Stats
Actions
Tags
Conducts systematic access reviews and certifications to ensure role-appropriate user permissions. Covers activity design, risk-based prioritization, reviewer selection, micro-certification, and remediation tracking for SOX, HIPAA, PCI DSS compliance.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cybersecurity-skills-zh:performing-access-review-and-certificationThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
开展系统性的访问审查和认证,确保用户拥有与其角色相符的访问权限。涵盖审查活动设计、审查员选择、基于风险的优先级排序、微认证策略,以及满足 SOX、HIPAA 和 PCI DSS 要求的整改跟踪。
开展系统性的访问审查和认证,确保用户拥有与其角色相符的访问权限。涵盖审查活动设计、审查员选择、基于风险的优先级排序、微认证策略,以及满足 SOX、HIPAA 和 PCI DSS 要求的整改跟踪。
| 控制项 | NIST 800-53 | 描述 |
|---|---|---|
| 访问审查 | AC-2(3) | 定期审查账户权限 |
| 账户管理 | AC-2 | 账户生命周期管理 |
| 最小权限 | AC-6 | 强制执行最小必要访问 |
| 职责分离 | AC-5 | SoD 冲突识别 |
| 审计日志 | AU-6 | 访问审计记录审查 |
npx claudepluginhub killvxk/cybersecurity-skills-zhConducts systematic access reviews and certifications to ensure users have role-aligned access rights. Covers campaign design, reviewer selection, risk prioritization, and remediation for SOX, HIPAA, PCI DSS compliance.
Designs and executes access review campaigns, including reviewer selection, risk-based prioritization, and remediation tracking for compliance with SOX, HIPAA, PCI DSS.
Designs and executes access review campaigns, automates entitlement data collection, and tracks remediation for compliance with SOX, HIPAA, PCI DSS.