millitool
ra-qm-team/

security-control-testing

Security Control Testing Guide

securitycontroltesting
Content Preview
# Security Control Testing Guide

Technical verification procedures for ISO 27002 control assessment.

---

## Table of Contents

- [Control Testing Approach](#control-testing-approach)
- [Organizational Controls (A.5)](#organizational-controls-a5)
- [People Controls (A.6)](#people-controls-a6)
- [Physical Controls (A.7)](#physical-controls-a7)
- [Technological Controls (A.8)](#technological-controls-a8)

---

## Control Testing Approach

### Testing Methods

| Method | Description | When to Use
How to Use

Recommended: Install to project (local)

mkdir -p .claude/skills
curl -o .claude/skills/security-control-testing.md \
  https://raw.githubusercontent.com/alirezarezvani/claude-skills/main/ra-qm-team/isms-audit-expert/references/security-control-testing.md

Skill is scoped to this project only. Add .claude/skills/ to your .gitignoreif you don't want to commit it.

Alternative: Clone full repo

git clone https://github.com/alirezarezvani/claude-skills

Then reference at ra-qm-team/isms-audit-expert/references/security-control-testing.md

Related Skills

cloud-security-audit
Assessment framework for cloud service security verification.
ra-qm-teamcloudsecurityaudit

by alirezarezvani · alirezarezvani-claude-skills

Scanning Container Security
This skill enables Claude to scan container images and running containers for vulnerabilities using tools like Trivy and Snyk. It identifies potential security risks in container environments. Use this skill when the user requests a security assessment of a container image, asks to identify vulnerab
skill-adapterscanning container security

by jeremylongshore · plugins-plus-skills

Scanning Database Security
This skill enables Claude to perform comprehensive database security scans using the database-security-scanner plugin. It is triggered when the user requests a security assessment of a database, including identifying vulnerabilities like weak passwords, SQL injection risks, and insecure configuratio
skill-adapterscanning database security

by jeremylongshore · plugins-plus-skills

Performing Security Code Review
This skill enables Claude to conduct a security-focused code review using the security-agent plugin. It analyzes code for potential vulnerabilities like SQL injection, XSS, authentication flaws, and insecure dependencies. Claude uses this skill when the user explicitly requests a security audit, ask
skill-adapterperforming security code review

by jeremylongshore · plugins-plus-skills