zhongwei/gh-rohittcodes-claude-plugin-suite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b3f6bea5c2d6c98bf0aeb01c4c5e90366843ae8d
gh-rohittcodes-claude-plugi…/commands/audit.md
Zhongwei Li b3f6bea5c2 Initial commit
2025-11-30 08:52:48 +08:00

2.4 KiB
Raw Blame History

description: Perform comprehensive system audit and compliance check argument-hint: [audit-type] [compliance-framework]

System Audit Command

Perform comprehensive system audit and compliance check with detailed reporting and recommendations.

Context

  • Audit type: $1 (security|compliance|performance|all - default: all)
  • Compliance framework: $2 (GDPR|HIPAA|SOC2|ISO27001|PCI-DSS - default: SOC2)
  • System configuration: @config/
  • Security policies: @security-policies/

Audit Process

1. Security Audit

  • Vulnerability assessment and penetration testing
  • Access control and authentication review
  • Data protection and encryption validation
  • Network security and firewall configuration
  • Incident response and monitoring capabilities

2. Compliance Assessment

  • Regulatory compliance validation
  • Policy adherence verification
  • Documentation and evidence collection
  • Gap analysis and remediation planning
  • Risk assessment and mitigation strategies

3. Performance Audit

  • System performance and scalability analysis
  • Resource utilization and efficiency review
  • Capacity planning and optimization opportunities
  • Monitoring and alerting effectiveness
  • Disaster recovery and business continuity

4. Operational Audit

  • Process documentation and standardization
  • Change management and version control
  • Backup and recovery procedures
  • Training and knowledge management
  • Vendor and third-party risk assessment

Compliance Frameworks

  • GDPR: Data privacy and protection compliance
  • HIPAA: Healthcare data security requirements
  • SOC 2: Security, availability, and confidentiality
  • ISO 27001: Information security management
  • PCI DSS: Payment card industry security standards

Expected Outcome

  • Comprehensive audit report with findings
  • Compliance status and gap analysis
  • Risk assessment and prioritization
  • Remediation roadmap and timeline
  • Evidence documentation and artifacts

Audit Findings

  • Critical: Immediate action required
  • High: Address within 30 days
  • Medium: Address within 90 days
  • Low: Address within 6 months
  • Informational: Best practice recommendations

Remediation Plan

  • Immediate fixes for critical findings
  • Short-term remediation (30 days)
  • Medium-term improvements (90 days)
  • Long-term strategic initiatives (6+ months)
  • Ongoing monitoring and maintenance
Reference in New Issue View Git Blame Copy Permalink