Open source solutions for SOC2, GDPR, and ISO27001

Claude Skills for Governance, Risk, & Compliance (GRC): Expert-level compliance guidance for ISO 27001, SOC 2, FedRAMP, GDPR, HIPAA, NIST CSF, PCI DSS, EU AI Act, ISO 42001, ISO 27701, DORA, CSRD, India's DPDPA, CMMC 2.0, NIST AI Risk, SWIFT, Australia's ISM, EU NIS2, and CCPA/CPRA. Benchmark 96% (with skills) vs 82% (without skills).

Complete AI governance and LLM Evals platform with support for EU AI Act, ISO 42001, NIST AI RMF and 20+ more AI frameworks and regulations. Join our Discord channel: https://discord.com/invite/d3k3E4uEpR

Scan codebases for AI SDK usage and map compliance risks to NIST AI RMF, ISO 42001, and EU AI Act

⚕️ the world's first unified, lifecycle-centric regulatory framework specifically designed for autonomous AI agents in medical environments (270+ requirements, 3 risk categories).

NIST AI RMF applied to a real research cluster. We govern our own AI tools, document decisions, and share templates. Practical governance for small teams.

The most comprehensive open-source mapping of OWASP GenAI risks to industry frameworks - 65 mapping files, 25 frameworks, 1,514 controls, 114 incidents, ML classifier pipeline. Source lists: LLM Top 10, Agentic Top 10, DSGAI 2026. EU AI Act, NIST, ISO, SOC 2, FedRAMP, DORA, OT/ICS, MITRE ATLAS.

A practical implementation toolkit for ISO/IEC 42001:2023 AI Management Systems — gap assessment checklists, risk register templates, controls mapping, and implementation roadmap for GRC professionals and AI governance practitioners.

Frictionless Governance for AI

Free TOGAF 10 professional enterprise architecture diagrams - ADM lifecycle, architecture governance, content framework, capability planning, stakeholder management, compliance, and risk. Visual, clear, and ready to use.

AWS AI Governance Framework - Serverless Edition with Lambda, Aurora Serverless v2, and 60% cost savings. Features ISO 27001/27701/42001 compliance, OPA policies, and AWS resource scanners.

Hardened Public Release of KAIROS invocation governance framework. Includes invocation terms, ethical compliance clauses, regulatory mapping, and sample outputs. Licensed under CC BY-NC-ND 4.0. License: Do not auto-generate via GitHub. Use hardened License.txt

EU AI Act governance prototype that turns real medical AI evidence and ISO/IEC 42001 governance scaffolding into reviewable classification, evidence checks, human oversight, and incident-handling paths.

Guide GRC teams with Claude Skills for ISO 27001, SOC 2, FedRAMP, GDPR, HIPAA, NIST CSF, PCI DSS, TSA, and ISO 42001

Multi-tenant AI SaaS platform for SMEs using serviced offices, combining operational, compliance, and growth tools.

Runtime capability-state attestation for MCP agents. Companion implementation to the paper 'The MCP Governance Gap' (Teklenburg, 2026).

Open reference documentation for AI Governance, Risk, & Compliance. Contains a risk lexicon, audit interview guides, oversight reporting templates, maturity models — and much more, all inspired by ISO 42001 and other major AI regulatory standards.

🤖 Streamline AI-assisted development with a governance kit for rules, enforcement, and decision-making, ensuring speed and oversight in your projects.

Automated GRC evidence collection for GCP and Google Workspace — PCI-DSS, SOC 2, ISO 27001, ISO 42001