Open source solutions for SOC2, GDPR, and ISO27001

Claude Skills for Governance, Risk & Compliance (GRC): Expert-level compliance guidance for ISO 27001, SOC 2, FedRAMP, GDPR, HIPAA, NIST CSF, PCI DSS, TSA Cybersecurity, ISO 42001 AI Management System, ISO 27701 Privacy Information Mgmt., DORA Digital Operational Resilience, and India's Digital Personal Data Protection Act. Benchmark 94% vs 83%.

Complete AI governance and LLM Evals platform with support for EU AI Act, ISO 42001, NIST AI RMF and 20+ more AI frameworks and regulations. Join our Discord channel: https://discord.com/invite/d3k3E4uEpR

Scan codebases for AI SDK usage and map compliance risks to NIST AI RMF, ISO 42001, and EU AI Act

⚕️ the world's first unified, lifecycle-centric regulatory framework specifically designed for autonomous AI agents in medical environments (270+ requirements, 3 risk categories).

NIST AI RMF applied to a real research cluster. We govern our own AI tools, document decisions, and share templates. Practical governance for small teams.

The most comprehensive open-source mapping of OWASP GenAI risks to industry frameworks — 37 files, 16 frameworks, 3 source lists: LLM Top 10, Agentic Top 10, DSGAI 2026. OT/ICS, EU AI Act, NIST, ISO 27001, ISO 42001, CIS, SAMM, ENISA, NHI, AIVSS.

Frictionless Governance for AI

A practical implementation toolkit for ISO/IEC 42001:2023 AI Management Systems — gap assessment checklists, risk register templates, controls mapping, and implementation roadmap for GRC professionals and AI governance practitioners.

AWS AI Governance Framework - Serverless Edition with Lambda, Aurora Serverless v2, and 60% cost savings. Features ISO 27001/27701/42001 compliance, OPA policies, and AWS resource scanners.

Hardened Public Release of KAIROS invocation governance framework. Includes invocation terms, ethical compliance clauses, regulatory mapping, and sample outputs. Licensed under CC BY-NC-ND 4.0. License: Do not auto-generate via GitHub. Use hardened License.txt

EU AI Act governance prototype that turns real medical AI evidence and ISO/IEC 42001 governance scaffolding into reviewable classification, evidence checks, human oversight, and incident-handling paths.

Guide GRC teams with Claude Skills for ISO 27001, SOC 2, FedRAMP, GDPR, HIPAA, NIST CSF, PCI DSS, TSA, and ISO 42001

Multi-tenant AI SaaS platform for SMEs using serviced offices, combining operational, compliance, and growth tools.

Runtime capability-state attestation for MCP agents. Companion implementation to the paper 'The MCP Governance Gap' (Teklenburg, 2026).

Open reference documentation for AI Governance, Risk, & Compliance. Contains a risk lexicon, audit interview guides, oversight reporting templates, maturity models — and much more, all inspired by ISO 42001 and other major AI regulatory standards.

🤖 Streamline AI-assisted development with a governance kit for rules, enforcement, and decision-making, ensuring speed and oversight in your projects.

AI-native GRC platform — multi-agent system for automated control testing, UAR, gap analysis & audit reporting across NIST AI RMF, ISO 42001, NIST 800-53 & SOC 2

Automated GRC evidence collection for GCP and Google Workspace — PCI-DSS, SOC 2, ISO 27001, ISO 42001