iso27001-compliance-mcp

MCP server for ISO 27001 compliance — browse Annex A controls, assess ISMS readiness, generate Statement of Applicability, risk treatment plans, and gap analysis for information security certification.

Tools

| Tool | Description | |------|-------------| | browse_controls | Browse ISO 27001:2022 Annex A controls by theme, category, or priority | | assess_readiness | Score ISMS readiness based on implemented controls | | statement_of_applicability | Generate a Statement of Applicability (SoA) for certification | | gap_analysis | Identify control gaps with prioritized implementation roadmap | | risk_treatment | Generate a risk treatment plan template | | audit_checklist | Generate internal audit checklist for certification readiness |

Coverage (ISO 27001:2022)

• Organizational Controls (A.5): Policies, asset management, access control, supplier relations, incident management, business continuity
• People Controls (A.6): Screening, employment terms, awareness/training, termination
• Physical Controls (A.7): Perimeters, monitoring, equipment protection
• Technological Controls (A.8): Endpoints, privileged access, authentication, vulnerability management, cryptography, secure development, change management

Installation

npx iso27001-compliance-mcp

Usage with Claude Desktop

{
  "mcpServers": {
    "iso27001-compliance": {
      "command": "npx",
      "args": ["-y", "iso27001-compliance-mcp"]
    }
  }
}

Usage with VS Code

{
  "servers": {
    "iso27001-compliance": {
      "command": "npx",
      "args": ["-y", "iso27001-compliance-mcp"]
    }
  }
}

License

MIT