From 03da94c256d4339ecca4aafc01a4d37289f1fb10 Mon Sep 17 00:00:00 2001 From: juliosuas Date: Tue, 17 Mar 2026 10:27:57 -0600 Subject: [PATCH] Add NIST CSF 2.0 categories to compliance-governance skills (fixes #2) --- skills/implementing-gdpr-data-protection-controls/SKILL.md | 1 + .../SKILL.md | 1 + skills/implementing-pci-dss-compliance-controls/SKILL.md | 1 + skills/performing-nist-csf-maturity-assessment/SKILL.md | 1 + skills/performing-soc2-type2-audit-preparation/SKILL.md | 1 + 5 files changed, 5 insertions(+) diff --git a/skills/implementing-gdpr-data-protection-controls/SKILL.md b/skills/implementing-gdpr-data-protection-controls/SKILL.md index eb660f7f..4127acda 100644 --- a/skills/implementing-gdpr-data-protection-controls/SKILL.md +++ b/skills/implementing-gdpr-data-protection-controls/SKILL.md @@ -4,6 +4,7 @@ description: The General Data Protection Regulation (EU) 2016/679 (GDPR) is the domain: cybersecurity subdomain: compliance-governance tags: [compliance, governance, gdpr, privacy, data-protection, eu-regulation] +nist_csf: [GV.OC, GV.PO, GV.RR, ID.AM, PR.AA, PR.DS, RS.CO, RS.MA] version: "1.0" author: mahipal license: Apache-2.0 diff --git a/skills/implementing-iso-27001-information-security-management/SKILL.md b/skills/implementing-iso-27001-information-security-management/SKILL.md index 11540f3c..fdc4d84a 100644 --- a/skills/implementing-iso-27001-information-security-management/SKILL.md +++ b/skills/implementing-iso-27001-information-security-management/SKILL.md @@ -4,6 +4,7 @@ description: ISO/IEC 27001:2022 is the international standard for establishing, domain: cybersecurity subdomain: compliance-governance tags: [compliance, governance, iso27001, isms, risk-management, certification] +nist_csf: [GV.OC, GV.RM, GV.RR, GV.PO, GV.OV, ID.RA, PR.AA, PR.DS] version: "1.0" author: mahipal license: Apache-2.0 diff --git a/skills/implementing-pci-dss-compliance-controls/SKILL.md b/skills/implementing-pci-dss-compliance-controls/SKILL.md index f4c355e5..13cc0dec 100644 --- a/skills/implementing-pci-dss-compliance-controls/SKILL.md +++ b/skills/implementing-pci-dss-compliance-controls/SKILL.md @@ -4,6 +4,7 @@ description: PCI DSS 4.0.1 establishes 12 requirements across 6 control objectiv domain: cybersecurity subdomain: compliance-governance tags: [compliance, governance, pci-dss, payment-security, cardholder-data] +nist_csf: [GV.PO, ID.RA, PR.AA, PR.DS, PR.PS, DE.CM, DE.AE] version: "1.0" author: mahipal license: Apache-2.0 diff --git a/skills/performing-nist-csf-maturity-assessment/SKILL.md b/skills/performing-nist-csf-maturity-assessment/SKILL.md index a493bcce..66ecadc1 100644 --- a/skills/performing-nist-csf-maturity-assessment/SKILL.md +++ b/skills/performing-nist-csf-maturity-assessment/SKILL.md @@ -4,6 +4,7 @@ description: The NIST Cybersecurity Framework (CSF) 2.0, released in February 20 domain: cybersecurity subdomain: compliance-governance tags: [compliance, governance, nist, csf, maturity-assessment, risk-management] +nist_csf: [GV.OC, GV.RM, GV.RR, GV.PO, GV.OV, GV.SC, ID.AM, ID.RA, ID.IM, PR.AA, PR.DS, PR.PS, PR.IR, DE.CM, DE.AE, RS.MA, RS.AN, RS.CO, RS.MI, RC.RP] version: "1.0" author: mahipal license: Apache-2.0 diff --git a/skills/performing-soc2-type2-audit-preparation/SKILL.md b/skills/performing-soc2-type2-audit-preparation/SKILL.md index cb53e3a6..226b771e 100644 --- a/skills/performing-soc2-type2-audit-preparation/SKILL.md +++ b/skills/performing-soc2-type2-audit-preparation/SKILL.md @@ -4,6 +4,7 @@ description: SOC 2 Type II audit preparation involves designing, implementing, a domain: cybersecurity subdomain: compliance-governance tags: [compliance, governance, soc2, audit, trust-services-criteria, aicpa] +nist_csf: [GV.OC, GV.RM, GV.RR, GV.PO, GV.OV, ID.RA, PR.AA, PR.DS, DE.CM, DE.AE, RS.MA] version: "1.0" author: mahipal license: Apache-2.0