information-security-manager-iso27001ISO 27001 ISMS implementation and cybersecurity governance for HealthTech and MedTech companies. Use for ISMS design, security risk assessment, control implementation, ISO 27001 certification, security audits, incident response, and compliance verification. Covers ISO 27001, ISO 27002, healthcare security, and medical device cybersecurity.
Install via ClawdBot CLI:
clawdbot install alirezarezvani/information-security-manager-iso27001Implement and manage Information Security Management Systems (ISMS) aligned with ISO 27001:2022 and healthcare regulatory requirements.
Use this skill when you hear:
python scripts/risk_assessment.py --scope "patient-data-system" --output risk_register.jsonpython scripts/compliance_checker.py --standard iso27001 --controls-file controls.csvpython scripts/compliance_checker.py --standard iso27001 --gap-analysis --output gaps.mdAutomated security risk assessment following ISO 27001 Clause 6.1.2 methodology.
Usage:
# Full risk assessment
python scripts/risk_assessment.py --scope "cloud-infrastructure" --output risks.json
# Healthcare-specific assessment
python scripts/risk_assessment.py --scope "ehr-system" --template healthcare --output risks.json
# Quick asset-based assessment
python scripts/risk_assessment.py --assets assets.csv --output risks.jsonParameters:
| Parameter | Required | Description |
|-----------|----------|-------------|
| --scope | Yes | System or area to assess |
| --template | No | Assessment template: general, healthcare, cloud |
| --assets | No | CSV file with asset inventory |
| --output | No | Output file (default: stdout) |
| --format | No | Output format: json, csv, markdown |
Output:
Verify ISO 27001/27002 control implementation status.
Usage:
# Check all ISO 27001 controls
python scripts/compliance_checker.py --standard iso27001
# Gap analysis with recommendations
python scripts/compliance_checker.py --standard iso27001 --gap-analysis
# Check specific control domains
python scripts/compliance_checker.py --standard iso27001 --domains "access-control,cryptography"
# Export compliance report
python scripts/compliance_checker.py --standard iso27001 --output compliance_report.mdParameters:
| Parameter | Required | Description |
|-----------|----------|-------------|
| --standard | Yes | Standard to check: iso27001, iso27002, hipaa |
| --controls-file | No | CSV with current control status |
| --gap-analysis | No | Include remediation recommendations |
| --domains | No | Specific control domains to check |
| --output | No | Output file path |
Output:
Step 1: Define Scope and Context
Document organizational context and ISMS boundaries:
Validation: Scope statement reviewed and approved by management.
Step 2: Conduct Risk Assessment
python scripts/risk_assessment.py --scope "full-organization" --template general --output initial_risks.jsonValidation: Risk register contains all critical assets with assigned owners.
Step 3: Select and Implement Controls
Map risks to ISO 27002 controls:
python scripts/compliance_checker.py --standard iso27002 --gap-analysis --output control_gaps.mdControl categories:
Validation: Statement of Applicability (SoA) documents all controls with justification.
Step 4: Establish Monitoring
Define security metrics:
Validation: Dashboard shows real-time compliance status.
Step 1: Asset Identification
Create asset inventory:
| Asset Type | Examples | Classification |
|------------|----------|----------------|
| Information | Patient records, source code | Confidential |
| Software | EHR system, APIs | Critical |
| Hardware | Servers, medical devices | High |
| Services | Cloud hosting, backup | High |
| People | Admin accounts, developers | Varies |
Validation: All assets have assigned owners and classifications.
Step 2: Threat Analysis
Identify threats per asset category:
| Asset | Threats | Likelihood |
|-------|---------|------------|
| Patient data | Unauthorized access, breach | High |
| Medical devices | Malware, tampering | Medium |
| Cloud services | Misconfiguration, outage | Medium |
| Credentials | Phishing, brute force | High |
Validation: Threat model covers top-10 industry threats.
Step 3: Vulnerability Assessment
python scripts/risk_assessment.py --scope "network-infrastructure" --output vuln_risks.jsonDocument vulnerabilities:
Validation: Vulnerability scan results mapped to risk register.
Step 4: Risk Evaluation and Treatment
Calculate risk: Risk = Likelihood × Impact
| Risk Level | Score | Treatment |
|------------|-------|-----------|
| Critical | 20-25 | Immediate action required |
| High | 15-19 | Treatment plan within 30 days |
| Medium | 10-14 | Treatment plan within 90 days |
| Low | 5-9 | Accept or monitor |
| Minimal | 1-4 | Accept |
Validation: All high/critical risks have approved treatment plans.
Step 1: Detection and Reporting
Incident categories:
Validation: Incident logged within 15 minutes of detection.
Step 2: Triage and Classification
| Severity | Criteria | Response Time |
|----------|----------|---------------|
| Critical | Data breach, system down | Immediate |
| High | Active threat, significant risk | 1 hour |
| Medium | Contained threat, limited impact | 4 hours |
| Low | Minor violation, no impact | 24 hours |
Validation: Severity assigned and escalation triggered if needed.
Step 3: Containment and Eradication
Immediate actions:
Validation: Containment confirmed, no ongoing compromise.
Step 4: Recovery and Lessons Learned
Post-incident activities:
Validation: Post-incident report completed within 5 business days.
references/iso27001-controls.md
references/risk-assessment-guide.md
references/incident-response.md
| Phase | Checkpoint | Evidence Required |
|-------|------------|-------------------|
| Scope | Scope approved | Signed scope document |
| Risk | Register complete | Risk register with owners |
| Controls | SoA approved | Statement of Applicability |
| Operation | Metrics active | Dashboard screenshots |
| Audit | Internal audit done | Audit report |
Before Stage 1 audit:
Before Stage 2 audit:
Run periodic checks:
# Monthly compliance check
python scripts/compliance_checker.py --standard iso27001 --output monthly_$(date +%Y%m).md
# Quarterly gap analysis
python scripts/compliance_checker.py --standard iso27001 --gap-analysis --output quarterly_gaps.mdScenario: Assess security risks for a patient data management system.
python scripts/risk_assessment.py --scope "patient-data-system" --template healthcareAsset inventory output:
| Asset ID | Asset | Type | Owner | Classification |
|----------|-------|------|-------|----------------|
| A001 | Patient database | Information | DBA Team | Confidential |
| A002 | EHR application | Software | App Team | Critical |
| A003 | Database server | Hardware | Infra Team | High |
| A004 | Admin credentials | Access | Security | Critical |
Risk register output:
| Risk ID | Asset | Threat | Vulnerability | L | I | Score |
|---------|-------|--------|---------------|---|---|-------|
| R001 | A001 | Data breach | Weak encryption | 3 | 5 | 15 |
| R002 | A002 | SQL injection | Input validation | 4 | 4 | 16 |
| R003 | A004 | Credential theft | No MFA | 4 | 5 | 20 |
| Risk | Treatment | Control | Timeline |
|------|-----------|---------|----------|
| R001 | Mitigate | Implement AES-256 encryption | 30 days |
| R002 | Mitigate | Add input validation, WAF | 14 days |
| R003 | Mitigate | Enforce MFA for all admins | 7 days |
python scripts/compliance_checker.py --controls-file implemented_controls.csvVerification output:
Control Implementation Status
=============================
Cryptography (A.8.24): IMPLEMENTED
- AES-256 at rest: YES
- TLS 1.3 in transit: YES
Access Control (A.8.5): IMPLEMENTED
- MFA enabled: YES
- Admin accounts: 100% coverage
Application Security (A.8.26): PARTIAL
- Input validation: YES
- WAF deployed: PENDING
Overall Compliance: 87%Generated Mar 1, 2026
A startup developing a telehealth platform needs to achieve ISO 27001 certification to meet client and regulatory requirements. This skill helps design the ISMS, conduct risk assessments on patient data and cloud infrastructure, and implement controls for certification readiness, ensuring secure handling of sensitive health information.
A manufacturer of connected medical devices must perform a security audit to comply with FDA cybersecurity guidelines and ISO 27001 standards. The skill assists in assessing device vulnerabilities, implementing controls from ISO 27002, and generating gap analysis reports to address security gaps before product launch.
A hospital or clinic needs to develop and test an incident response plan to protect electronic health records (EHR) from breaches. This skill supports risk assessment of patient data systems, creation of response procedures, and compliance verification with healthcare regulations like HIPAA alongside ISO 27001.
A company offering cloud-hosted health analytics services must verify ongoing compliance with ISO 27001 and healthcare standards. The skill enables automated compliance checks, monitoring of control effectiveness, and generation of real-time dashboards to demonstrate security posture to auditors and clients.
A medical research institution handling sensitive clinical trial data requires an ISMS to secure information assets. This skill guides scope definition, risk assessment of research systems, and implementation of organizational and technological controls to safeguard data integrity and confidentiality.
Offer ongoing ISO 27001 compliance and monitoring services to HealthTech companies on a monthly or annual subscription. This includes regular risk assessments, automated compliance checks, and incident response support, providing steady revenue from clients needing continuous security management.
Provide one-time projects for organizations seeking ISO 27001 certification, including ISMS design, gap analysis, and audit preparation. Charge fixed or milestone-based fees, targeting startups and mid-sized companies in healthcare that require certification for market entry or contracts.
License the automated tools (e.g., risk_assessment.py, compliance_checker.py) as standalone software or SaaS to internal security teams. Offer tiered pricing based on features like healthcare-specific templates or advanced reporting, generating revenue from tool usage and updates.
💬 Integration Tip
Integrate this skill with existing IT systems by using the provided scripts to automate risk assessments and compliance checks, ensuring data flows from asset inventories to generate real-time security dashboards.
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
Perform a comprehensive read-only security audit of Clawdbot's own configuration. This is a knowledge-based skill that teaches Clawdbot to identify hardening opportunities across the system. Use when user asks to "run security check", "audit clawdbot", "check security hardening", or "what vulnerabilities does my Clawdbot have". This skill uses Clawdbot's internal capabilities and file system access to inspect configuration, detect misconfigurations, and recommend remediations. It is designed to be extensible - new checks can be added by updating this skill's knowledge.
Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.
Security check for ClawHub skills powered by Koi. Query the Clawdex API before installing any skill to verify it's safe.
Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.