PromptCreek
Sign up
Back to Skills
Legal

Compliance Tracking

Track compliance requirements and audit readiness. Trigger with "compliance", "audit prep", "SOC 2", "ISO 27001", "GDPR", "regulatory requirement", or when the user needs help tracking, preparing for, or documenting compliance activities.

$ npx promptcreek add compliance-tracking

Auto-detects your installed agents and installs the skill to each one.

What This Skill Does

This skill helps track compliance requirements, prepare for audits, and maintain regulatory readiness. It's designed for compliance officers, IT managers, and anyone responsible for ensuring their organization meets industry standards and regulations. The skill provides tools for creating control inventories, audit calendars, and evidence management systems.

When to Use

  • Prepare for a SOC 2 audit.
  • Track compliance with GDPR requirements.
  • Maintain HIPAA compliance.
  • Manage PCI DSS compliance.
  • Create a control inventory for ISO 27001.

Key Features

Provides a framework for common compliance standards.
Helps create a control inventory.
Generates an audit calendar.
Facilitates evidence management.
Performs gap analysis.
Produces compliance status dashboards.

Installation

Run in your project directory:
$ npx promptcreek add compliance-tracking

Auto-detects your installed agents (Claude Code, Cursor, Codex, etc.) and installs the skill to each one.

View Full Skill Content

Compliance Tracking

Help track compliance requirements, prepare for audits, and maintain regulatory readiness.

Common Frameworks

| Framework | Focus | Key Requirements |

|-----------|-------|-----------------|

| SOC 2 | Service organizations | Security, availability, processing integrity, confidentiality, privacy |

| ISO 27001 | Information security | Risk assessment, security controls, continuous improvement |

| GDPR | Data privacy (EU) | Consent, data rights, breach notification, DPO |

| HIPAA | Healthcare data (US) | PHI protection, access controls, audit trails |

| PCI DSS | Payment card data | Encryption, access control, vulnerability management |

Compliance Tracking Components

Control Inventory

  • Map controls to framework requirements
  • Document control owners and evidence
  • Track control effectiveness

Audit Calendar

  • Upcoming audit dates and deadlines
  • Evidence collection timelines
  • Remediation deadlines

Evidence Management

  • What evidence is needed for each control
  • Where evidence is stored
  • When evidence was last collected

Gap Analysis

  • Requirements vs. current state
  • Prioritized remediation plan
  • Timeline to compliance

Output

Produce compliance status dashboards, gap analyses, audit prep checklists, and evidence collection plans.

0Installs
0Views

Supported Agents

Claude CodeCursorCodexGemini CLIAiderWindsurfOpenClaw

Attribution

anthropics
anthropics/knowledge-work-plugins
MITadmin

Details

License
MIT
Source
admin
Published
3/18/2026

Tags

operations

Related Skills

FDA Consultant Specialist

FDA regulatory consultant for medical device companies. Provides 510(k)/PMA/De Novo pathway guidance, QSR (21 CFR 820) compliance, HIPAA assessments, and device cybersecurity. Use when user mentions FDA submission, 510(k), PMA, De Novo, QSR, premarket, predicate device, substantial equivalence, HIPAA medical device, or FDA cybersecurity.

00
Alireza Rezvani
#regulatory & quality

GDPR Dsgvo Expert

GDPR and German DSGVO compliance automation. Scans codebases for privacy risks, generates DPIA documentation, tracks data subject rights requests. Use for GDPR compliance assessments, privacy audits, data protection planning, DPIA generation, and data subject rights management.

00
Alireza Rezvani
#regulatory & quality

Brief

Generate contextual briefings for legal work — daily summary, topic research, or incident response. Use when starting your day and need a scan of legal-relevant items across email, calendar, and contracts, when researching a specific legal question across internal sources, or when a developing situation (data breach, litigation threat, regulatory inquiry) needs rapid context.

00
anthropics
#legal