training programsView Count
0
Download Count
0
Favorite Count
0
Quality Score
62