From compliance-os
/cs:aims-audit <scope> — ISO/IEC 42001 AIMS internal-audit 6-question forcing interrogation. Use before certification stage 1, before annual internal audit cycles, or when onboarding a new AI system into an existing AIMS.
How this skill is triggered — by the user, by Claude, or both
Slash command
/compliance-os:aims-auditThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
**Command:** `/cs:aims-audit <scope>`
Command: /cs:aims-audit <scope>
The ISO 42001 AIMS specialist pressure-tests any AI Management System work. Six questions before any certification commitment, internal audit cycle, or new-system onboarding.
Scope omission = certification finding.
aims_gap_analyzer.py to verify Clause 4.3 evidenceMissing any of the four = critical nonconformity at stage 1.
Risk identification without control mapping = Clause 6.1.3 fails.
ai_risk_register_builder.py per ISO 23894 methodologyConcept drift is not a one-time event.
Without 9.2 plan, the AIMS is incomplete.
aims_audit_scheduler.py with scope + auditors + prior findingsParallel systems = 5x ongoing maintenance cost.
cross_framework_mapping_ai.md for the reuse map# 1. AIMS gap analysis
python ra-qm-team/skills/iso42001-specialist/scripts/aims_gap_analyzer.py evidence.json
# 2. AI risk register
python ra-qm-team/skills/iso42001-specialist/scripts/ai_risk_register_builder.py risks.json
# 3. Internal audit plan
python ra-qm-team/skills/iso42001-specialist/scripts/aims_audit_scheduler.py audit_scope.json
# 4. Cross-framework reuse map (via compliance-os)
python ../../skills/compliance-os/scripts/cross_framework_mapper.py program.json
# AIMS Audit: <scope>
**Date:** YYYY-MM-DD
## The Decision Being Made
[gap-closure | risk-treatment | audit-scope | new-system-onboarding]
## Gap Analysis (Clauses 4-10)
- Weighted coverage: X%
- Critical gaps: N
- Major gaps: M
- Certification readiness: ready | stage_2_candidate | not_ready
## AI Risk Register
- Total risks: N
- By severity: critical=X, high=Y, medium=Z, low=W
- Requires additional treatment: K
- Top risk requiring action: <description>
## Clause 9.2 Audit Plan
- 12-month coverage: clauses=X, controls=Y
- Auditor independence: clean | issues
- Prior-year follow-up: scheduled in Q1
## Cross-Framework Reuse
- ISO 27001 evidence reused: % of AIMS Clauses 4-10
- 13485 evidence reused: % (if applicable)
- Net-new for AIMS: % (mostly Annex A)
## Verdict
🟢 STAGE-1-READY | 🟡 CLOSE-CRITICALS-FIRST | 🔴 NOT-READY
## Top 3 Actions
[3 concrete next steps with owner + date]
/cs:compliance-readiness — for multi-framework view/cs:ai-act-readiness — if EU AI Act also applies/cs:caio-review — for executive AI strategy decisions/cs:ciso-review — for ISO 27001 cross-framework alignment/cs:decide — to log the verdict/cs:freeze 30 — on certification commitmentscs-aims-iso42001iso42001-specialist../../skills/compliance-os/, ../ai-act-readiness/, ../compliance-readiness/Version: 1.0.0
npx claudepluginhub ai-integr8tor/alirezarezvani-claude-skills --plugin compliance-osSets up isolated workspaces using native worktree tools or git worktree fallback. Use before starting feature work to protect the current branch.
2plugins reuse this skill
First indexed Jun 30, 2026