If you're running ISO 27001 audits or prepping for certification, this gives you a structured framework for the whole process. It covers risk-based audit planning, control testing across all ISO 27002 domains, and integrates technical security assessments like vulnerability scanning and pentesting. The competency frameworks and decision trees are genuinely useful for figuring out audit scope and prioritization. It's built for both internal ISMS audits and external audit preparation, with specific guidance on cloud security auditing and compliance frameworks like HIPAA and PCI DSS. The references to technical testing scripts suggest it can coordinate hands-on security verification alongside the compliance checks.
npx skills add https://github.com/davila7/claude-code-templates --skill isms-audit-expert