Skip to main content
Jeden Skill in Manus ausführen
mit einem Klick
jusso-dev
GitHub-Creator-Profil

jusso-dev

Repository-Ansicht von 7 gesammelten Skills in 3 GitHub-Repositories.

gesammelte Skills
7
Repositories
3
aktualisiert
2026-05-28
Repository-Explorer

Repositories und repräsentative Skills

irap
Compliance-Beauftragter

Use this skill when the user asks about the Information Security Registered Assessors Program (IRAP), the IRAP Common Assessment Framework (CAF), an IRAP-registered assessor, an IRAP Security Assessment Report or Cloud Security Assessment Report, the Controls Matrix or Cloud Controls Matrix, the four CAF stages (Plan and prepare, Define the assessment boundary, Assess the controls, Produce the report), an IRAP Assessment Requirement (IRAP-AR-XXXX), implementation outcomes (Effective, Ineffective, Alternate control, Not assessed, Not applicable, No visibility, Not implemented), evidence quality (Excellent / Good / Fair / Poor), the assessment-degree matrix (Basic / Focused / Comprehensive), sampling methodologies (Random / Stratified / Risk-based / Systematic), assessment vs authorisation boundary, layered assessments (Layer 1 cloud infra / Layer 2 SaaS / Layer 3 consumer), the assessor's Conflict of Interest declaration to ASD IRAP, or the artefacts an IRAP assessor will demand (SSP, Statement of Applicabilit

2026-05-13
pspf
Compliance-Beauftragter

Use this skill when the user asks about the Protective Security Policy Framework (PSPF), a PSPF policy by number (for example "PSPF Policy 8", "Policy 10", "Core Requirement 7"), the PSPF's four security outcomes (security governance, information security, personnel security, physical security), the role of the Chief Security Officer (CSO), the accountable authority's responsibilities, classification and protective markings (UNOFFICIAL, OFFICIAL, OFFICIAL: Sensitive, PROTECTED, SECRET, TOP SECRET), or annual PSPF reporting to the Attorney-General's Department. Trigger on phrases like "what does the PSPF require", "are we PSPF compliant", "Core Requirements for personnel security", "PSPF maturity", "sensitive and classified information handling". Also trigger on PSPF-aware artefacts: agency security plans, threat assessments, fraud and corruption controls, security clearances. Do NOT trigger for non-AU protective security frameworks unless the user is explicitly asking for a mapping to or from the PSPF.

2026-05-13
essential-eight
Informationssicherheitsanalysten

Use this skill when the user asks about the Australian Cyber Security Centre's Essential Eight, the Essential Eight Maturity Model (ML1, ML2, ML3), or any of its eight mitigation strategies (application control, patch applications, configure Microsoft Office macro settings, user application hardening, restrict administrative privileges, patch operating systems, multi-factor authentication, regular backups). Trigger phrasings include "is this Essential Eight compliant", "audit against ML1 / ML2 / ML3", "what's our E8 posture", "ACSC mitigation strategy", "Essential Eight gap assessment", "Essential Eight Assessment Process Guide". Trigger on codebase signals such as application allowlisting policies (AppLocker, WDAC, fapolicyd, Gatekeeper config), patching automation, macro security GPOs, MFA wiring in auth code, and backup or restore tooling. Use it for audits, control mapping, evidence collection, SSP and SoA sections, and remediation plans. Do NOT trigger for non-AU frameworks (CIS Controls, NIST 800-53, IS

2026-05-13
3 von 3 Repositories angezeigt
Alle Repositories angezeigt