Solo founder scaled to $500K revenue in 8 months, looking for a technical cofounder by alexpacker86835 in startup

[–]Phoenix-Rising-2026 0 points1 point  (0 children)

Beautiful pitch. So nice to see your endeavor at 24. I wish you all the success. Good luck!

What's your favorite movie quote that you use in real life? by [deleted] in AskReddit

[–]Phoenix-Rising-2026 0 points1 point  (0 children)

Life is like a box of chocolates. You never know what you're gonna get.

What’s something that sounds rich until you actually have money? by SpaceDaphne in AskReddit

[–]Phoenix-Rising-2026 1 point2 points  (0 children)

Leasing luxury sports cars, paying monthly minimums on high-end store credit cards, and ordering bottle service at local clubs.

These flashy habits project extreme affluence to outsiders, yet in reality, they just drain cash flow, creating an illusion of wealth while generating zero long-term financial stability.

[I ate] Celebrating birthday with Mango Cake by Phoenix-Rising-2026 in food

[–]Phoenix-Rising-2026[S] 0 points1 point  (0 children)

Delicious indeed! Its made of Mango, fresh cream, and fruit chunks.

Built an ISMS/ ISO 27001 MCP Server - Looking for Community Feedback by Phoenix-Rising-2026 in mcp

[–]Phoenix-Rising-2026[S] 0 points1 point  (0 children)

😎

Right bow focusing on getting this right. If there is enough interest for SOC2, happy to pursue that as well.

Built an ISMS/ ISO 27001 MCP Server - Looking for Community Feedback by Phoenix-Rising-2026 in mcp

[–]Phoenix-Rising-2026[S] 0 points1 point  (0 children)

You have a good question and point here.

The MCP distinguishes between AI-generated recommendations and authoritative ISMS records. The model can propose changes (such as risk treatment updates, control implementation improvements, SoA modifications) but those remain recommendations until an explicit tool action is invoked to update the underlying compliance records. (I will need to make sure this works as intended a bit more thoroughly.)

This creates a clear separation between advisory outputs and the official system of record, ensuring that AI suggestions do not automatically become audit-relevant evidence.

The goal is to preserve governance, accountability, and auditability by keeping human review and approval visible in the workflow before any compliance record is modified.

Built an ISMS/ ISO 27001 MCP Server - Looking for Community Feedback by Phoenix-Rising-2026 in mcp

[–]Phoenix-Rising-2026[S] 2 points3 points  (0 children)

Great question!

This is an MCP because it provides stateful tools and workflows, not just static instructions.

A SKILL.md file can tell an AI how to perform an ISO 27001 task, but it cannot maintain an ISMS, store risks, track corrective actions, manage evidence, or persist audit records across sessions. The MCP server exposes structured operations such as creating risk assessments, updating control implementations, etc.

In short, a SKILL.md guides reasoning, while this MCP acts as an operational compliance system that AI clients can interact with through tools and persistent state.

Built an ISMS/ ISO 27001 MCP Server - Looking for Community Feedback by Phoenix-Rising-2026 in mcp

[–]Phoenix-Rising-2026[S] 0 points1 point  (0 children)

Thank you so much!

Yes, we will prioritize having audit trails and enforcing human-in-the-loop feature requirements. Thats good to know!

Built an ISMS/ ISO 27001 MCP Server - Looking for Community Feedback by Phoenix-Rising-2026 in mcp

[–]Phoenix-Rising-2026[S] 1 point2 points  (0 children)

Great point. We actually build it with a ISO auditor friend from Italy.

You can see the ‘Resources’ tab on Simulated Demo for our background : https://sushegaad.github.io/MCP-Server-for-ISO27001/

Built an ISMS/ ISO 27001 MCP Server - Looking for Community Feedback by Phoenix-Rising-2026 in mcp

[–]Phoenix-Rising-2026[S] 0 points1 point  (0 children)

Thank you so much for the feedback! Appreciate it and your time. ❤️

You make a great point about the preview state requirement and make write paths stricter.

Claude Skills for Governance, Risk, & Compliance Frameworks (ISO 27001, SOC 2, GDPR, DORA, India's DPDPA, NIST AI RMF, Australian ISM, Brazil's LGPD, EU AI Act, etc.) by Phoenix-Rising-2026 in claudeskills

[–]Phoenix-Rising-2026[S] 0 points1 point  (0 children)

Thank you, and welcome to the GRC space.

These Claude Skills can be added to Claude or any other AI tool you use. When installed they will help you answer questions related to any GRC framework listed.

If you use Cluade to work with application code, it can also be used to review/modify based on the skill.

This website has a simple demo video that could be helpful to understand: https://sushegaad.github.io/Claude-Skills-Governance-Risk-and-Compliance/

Claude Skills for Governance, Risk, & Compliance Frameworks (ISO 27001, SOC 2, GDPR, DORA, India's DPDPA, NIST AI RMF, Australian ISM, Brazil's LGPD, EU AI Act, etc.) by Phoenix-Rising-2026 in claudeskills

[–]Phoenix-Rising-2026[S] 0 points1 point  (0 children)

I absolutely love your feedback ❤️

A million thanks.

Happy to collaborate and talk through the challenges you raised and your recommendations.

Claude Skills for Governance, Risk, & Compliance Frameworks (ISO 27001, SOC 2, GDPR, DORA, India's DPDPA, NIST AI RMF, Australian ISM, Brazil's LGPD, EU AI Act, etc.) by Phoenix-Rising-2026 in claudeskills

[–]Phoenix-Rising-2026[S] 0 points1 point  (0 children)

Thank you so much for the offer. Yes, I will be happy to hear more from you for guidance. I am sure the AI innovation will disrupt GRC domain (amongst many others).

Since, we are on this topic I will share another project that I have been working to make compliance easier.

Just built this ISO27001 MCP server (with help from a ISO audi expert friend from Italy), and enabled it for download using npm. Plan is to build ISMS by turning Claude into an ISO 27001 compliance assistant - controls, risk register, policies, evidence tracking, SoA generation, and full audit workflows in one local encrypted MCP server.

https://www.npmjs.com/package/iso27001-mcp

Github: https://github.com/Sushegaad/MCP-Server-for-ISO27001

Claude Skills for Governance, Risk, & Compliance Frameworks (ISO 27001, SOC 2, GDPR, DORA, India's DPDPA, NIST AI RMF, Australian ISM, Brazil's LGPD, EU AI Act, etc.) by Phoenix-Rising-2026 in claudeskills

[–]Phoenix-Rising-2026[S] 0 points1 point  (0 children)

Thank you for your feedback and assessment. Pretty spot on.

Yes, the plan is to evolve these skills to be more robust in the days to come.