Skip to main content
Manusで任意のスキルを実行
ワンクリックで
GitHub リポジトリ

awesome-Australian-compliance

awesome-Australian-compliance には jusso-dev から収集した 3 個の skills があり、リポジトリ単位の職業カバレッジとサイト内 skill 詳細ページを表示します。

収集済み skills
3
Stars
2
更新
2026-05-13
Forks
0
職業カバレッジ
2 件の職業カテゴリ · 100% 分類済み
リポジトリエクスプローラー

このリポジトリの skills

irap
コンプライアンスオフィサー

Use this skill when the user asks about the Information Security Registered Assessors Program (IRAP), the IRAP Common Assessment Framework (CAF), an IRAP-registered assessor, an IRAP Security Assessment Report or Cloud Security Assessment Report, the Controls Matrix or Cloud Controls Matrix, the four CAF stages (Plan and prepare, Define the assessment boundary, Assess the controls, Produce the report), an IRAP Assessment Requirement (IRAP-AR-XXXX), implementation outcomes (Effective, Ineffective, Alternate control, Not assessed, Not applicable, No visibility, Not implemented), evidence quality (Excellent / Good / Fair / Poor), the assessment-degree matrix (Basic / Focused / Comprehensive), sampling methodologies (Random / Stratified / Risk-based / Systematic), assessment vs authorisation boundary, layered assessments (Layer 1 cloud infra / Layer 2 SaaS / Layer 3 consumer), the assessor's Conflict of Interest declaration to ASD IRAP, or the artefacts an IRAP assessor will demand (SSP, Statement of Applicabilit

2026-05-13
pspf
コンプライアンスオフィサー

Use this skill when the user asks about the Protective Security Policy Framework (PSPF), a PSPF policy by number (for example "PSPF Policy 8", "Policy 10", "Core Requirement 7"), the PSPF's four security outcomes (security governance, information security, personnel security, physical security), the role of the Chief Security Officer (CSO), the accountable authority's responsibilities, classification and protective markings (UNOFFICIAL, OFFICIAL, OFFICIAL: Sensitive, PROTECTED, SECRET, TOP SECRET), or annual PSPF reporting to the Attorney-General's Department. Trigger on phrases like "what does the PSPF require", "are we PSPF compliant", "Core Requirements for personnel security", "PSPF maturity", "sensitive and classified information handling". Also trigger on PSPF-aware artefacts: agency security plans, threat assessments, fraud and corruption controls, security clearances. Do NOT trigger for non-AU protective security frameworks unless the user is explicitly asking for a mapping to or from the PSPF.

2026-05-13
essential-eight
情報セキュリティアナリスト

Use this skill when the user asks about the Australian Cyber Security Centre's Essential Eight, the Essential Eight Maturity Model (ML1, ML2, ML3), or any of its eight mitigation strategies (application control, patch applications, configure Microsoft Office macro settings, user application hardening, restrict administrative privileges, patch operating systems, multi-factor authentication, regular backups). Trigger phrasings include "is this Essential Eight compliant", "audit against ML1 / ML2 / ML3", "what's our E8 posture", "ACSC mitigation strategy", "Essential Eight gap assessment", "Essential Eight Assessment Process Guide". Trigger on codebase signals such as application allowlisting policies (AppLocker, WDAC, fapolicyd, Gatekeeper config), patching automation, macro security GPOs, MFA wiring in auth code, and backup or restore tooling. Use it for audits, control mapping, evidence collection, SSP and SoA sections, and remediation plans. Do NOT trigger for non-AU frameworks (CIS Controls, NIST 800-53, IS

2026-05-13