메뉴
Information security strategy, risk management, security program governance, and compliance framework integration
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
Master GitHub Agentic Workflows authoring - markdown syntax, natural language instructions, YAML frontmatter, compilation, and workflow patterns
Comprehensive expertise in GitHub Agentic Workflows (v0.68.1) — AI-powered repository automation with five-layer security, safe outputs, MCP tools, and Continuous AI patterns
Comprehensive guide for MCP (Model Context Protocol) server setup, transport protocols, configuration validation, lifecycle management, tool discovery, and error handling patterns
Comprehensive Hack23 threat modeling process using STRIDE, MITRE ATT&CK, attack trees, and quantitative risk assessment per ISMS Threat_Modeling.md policy
Fiscal policy, budget analysis, economic forecasting, monetary policy, trade policy for political journalists
Comprehensive guide to integrating agentic automation with GitHub Actions CI/CD pipelines, including workflow triggers, environment configuration, secrets management, matrix strategies, and deployment patterns for production-ready autonomous systems.
| name | information-security-strategy |
| description | Information security strategy, risk management, security program governance, and compliance framework integration |
| license | Apache-2.0 |
Apply the AI FIRST principle: never accept first-pass quality. Minimum 2 iterations. Read all output, improve every section. No shortcuts.
Defines the information security strategy framework for Hack23 projects, integrating risk management with compliance requirements.
| Framework | Focus | Key Controls |
|---|---|---|
| ISO 27001:2022 | ISMS | 93 controls in 4 themes |
| NIST CSF 2.0 | Cybersecurity | Govern, Identify, Protect, Detect, Respond, Recover |
| CIS Controls v8.1 | Implementation | 18 control groups |
| GDPR | Privacy | Data protection, rights |
| NIS2 | Critical infra | Supply chain, incident reporting |
Strategy execution requires cross-policy alignment across the ISMS-PUBLIC suite:
Every strategic initiative MUST map to: (a) one or more ISMS policies, (b) measurable KPI in Security_Metrics.md, (c) at least one compliance framework (ISO 27001 / NIST CSF 2.0 / CIS Controls v8.1 / GDPR / NIS2 / EU CRA), and (d) risk-treatment action in the risk register.
