information-security-manager-iso27001
ISO 27001 ISMS implementation and cybersecurity governance for HealthTech and MedTech companies. Use for ISMS design, security risk assessment, control implementation, ISO 27001 certification, security audits, incident response, and compliance verification. Covers ISO 27001, ISO 27002, healthcare security, and medical device cybersecurity.
Best use case
information-security-manager-iso27001 is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
ISO 27001 ISMS implementation and cybersecurity governance for HealthTech and MedTech companies. Use for ISMS design, security risk assessment, control implementation, ISO 27001 certification, security audits, incident response, and compliance verification. Covers ISO 27001, ISO 27002, healthcare security, and medical device cybersecurity.
Teams using information-security-manager-iso27001 should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/information-security-manager-iso27001/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How information-security-manager-iso27001 Compares
| Feature / Agent | information-security-manager-iso27001 | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
ISO 27001 ISMS implementation and cybersecurity governance for HealthTech and MedTech companies. Use for ISMS design, security risk assessment, control implementation, ISO 27001 certification, security audits, incident response, and compliance verification. Covers ISO 27001, ISO 27002, healthcare security, and medical device cybersecurity.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
AI Agents for Coding
Browse AI agent skills for coding, debugging, testing, refactoring, code review, and developer workflows across Claude, Cursor, and Codex.
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
ChatGPT vs Claude for Agent Skills
Compare ChatGPT and Claude for AI agent skills across coding, writing, research, and reusable workflow execution.
SKILL.md Source
# Information Security Manager - ISO 27001 Implement and manage Information Security Management Systems (ISMS) aligned with ISO 27001:2022 and healthcare regulatory requirements. --- ## Table of Contents - [Trigger Phrases](#trigger-phrases) - [Quick Start](#quick-start) - [Tools](#tools) - [Workflows](#workflows) - [Reference Guides](#reference-guides) - [Validation Checkpoints](#validation-checkpoints) --- ## Trigger Phrases Use this skill when you hear: - "implement ISO 27001" - "ISMS implementation" - "security risk assessment" - "information security policy" - "ISO 27001 certification" - "security controls implementation" - "incident response plan" - "healthcare data security" - "medical device cybersecurity" - "security compliance audit" --- ## Quick Start ### Run Security Risk Assessment ```bash python scripts/risk_assessment.py --scope "patient-data-system" --output risk_register.json ``` ### Check Compliance Status ```bash python scripts/compliance_checker.py --standard iso27001 --controls-file controls.csv ``` ### Generate Gap Analysis Report ```bash python scripts/compliance_checker.py --standard iso27001 --gap-analysis --output gaps.md ``` --- ## Tools ### risk_assessment.py Automated security risk assessment following ISO 27001 Clause 6.1.2 methodology. **Usage:** ```bash # Full risk assessment python scripts/risk_assessment.py --scope "cloud-infrastructure" --output risks.json # Healthcare-specific assessment python scripts/risk_assessment.py --scope "ehr-system" --template healthcare --output risks.json # Quick asset-based assessment python scripts/risk_assessment.py --assets assets.csv --output risks.json ``` **Parameters:** | Parameter | Required | Description | |-----------|----------|-------------| | `--scope` | Yes | System or area to assess | | `--template` | No | Assessment template: `general`, `healthcare`, `cloud` | | `--assets` | No | CSV file with asset inventory | | `--output` | No | Output file (default: stdout) | | `--format` | No | Output format: `json`, `csv`, `markdown` | **Output:** - Asset inventory with classification - Threat and vulnerability mapping - Risk scores (likelihood × impact) - Treatment recommendations - Residual risk calculations ### compliance_checker.py Verify ISO 27001/27002 control implementation status. **Usage:** ```bash # Check all ISO 27001 controls python scripts/compliance_checker.py --standard iso27001 # Gap analysis with recommendations python scripts/compliance_checker.py --standard iso27001 --gap-analysis # Check specific control domains python scripts/compliance_checker.py --standard iso27001 --domains "access-control,cryptography" # Export compliance report python scripts/compliance_checker.py --standard iso27001 --output compliance_report.md ``` **Parameters:** | Parameter | Required | Description | |-----------|----------|-------------| | `--standard` | Yes | Standard to check: `iso27001`, `iso27002`, `hipaa` | | `--controls-file` | No | CSV with current control status | | `--gap-analysis` | No | Include remediation recommendations | | `--domains` | No | Specific control domains to check | | `--output` | No | Output file path | **Output:** - Control implementation status - Compliance percentage by domain - Gap analysis with priorities - Remediation recommendations --- ## Workflows ### Workflow 1: ISMS Implementation **Step 1: Define Scope and Context** Document organizational context and ISMS boundaries: - Identify interested parties and requirements - Define ISMS scope and boundaries - Document internal/external issues **Validation:** Scope statement reviewed and approved by management. **Step 2: Conduct Risk Assessment** ```bash python scripts/risk_assessment.py --scope "full-organization" --template general --output initial_risks.json ``` - Identify information assets - Assess threats and vulnerabilities - Calculate risk levels - Determine risk treatment options **Validation:** Risk register contains all critical assets with assigned owners. **Step 3: Select and Implement Controls** Map risks to ISO 27002 controls: ```bash python scripts/compliance_checker.py --standard iso27002 --gap-analysis --output control_gaps.md ``` Control categories: - Organizational (policies, roles, responsibilities) - People (screening, awareness, training) - Physical (perimeters, equipment, media) - Technological (access, crypto, network, application) **Validation:** Statement of Applicability (SoA) documents all controls with justification. **Step 4: Establish Monitoring** Define security metrics: - Incident count and severity trends - Control effectiveness scores - Training completion rates - Audit findings closure rate **Validation:** Dashboard shows real-time compliance status. ### Workflow 2: Security Risk Assessment **Step 1: Asset Identification** Create asset inventory: | Asset Type | Examples | Classification | |------------|----------|----------------| | Information | Patient records, source code | Confidential | | Software | EHR system, APIs | Critical | | Hardware | Servers, medical devices | High | | Services | Cloud hosting, backup | High | | People | Admin accounts, developers | Varies | **Validation:** All assets have assigned owners and classifications. **Step 2: Threat Analysis** Identify threats per asset category: | Asset | Threats | Likelihood | |-------|---------|------------| | Patient data | Unauthorized access, breach | High | | Medical devices | Malware, tampering | Medium | | Cloud services | Misconfiguration, outage | Medium | | Credentials | Phishing, brute force | High | **Validation:** Threat model covers top-10 industry threats. **Step 3: Vulnerability Assessment** ```bash python scripts/risk_assessment.py --scope "network-infrastructure" --output vuln_risks.json ``` Document vulnerabilities: - Technical (unpatched systems, weak configs) - Process (missing procedures, gaps) - People (lack of training, insider risk) **Validation:** Vulnerability scan results mapped to risk register. **Step 4: Risk Evaluation and Treatment** Calculate risk: `Risk = Likelihood × Impact` | Risk Level | Score | Treatment | |------------|-------|-----------| | Critical | 20-25 | Immediate action required | | High | 15-19 | Treatment plan within 30 days | | Medium | 10-14 | Treatment plan within 90 days | | Low | 5-9 | Accept or monitor | | Minimal | 1-4 | Accept | **Validation:** All high/critical risks have approved treatment plans. ### Workflow 3: Incident Response **Step 1: Detection and Reporting** Incident categories: - Security breach (unauthorized access) - Malware infection - Data leakage - System compromise - Policy violation **Validation:** Incident logged within 15 minutes of detection. **Step 2: Triage and Classification** | Severity | Criteria | Response Time | |----------|----------|---------------| | Critical | Data breach, system down | Immediate | | High | Active threat, significant risk | 1 hour | | Medium | Contained threat, limited impact | 4 hours | | Low | Minor violation, no impact | 24 hours | **Validation:** Severity assigned and escalation triggered if needed. **Step 3: Containment and Eradication** Immediate actions: 1. Isolate affected systems 2. Preserve evidence 3. Block threat vectors 4. Remove malicious artifacts **Validation:** Containment confirmed, no ongoing compromise. **Step 4: Recovery and Lessons Learned** Post-incident activities: 1. Restore systems from clean backups 2. Verify integrity before reconnection 3. Document timeline and actions 4. Conduct post-incident review 5. Update controls and procedures **Validation:** Post-incident report completed within 5 business days. --- ## Reference Guides ### When to Use Each Reference **references/iso27001-controls.md** - Control selection for SoA - Implementation guidance - Evidence requirements - Audit preparation **references/risk-assessment-guide.md** - Risk methodology selection - Asset classification criteria - Threat modeling approaches - Risk calculation methods **references/incident-response.md** - Response procedures - Escalation matrices - Communication templates - Recovery checklists --- ## Validation Checkpoints ### ISMS Implementation Validation | Phase | Checkpoint | Evidence Required | |-------|------------|-------------------| | Scope | Scope approved | Signed scope document | | Risk | Register complete | Risk register with owners | | Controls | SoA approved | Statement of Applicability | | Operation | Metrics active | Dashboard screenshots | | Audit | Internal audit done | Audit report | ### Certification Readiness Before Stage 1 audit: - [ ] ISMS scope documented and approved - [ ] Information security policy published - [ ] Risk assessment completed - [ ] Statement of Applicability finalized - [ ] Internal audit conducted - [ ] Management review completed - [ ] Nonconformities addressed Before Stage 2 audit: - [ ] Controls implemented and operational - [ ] Evidence of effectiveness available - [ ] Staff trained and aware - [ ] Incidents logged and managed - [ ] Metrics collected for 3+ months ### Compliance Verification Run periodic checks: ```bash # Monthly compliance check python scripts/compliance_checker.py --standard iso27001 --output monthly_$(date +%Y%m).md # Quarterly gap analysis python scripts/compliance_checker.py --standard iso27001 --gap-analysis --output quarterly_gaps.md ``` --- ## Worked Example: Healthcare Risk Assessment **Scenario:** Assess security risks for a patient data management system. ### Step 1: Define Assets ```bash python scripts/risk_assessment.py --scope "patient-data-system" --template healthcare ``` **Asset inventory output:** | Asset ID | Asset | Type | Owner | Classification | |----------|-------|------|-------|----------------| | A001 | Patient database | Information | DBA Team | Confidential | | A002 | EHR application | Software | App Team | Critical | | A003 | Database server | Hardware | Infra Team | High | | A004 | Admin credentials | Access | Security | Critical | ### Step 2: Identify Risks **Risk register output:** | Risk ID | Asset | Threat | Vulnerability | L | I | Score | |---------|-------|--------|---------------|---|---|-------| | R001 | A001 | Data breach | Weak encryption | 3 | 5 | 15 | | R002 | A002 | SQL injection | Input validation | 4 | 4 | 16 | | R003 | A004 | Credential theft | No MFA | 4 | 5 | 20 | ### Step 3: Determine Treatment | Risk | Treatment | Control | Timeline | |------|-----------|---------|----------| | R001 | Mitigate | Implement AES-256 encryption | 30 days | | R002 | Mitigate | Add input validation, WAF | 14 days | | R003 | Mitigate | Enforce MFA for all admins | 7 days | ### Step 4: Verify Implementation ```bash python scripts/compliance_checker.py --controls-file implemented_controls.csv ``` **Verification output:** ``` Control Implementation Status ============================= Cryptography (A.8.24): IMPLEMENTED - AES-256 at rest: YES - TLS 1.3 in transit: YES Access Control (A.8.5): IMPLEMENTED - MFA enabled: YES - Admin accounts: 100% coverage Application Security (A.8.26): PARTIAL - Input validation: YES - WAF deployed: PENDING Overall Compliance: 87% ```
Related Skills
social-media-manager
When the user wants to develop social media strategy, plan content calendars, manage community engagement, or grow their social presence across platforms. Also use when the user mentions 'social media strategy,' 'social calendar,' 'community management,' 'social media plan,' 'grow followers,' 'engagement rate,' 'social media audit,' or 'which platforms should I use.' For writing individual social posts, see social-content. For analyzing social performance data, see social-media-analyzer.
skill-security-auditor
Security audit and vulnerability scanner for AI agent skills before installation. Use when: (1) evaluating a skill from an untrusted source, (2) auditing a skill directory or git repo URL for malicious code, (3) pre-install security gate for Claude Code plugins, OpenClaw skills, or Codex skills, (4) scanning Python scripts for dangerous patterns like os.system, eval, subprocess, network exfiltration, (5) detecting prompt injection in SKILL.md files, (6) checking dependency supply chain risks, (7) verifying file system access stays within skill boundaries. Triggers: "audit this skill", "is this skill safe", "scan skill for security", "check skill before install", "skill security check", "skill vulnerability scan".
senior-security
Security engineering toolkit for threat modeling, vulnerability analysis, secure architecture, and penetration testing. Includes STRIDE analysis, OWASP guidance, cryptography patterns, and security scanning tools. Use when the user asks about security reviews, threat analysis, vulnerability assessments, secure coding practices, security audits, attack surface analysis, CVE remediation, or security best practices.
security-pen-testing
Use when the user asks to perform security audits, penetration testing, vulnerability scanning, OWASP Top 10 checks, or offensive security assessments. Covers static analysis, dependency scanning, secret detection, API security testing, and pen test report generation.
secrets-vault-manager
Use when the user asks to set up secret management infrastructure, integrate HashiCorp Vault, configure cloud secret stores (AWS Secrets Manager, Azure Key Vault, GCP Secret Manager), implement secret rotation, or audit secret access patterns.
release-manager
Use when the user asks to plan releases, manage changelogs, coordinate deployments, create release branches, or automate versioning.
quality-manager-qms-iso13485
ISO 13485 Quality Management System implementation and maintenance for medical device organizations. Provides QMS design, documentation control, internal auditing, CAPA management, and certification support. Use when working with medical device quality systems, preparing for ISO 13485 audits, managing regulatory compliance documentation, setting up corrective actions, or building audit preparation programs. Useful for quality management, audit preparation, regulatory compliance, medical device documentation, and corrective action workflows.
quality-manager-qmr
Senior Quality Manager Responsible Person (QMR) for HealthTech and MedTech companies. Provides quality system governance, management review leadership, regulatory compliance oversight, and quality performance monitoring per ISO 13485 Clause 5.5.2.
quality-documentation-manager
Document control system management for medical device QMS. Covers document numbering, version control, change management, and 21 CFR Part 11 compliance. Use for document control procedures, change control workflow, document numbering, version management, electronic signature compliance, or regulatory documentation review.
Product Manager
Ships outcomes, not features. Writes specs engineers actually read. Prioritizes ruthlessly. Kills darlings when the data says so. Operates at the intersection of user needs, business goals, and engineering reality.
product-manager-toolkit
Comprehensive toolkit for product managers including RICE prioritization, customer interview analysis, PRD templates, discovery frameworks, and go-to-market strategies. Use for feature prioritization, user research synthesis, requirement documentation, and product strategy development.
ms365-tenant-manager
Microsoft 365 tenant administration for Global Administrators. Automate M365 tenant setup, Office 365 admin tasks, Azure AD user management, Exchange Online configuration, Teams administration, and security policies. Generate PowerShell scripts for bulk operations, Conditional Access policies, license management, and compliance reporting. Use for M365 tenant manager, Office 365 admin, Azure AD users, Global Administrator, tenant configuration, or Microsoft 365 automation.