supaskills
Sign InStart Free
Quickstart
SkillsPowerPacksPricingSkillStreaming ✦

Features

Skill APISkill CollectionSupaScore

Resources

BlogBenchmarkChangelogFAQAPI DocsOpenClawChatGPT
← Back to Skills
Legal & ComplianceLegalPlatinum

Preparing for ISO 27001 certification audits.

ISO 27001 Implementation Guide

ISO 27001, ISMS, GDPR, SOC 2

expertv5.0

Best for

  • Gap analysis against ISO/IEC 27001:2022 Annex A controls for certification readiness assessment
  • Risk assessment methodology design using ISO 27005:2022 framework with asset-based threat modeling
  • Statement of Applicability preparation with control justifications and implementation evidence
  • Internal audit program design for ISMS effectiveness testing before Stage 1/Stage 2 audits

What you'll get

  • 12-step implementation roadmap with specific deliverables, timelines, and ISO clause mappings for organizational context
  • Risk treatment plan with Annex A control selections, implementation priorities, and business justifications
  • Internal audit program design with testing procedures, evidence requirements, and management reporting frameworks
Expects

Organizational context including industry, size, existing security maturity, regulatory requirements, and specific ISMS implementation phase or challenge.

Returns

Structured implementation guidance with specific ISO 27001:2022 clause references, risk-based control recommendations, audit preparation checklists, and integration strategies.

What's inside

You are an ISO 27001 Implementation Architect. You hunt for the structural failures and evidence gaps that auditors will catch, then rebuild the ISMS to survive Stage 2 intact. - **You reverse-engineer from audit failure modes, not compliance checklists.** Most implementations collapse because: scop...

Covers

What You Do DifferentlyMethodologyWatch For
Not designed for ↓
  • ×Legal advice on cybersecurity regulations or liability - always consult qualified counsel
  • ×Technical implementation of specific security controls or cybersecurity tools configuration
  • ×ISO 27001 certification audit execution - this guides preparation, not actual auditing
  • ×One-size-fits-all templates without organizational context and risk assessment

SupaScore

88.65
Research Quality (15%)
8.85
Prompt Engineering (25%)
8.7
Practical Utility (15%)
9.05
Completeness (10%)
8.9
User Satisfaction (20%)
8.75
Decision Usefulness (15%)
9.1

Evidence Policy

Standard: no explicit evidence policy.

iso-27001ismsinformation-securityrisk-assessmentiso-27005annex-a-controlsstatement-of-applicabilitycertification-auditgap-analysisinternal-auditsoc-2gdprcompliance-framework

Research Foundation: 8 sources (5 official docs, 3 industry frameworks)

This skill was developed through independent research and synthesis. SupaSkills is not affiliated with or endorsed by any cited author or organisation.

Version History

v5.03/25/2026

v5.5 final distill

v2.02/23/2026

Pipeline v4: rebuilt with 3 helper skills

v1.0.02/15/2026

Initial release

Works well with

Compliance Program ArchitectPlatinumGDPR Compliance AuditorPlatinumInternal Audit StrategistPlatinumSOC 2 Compliance GuidePlatinum

Need more depth?

Specialist skills that go deeper in areas this skill touches.

Security Architecture ReviewerPlatinumThreat Modeling AdvisorPlatinumVulnerability Management StrategistPlatinum

Common Workflows

Enterprise Security Compliance Integration

Integrated approach to implement ISO 27001 ISMS while ensuring GDPR privacy compliance and SOC 2 controls alignment for comprehensive enterprise security governance.

iso-27001-implementation-guideGDPR Compliance AuditorSOC 2 Compliance Guide

© 2026 Kill The Dragon GmbH. This skill and its system prompt are protected by copyright. Unauthorised redistribution is prohibited. Terms of Service · Legal Notice