c-level-advisor/

compliance_roadmap

**Start here — who are your customers?**

compliance roadmap

Content Preview

# Compliance Roadmap Reference

## Decision Framework: Which Framework First?

**Start here — who are your customers?**

```
Enterprise SaaS (B2B, US market)  →  SOC 2 Type II first
Healthcare / health data           →  HIPAA + SOC 2 together
EU customers or EU-resident data   →  GDPR (non-optional if applicable)
EU enterprise sales                →  ISO 27001 + GDPR
Government / defense               →  FedRAMP / CMMC (separate scope)
All of the above (Series B+)       →  Multi-framework effici

How to Use

Recommended: Install to project (local)

mkdir -p .claude/skills
curl -o .claude/skills/compliance_roadmap.md \
  https://raw.githubusercontent.com/alirezarezvani/claude-skills/main/c-level-advisor/ciso-advisor/references/compliance_roadmap.md

Skill is scoped to this project only. Add .claude/skills/ to your .gitignoreif you don't want to commit it.

Alternative: Clone full repo

git clone https://github.com/alirezarezvani/claude-skills

Then reference at c-level-advisor/ciso-advisor/references/compliance_roadmap.md

Related Skills

Checking Infrastructure Compliance

This skill allows Claude to check infrastructure compliance against industry standards such as SOC2, HIPAA, and PCI-DSS. It analyzes existing infrastructure configurations and reports on potential compliance violations. Use this skill when the user asks to assess compliance, identify security risks

skill-adapterchecking infrastructure compliance

by jeremylongshore · plugins-plus-skills

Generating Compliance Reports

This skill enables Claude to generate compliance reports based on various security standards and frameworks. It leverages the compliance-report-generator plugin to automate the report creation process. Use this skill when a user requests a "compliance report", "security audit report", or needs docum

skill-adaptergenerating compliance reports

by jeremylongshore · plugins-plus-skills

Scanning for GDPR Compliance

This skill enables Claude to scan applications and data systems for GDPR compliance issues. It identifies potential violations related to data protection, privacy rights, consent management, and other regulatory requirements. Use this skill when the user asks to "scan for GDPR compliance", check "GD

skill-adapterscanning for gdpr compliance

by jeremylongshore · plugins-plus-skills

Checking HIPAA Compliance

This skill enables Claude to automatically check for HIPAA (Health Insurance Portability and Accountability Act) compliance issues in codebases, infrastructure configurations, and documentation. It leverages the hipaa-compliance-checker plugin to identify potential violations related to data privacy

skill-adapterchecking hipaa compliance

by jeremylongshore · plugins-plus-skills