ISO 27001信息安全经理：自动化ISMS实施与医疗合规风险评估工具

information-security-manager-iso27001 by alirezarezvani/claude-skills

172 周安装量

6,700 GitHub Stars

GitHub

安装命令

npx skills add https://github.com/alirezarezvani/claude-skills --skill information-security-manager-iso27001

自动化法律合规安全

🇨🇳中文介绍

信息安全经理 - ISO 27001

实施和管理符合 ISO 27001:2022 及医疗保健法规要求的信息安全管理体系（ISMS）。

触发短语

当您听到以下内容时使用此技能：

"实施 ISO 27001"
"ISMS 实施"
"安全风险评估"
"信息安全策略"
"ISO 27001 认证"
"安全控制实施"
"事件响应计划"
"医疗数据安全"
"医疗器械网络安全"
"安全合规审计"

快速开始

运行安全风险评估

python scripts/risk_assessment.py --scope "patient-data-system" --output risk_register.json

检查合规状态

python scripts/compliance_checker.py --standard iso27001 --controls-file controls.csv

生成差距分析报告

python scripts/compliance_checker.py --standard iso27001 --gap-analysis --output gaps.md

广告位招租

在这里展示您的产品或服务

触达数万 AI 开发者，精准高效

联系我们

参数	必填	描述
`--scope`	是	要评估的系统或区域
`--template`	否	评估模板：`general`, `healthcare`, `cloud`
`--assets`	否	包含资产清单的 CSV 文件
`--output`	否	输出文件（默认：stdout）
`--format`	否	输出格式：`json`, `csv`, `markdown`

compliance_checker.py

验证 ISO 27001/27002 控制措施的实施状态。

# 检查所有 ISO 27001 控制措施
python scripts/compliance_checker.py --standard iso27001

# 包含建议的差距分析
python scripts/compliance_checker.py --standard iso27001 --gap-analysis

# 检查特定控制域
python scripts/compliance_checker.py --standard iso27001 --domains "access-control,cryptography"

# 导出合规报告
python scripts/compliance_checker.py --standard iso27001 --output compliance_report.md

参数	必填	描述
`--standard`	是	要检查的标准：`iso27001`, `iso27002`, `hipaa`
`--controls-file`	否	包含当前控制状态的 CSV 文件
`--gap-analysis`	否	包含补救建议
`--domains`	否	要检查的特定控制域
`--output`	否	输出文件路径

控制措施实施状态
按域划分的合规百分比
带优先级的差距分析
补救建议

工作流程 1：ISMS 实施

步骤 1：定义范围与背景

记录组织背景和 ISMS 边界：

识别相关方和需求
定义 ISMS 范围和边界
记录内部/外部议题

验证： 范围声明已由管理层审核批准。

步骤 2：执行风险评估

python scripts/risk_assessment.py --scope "full-organization" --template general --output initial_risks.json

识别信息资产
评估威胁和漏洞
计算风险等级
确定风险处理方案

验证： 风险登记册包含所有关键资产并分配了责任人。

步骤 3：选择并实施控制措施

将风险映射到 ISO 27002 控制措施：

python scripts/compliance_checker.py --standard iso27002 --gap-analysis --output control_gaps.md

组织类（策略、角色、职责）
人员类（筛选、意识、培训）
物理类（边界、设备、介质）
技术类（访问、加密、网络、应用）

验证： 适用性声明（SoA）记录了所有控制措施及其理由。

步骤 4：建立监控

定义安全指标：

事件数量和严重性趋势
控制措施有效性评分
培训完成率
审计发现关闭率

验证： 仪表板显示实时合规状态。

工作流程 2：安全风险评估

步骤 1：资产识别

创建资产清单：

资产类型	示例	分类
信息	患者记录、源代码	机密
软件	电子健康记录系统、API	关键
硬件	服务器、医疗设备	高
服务	云托管、备份	高
人员	管理员账户、开发人员	可变

验证： 所有资产均已分配责任人和分类。

步骤 2：威胁分析

按资产类别识别威胁：

资产	威胁	可能性
患者数据	未授权访问、泄露	高
医疗设备	恶意软件、篡改	中
云服务	配置错误、中断	中
凭据	钓鱼攻击、暴力破解	高

验证： 威胁模型涵盖行业前 10 大威胁。

步骤 3：漏洞评估

python scripts/risk_assessment.py --scope "network-infrastructure" --output vuln_risks.json

技术类（未打补丁的系统、弱配置）
流程类（缺失程序、差距）
人员类（缺乏培训、内部风险）

验证： 漏洞扫描结果已映射到风险登记册。

步骤 4：风险评估与处理

计算风险：风险 = 可能性 × 影响

风险等级	评分	处理
关键	20-25	需要立即行动
高	15-19	30 天内制定处理计划
中	10-14	90 天内制定处理计划
低	5-9	接受或监控
最小	1-4	接受

验证： 所有高/关键风险均已制定批准的处理计划。

工作流程 3：事件响应

步骤 1：检测与报告

安全漏洞（未授权访问）
恶意软件感染
数据泄露
系统被攻陷
策略违规

验证： 事件在检测后 15 分钟内记录。

步骤 2：分类与分级

严重性	标准	响应时间
关键	数据泄露、系统宕机	立即
高	活跃威胁、重大风险	1 小时
中	已遏制威胁、有限影响	4 小时
低	轻微违规、无影响	24 小时

验证： 已分配严重性等级，并在需要时触发升级。

步骤 3：遏制与根除

隔离受影响系统
保存证据
阻断威胁途径
清除恶意组件

验证： 已确认遏制，无持续危害。

步骤 4：恢复与经验总结

从干净备份恢复系统
重新连接前验证完整性
记录时间线和行动
进行事后审查
更新控制措施和程序

验证： 事后报告在 5 个工作日内完成。

何时使用各参考指南

references/iso27001-controls.md

SoA 的控制措施选择
实施指南
证据要求
审计准备

references/risk-assessment-guide.md

风险方法选择
资产分类标准
威胁建模方法
风险计算方法

references/incident-response.md

响应程序
升级矩阵
沟通模板
恢复清单

阶段	检查点	所需证据
范围	范围已批准	已签署的范围文件
风险	登记册完整	包含责任人的风险登记册
控制措施	SoA 已批准	适用性声明
运行	指标活跃	仪表板截图
审计	内部审计完成	审计报告

第一阶段审计前：

ISMS 范围已记录并批准
信息安全策略已发布
风险评估已完成
适用性声明已定稿
内部审计已执行
管理评审已完成
不符合项已处理

第二阶段审计前：

控制措施已实施并运行
有效性证据可用
员工已培训并具备意识
事件已记录和管理
指标已收集 3 个月以上

运行定期检查：

# 月度合规检查
python scripts/compliance_checker.py --standard iso27001 --output monthly_$(date +%Y%m).md

# 季度差距分析
python scripts/compliance_checker.py --standard iso27001 --gap-analysis --output quarterly_gaps.md

工作示例：医疗保健风险评估

场景： 评估患者数据管理系统的安全风险。

步骤 1：定义资产

python scripts/risk_assessment.py --scope "patient-data-system" --template healthcare

资产清单输出：

资产 ID	资产	类型	责任人	分类
A001	患者数据库	信息	DBA 团队	机密
A002	EHR 应用	软件	应用团队	关键
A003	数据库服务器	硬件	基础设施团队	高
A004	管理员凭据	访问	安全团队	关键

步骤 2：识别风险

风险登记册输出：

风险 ID	资产	威胁	漏洞	可能性	影响	评分
R001	A001	数据泄露	弱加密	3	5	15
R002	A002	SQL 注入	输入验证缺失	4	4	16
R003	A004	凭据窃取	无 MFA	4	5	20

步骤 3：确定处理方案

风险	处理方案	控制措施	时间线
R001	缓解	实施 AES-256 加密	30 天
R002	缓解	添加输入验证、WAF	14 天
R003	缓解	对所有管理员强制执行 MFA	7 天

步骤 4：验证实施

python scripts/compliance_checker.py --controls-file implemented_controls.csv

Control Implementation Status
=============================
Cryptography (A.8.24): IMPLEMENTED
  - AES-256 at rest: YES
  - TLS 1.3 in transit: YES

Access Control (A.8.5): IMPLEMENTED
  - MFA enabled: YES
  - Admin accounts: 100% coverage

Application Security (A.8.26): PARTIAL
  - Input validation: YES
  - WAF deployed: PENDING

Overall Compliance: 87%

🇺🇸English

Information Security Manager - ISO 27001

Implement and manage Information Security Management Systems (ISMS) aligned with ISO 27001:2022 and healthcare regulatory requirements.

Trigger Phrases
Quick Start
Tools
Workflows
Reference Guides
Validation Checkpoints

Trigger Phrases

Use this skill when you hear:

"implement ISO 27001"
"ISMS implementation"
"security risk assessment"
"information security policy"
"ISO 27001 certification"
"security controls implementation"
"incident response plan"
"healthcare data security"
"medical device cybersecurity"
"security compliance audit"

Quick Start

Run Security Risk Assessment

python scripts/risk_assessment.py --scope "patient-data-system" --output risk_register.json

Check Compliance Status

python scripts/compliance_checker.py --standard iso27001 --controls-file controls.csv

Generate Gap Analysis Report

python scripts/compliance_checker.py --standard iso27001 --gap-analysis --output gaps.md

Tools

risk_assessment.py

Automated security risk assessment following ISO 27001 Clause 6.1.2 methodology.

Usage:

# Full risk assessment
python scripts/risk_assessment.py --scope "cloud-infrastructure" --output risks.json

# Healthcare-specific assessment
python scripts/risk_assessment.py --scope "ehr-system" --template healthcare --output risks.json

# Quick asset-based assessment
python scripts/risk_assessment.py --assets assets.csv --output risks.json

Parameters:

Parameter	Required	Description
`--scope`	Yes	System or area to assess
`--template`	No	Assessment template: `general`, `healthcare`, `cloud`
`--assets`	No	CSV file with asset inventory
`--output`

Output:

Asset inventory with classification
Threat and vulnerability mapping
Risk scores (likelihood × impact)
Treatment recommendations
Residual risk calculations

compliance_checker.py

Verify ISO 27001/27002 control implementation status.

Usage:

# Check all ISO 27001 controls
python scripts/compliance_checker.py --standard iso27001

# Gap analysis with recommendations
python scripts/compliance_checker.py --standard iso27001 --gap-analysis

# Check specific control domains
python scripts/compliance_checker.py --standard iso27001 --domains "access-control,cryptography"

# Export compliance report
python scripts/compliance_checker.py --standard iso27001 --output compliance_report.md

Parameters:

Parameter	Required	Description
`--standard`	Yes	Standard to check: `iso27001`, `iso27002`, `hipaa`
`--controls-file`	No	CSV with current control status
`--gap-analysis`	No	Include remediation recommendations
`--domains`

Output:

Control implementation status
Compliance percentage by domain
Gap analysis with priorities
Remediation recommendations

Workflows

Workflow 1: ISMS Implementation

Step 1: Define Scope and Context

Document organizational context and ISMS boundaries:

Identify interested parties and requirements
Define ISMS scope and boundaries
Document internal/external issues

Validation: Scope statement reviewed and approved by management.

Step 2: Conduct Risk Assessment

python scripts/risk_assessment.py --scope "full-organization" --template general --output initial_risks.json

Identify information assets
Assess threats and vulnerabilities
Calculate risk levels
Determine risk treatment options

Validation: Risk register contains all critical assets with assigned owners.

Step 3: Select and Implement Controls

Map risks to ISO 27002 controls:

python scripts/compliance_checker.py --standard iso27002 --gap-analysis --output control_gaps.md

Control categories:

Organizational (policies, roles, responsibilities)
People (screening, awareness, training)
Physical (perimeters, equipment, media)
Technological (access, crypto, network, application)

Validation: Statement of Applicability (SoA) documents all controls with justification.

Step 4: Establish Monitoring

Define security metrics:

Incident count and severity trends
Control effectiveness scores
Training completion rates
Audit findings closure rate

Validation: Dashboard shows real-time compliance status.

Workflow 2: Security Risk Assessment

Step 1: Asset Identification

Create asset inventory:

Asset Type	Examples	Classification
Information	Patient records, source code	Confidential
Software	EHR system, APIs	Critical
Hardware	Servers, medical devices	High
Services	Cloud hosting, backup	High
People	Admin accounts, developers	Varies

Validation: All assets have assigned owners and classifications.

Step 2: Threat Analysis

Identify threats per asset category:

Asset	Threats	Likelihood
Patient data	Unauthorized access, breach	High
Medical devices	Malware, tampering	Medium
Cloud services	Misconfiguration, outage	Medium
Credentials	Phishing, brute force	High

Validation: Threat model covers top-10 industry threats.

Step 3: Vulnerability Assessment

python scripts/risk_assessment.py --scope "network-infrastructure" --output vuln_risks.json

Document vulnerabilities:

Technical (unpatched systems, weak configs)
Process (missing procedures, gaps)
People (lack of training, insider risk)

Validation: Vulnerability scan results mapped to risk register.

Step 4: Risk Evaluation and Treatment

Calculate risk: Risk = Likelihood × Impact

Risk Level	Score	Treatment
Critical	20-25	Immediate action required
High	15-19	Treatment plan within 30 days
Medium	10-14	Treatment plan within 90 days
Low	5-9	Accept or monitor
Minimal	1-4	Accept

Validation: All high/critical risks have approved treatment plans.

Workflow 3: Incident Response

Step 1: Detection and Reporting

Incident categories:

Security breach (unauthorized access)
Malware infection
Data leakage
System compromise
Policy violation

Validation: Incident logged within 15 minutes of detection.

Step 2: Triage and Classification

Severity	Criteria	Response Time
Critical	Data breach, system down	Immediate
High	Active threat, significant risk	1 hour
Medium	Contained threat, limited impact	4 hours
Low	Minor violation, no impact	24 hours

Validation: Severity assigned and escalation triggered if needed.

Step 3: Containment and Eradication

Immediate actions:

Isolate affected systems
Preserve evidence
Block threat vectors
Remove malicious artifacts

Validation: Containment confirmed, no ongoing compromise.

Step 4: Recovery and Lessons Learned

Post-incident activities:

Restore systems from clean backups
Verify integrity before reconnection
Document timeline and actions
Conduct post-incident review
Update controls and procedures

Validation: Post-incident report completed within 5 business days.

Reference Guides

When to Use Each Reference

references/iso27001-controls.md

Control selection for SoA
Implementation guidance
Evidence requirements
Audit preparation

references/risk-assessment-guide.md

Risk methodology selection
Asset classification criteria
Threat modeling approaches
Risk calculation methods

references/incident-response.md

Response procedures
Escalation matrices
Communication templates
Recovery checklists

Validation Checkpoints

ISMS Implementation Validation

Phase	Checkpoint	Evidence Required
Scope	Scope approved	Signed scope document
Risk	Register complete	Risk register with owners
Controls	SoA approved	Statement of Applicability
Operation	Metrics active	Dashboard screenshots
Audit	Internal audit done	Audit report

Certification Readiness

Before Stage 1 audit:

ISMS scope documented and approved
Information security policy published
Risk assessment completed
Statement of Applicability finalized
Internal audit conducted
Management review completed
Nonconformities addressed

Before Stage 2 audit:

Controls implemented and operational
Evidence of effectiveness available
Staff trained and aware
Incidents logged and managed
Metrics collected for 3+ months

Compliance Verification

Run periodic checks:

# Monthly compliance check
python scripts/compliance_checker.py --standard iso27001 --output monthly_$(date +%Y%m).md

# Quarterly gap analysis
python scripts/compliance_checker.py --standard iso27001 --gap-analysis --output quarterly_gaps.md

Worked Example: Healthcare Risk Assessment

Scenario: Assess security risks for a patient data management system.

Step 1: Define Assets

python scripts/risk_assessment.py --scope "patient-data-system" --template healthcare

Asset inventory output:

Asset ID	Asset	Type	Owner	Classification
A001	Patient database	Information	DBA Team	Confidential
A002	EHR application	Software	App Team	Critical
A003	Database server	Hardware	Infra Team	High
A004	Admin credentials	Access	Security	Critical

Step 2: Identify Risks

Risk register output:

Risk ID	Asset	Threat	Vulnerability	L	I	Score
R001	A001	Data breach	Weak encryption	3	5	15
R002	A002	SQL injection	Input validation	4	4	16
R003	A004	Credential theft	No MFA	4	5	20

Step 3: Determine Treatment

Risk	Treatment	Control	Timeline
R001	Mitigate	Implement AES-256 encryption	30 days
R002	Mitigate	Add input validation, WAF	14 days
R003	Mitigate	Enforce MFA for all admins	7 days

Step 4: Verify Implementation

python scripts/compliance_checker.py --controls-file implemented_controls.csv

Verification output:

Control Implementation Status
=============================
Cryptography (A.8.24): IMPLEMENTED
  - AES-256 at rest: YES
  - TLS 1.3 in transit: YES

Access Control (A.8.5): IMPLEMENTED
  - MFA enabled: YES
  - Admin accounts: 100% coverage

Application Security (A.8.26): PARTIAL
  - Input validation: YES
  - WAF deployed: PENDING

Overall Compliance: 87%

Weekly Installs

172

Repository

alirezarezvani/…e-skills

GitHub Stars

2.8K

First Seen

Jan 20, 2026

Security Audits

Gen Agent Trust HubPass SocketPass SnykPass

Installed on

claude-code153

opencode131

gemini-cli128

codex120

cursor113

github-copilot105

OpenClaw 安全 Linux 云部署指南：私有优先、SSH隧道、Podman容器化

33,700 周安装

ISO 27001信息安全经理：自动化ISMS实施与医疗合规风险评估工具

🇨🇳中文介绍

信息安全经理 - ISO 27001

目录

触发短语

快速开始

运行安全风险评估

检查合规状态

生成差距分析报告

相关 Skills

工具

risk_assessment.py

compliance_checker.py

工作流程

工作流程 1：ISMS 实施

工作流程 2：安全风险评估

工作流程 3：事件响应

参考指南

何时使用各参考指南

验证检查点

ISMS 实施验证

认证准备就绪

合规验证

工作示例：医疗保健风险评估

步骤 1：定义资产

步骤 2：识别风险

步骤 3：确定处理方案

步骤 4：验证实施

🇺🇸English

Information Security Manager - ISO 27001

Table of Contents

Trigger Phrases

Quick Start

Run Security Risk Assessment

Check Compliance Status

Generate Gap Analysis Report

Tools

risk_assessment.py

compliance_checker.py

Workflows

Workflow 1: ISMS Implementation

Workflow 2: Security Risk Assessment

Workflow 3: Incident Response

Reference Guides

When to Use Each Reference

Validation Checkpoints

ISMS Implementation Validation

Certification Readiness

Compliance Verification

Worked Example: Healthcare Risk Assessment

Step 1: Define Assets

Step 2: Identify Risks

Step 3: Determine Treatment

Step 4: Verify Implementation

最新 Skills