dora
SolidExpert DORA (Regulation (EU) 2022/2554 — Digital Operational Resilience Act) compliance advisor for EU financial entities. Use this skill whenever a user asks about DORA compliance, ICT risk management frameworks, ICT incident classification or reporting, threat-led penetration testing (TLPT), ICT third-party risk management, Register of Information, contractual provisions with ICT providers, ICT concentration risk, oversight of critical ICT third-party service providers (CTPPs), or any DORA RTS/ITS obligation. Also trigger for: "DORA gap analysis", "DORA readiness", "Art. 6 ICT risk framework", "Art. 17 incident reporting", "Art. 26 TLPT", "Art. 28 third-party policy", "Art. 30 contractual provisions", "Register of Information CIR 2024/2956", "critical TPSP designation", "DORA vs NIS2", "DORA simplified framework", or EBA/ESMA/EIOPA digital resilience guidance.
Install
Quality Score: 91/100
Skill Content
Details
- Author
- Sushegaad
- Repository
- Sushegaad/Claude-Skills-Governance-Risk-and-Compliance
- Created
- 2 months ago
- Last Updated
- today
- Language
- HTML
- License
- MIT
Similar Skills
Semantically similar based on skill content — not just same category
dora
EU Digital Operational Resilience Act (2022/2554) compliance — scope (financial entities + critical ICT TPPs), five pillars (ICT risk management, incident reporting, resilience testing incl. TLPT, third-party risk, information sharing), and Dutch oversight via DNB/AFM.
dpdpa
Expert India Digital Personal Data Protection Act, 2023 (DPDPA) compliance advisor. Use this skill whenever a user asks about the DPDPA, DPDP Act, DPDP Rules 2025, India data privacy law, Data Fiduciary obligations, Data Principal rights, Significant Data Fiduciary, Data Protection Board of India, consent under DPDPA, notice requirements, breach notification India, children's data India, cross-border data transfer India, India privacy compliance, DPDPA gap analysis, DPDPA vs GDPR, or any obligation under India's personal data protection framework. Also trigger for: "Section 6 consent", "Section 7 legitimate uses", "Section 9 children's data", "Section 10 SDF", "Section 16 cross-border", "Rule 6 breach notification", "Rule 13 SDF obligations", "Data Protection Board complaint", "verifiable parental consent India", "DPDPA compliance roadmap", or "India privacy law global company".
csrd
Expert CSRD (Corporate Sustainability Reporting Directive, EU 2022/2464) compliance advisor. Use this skill whenever a user asks about CSRD, European Sustainability Reporting Standards (ESRS), double materiality assessment, sustainability reporting obligations, ESG disclosure, CSRD scope and thresholds, value chain reporting, XBRL digital tagging, third-party assurance, CSRD gap assessments, CSRD implementation timelines, ESRS E1–E5 environmental standards, ESRS S1–S4 social standards, ESRS G1 governance, CSRD vs GRI/TCFD/SASB alignment, or any EU corporate sustainability reporting question. Trigger even if the user only mentions "ESG reporting Europe", "sustainability disclosure EU", or "non-financial reporting".
eu-cra
Expert EU Cyber Resilience Act (CRA) advisor for Regulation (EU) 2024/2847 — mandatory cybersecurity and vulnerability handling requirements for all products with digital elements (PDEs) sold in the EU. Use this skill for gap analysis, product classification (Default / Class I / Class II), conformity assessment route selection, CE marking, SBOM requirements, vulnerability and incident reporting to ENISA/CSIRTs, support period obligations, and manufacturer/importer/distributor duties. Trigger for EU CRA, Cyber Resilience Act, PDE compliance, Annex I requirements, SBOM EU, CE marking cybersecurity, or connected product security EU.
nis2
EU NIS2 Directive (Directive (EU) 2022/2555) compliance advisor for essential and important entities — entity classification, Art. 21 risk management measures, Art. 23 incident reporting timelines (24h/72h/1 month), Art. 20 governance obligations, supply chain security (Art. 26), gap assessments, policy drafting, ISO 27001 alignment, and penalty exposure analysis. Use for NIS2 readiness, transposition questions, ENISA guidelines, supervisory differences between essential and important entities, and cross-border coordination.