implementing-compliance

Implement continuous compliance with major regulatory frameworks through unified control mapping, policy-as-code enforcement, and automated evidence collection.

Modern compliance is a continuous engineering discipline requiring technical implementation of security controls. This skill provides patterns for SOC 2 Type II, HIPAA, PCI-DSS 4.0, and GDPR compliance using infrastructure-as-code, policy automation, and evidence collection. Focus on unified controls that satisfy multiple frameworks simultaneously to reduce implementation effort by 60-80%.

For detailed framework requirements, see references/soc2-controls.md, references/hipaa-safeguards.md, references/pci-dss-requirements.md, and references/gdpr-articles.md.

Implementa e mantieni la conformità con SOC 2, HIPAA, PCI-DSS e GDPR utilizzando la mappatura dei controlli unificata, l'applicazione di policy-as-code e la raccolta automatizzata di prove. Da utilizzare quando si creano sistemi che richiedono conformità normativa, si implementano controlli di sicurezza su più framework o si automatizza la preparazione degli audit. Fonte: ancoleman/ai-design-components.