什么是 AI 合规准备就绪度？

此技能为组织提供了一个全面的框架，用于从八个关键维度评估其 AI 合规态势。它通过分析风险分类、偏差缓解和数据来源，弥合了技术 AI 部署与复杂监管要求之间的差距。利用这些 Openclaw Skills，团队可以在审计发生前主动识别差距，确保与包括欧盟 AI 法案和 NIST AI RMF 在内的全球指令保持一致。

通过综合特定行业的数据和 AI 系统使用情况，该技能将技术债转化为可操作的治理路线图。它专为合规官、法律团队和开发人员设计，他们需要量化风险暴露并为医疗保健、金融和法律领域的即将到来的监管截止日期做准备。

下载入口:https://github.com/openclaw/skills/tree/main/skills/1kalin/compliance-readiness

安装与下载

1. ClawHub CLI

从源直接安装技能的最快方式。

2. 手动安装

将技能文件夹复制到以下位置之一

优先级：工作区 > 本地 > 内置

3. 提示词安装

将此提示词复制到 OpenClaw 即可自动安装。

AI 合规准备就绪度 应用场景

• 在正式监管审计之前评估组织的 AI 合规态势。
• 为欧盟 AI 法案、NIST AI RMF 和 HHS 指令准备实施策略。
• 为企业级 AI 部署构建长期治理路线图。
• 评估来自供应商提供的 AI 工具和服务的第三方风险暴露。

1. 收集组织元数据，包括行业、公司规模和当前使用的 AI 系统列表。
2. 分析司法管辖区（例如美国、欧盟）以确定哪些特定的监管框架适用于该组织。
3. 跨 8 个维度进行结构化评估，每个维度评分从 1（无控制）到 5（成熟）。
4. 计算总准备就绪得分，并将组织风险等级从“合规就绪”到“关键”进行分类。
5. 生成一份综合报告，包括执行摘要、维度特定的差距分析和监管时间表。

AI 合规准备就绪度 配置指南

要使用 Openclaw Skills 将此治理工具集成到您的环境中，请使用以下安装方法：

# 将 compliance-readiness 技能安装到您的代理环境中
openclaw skill add compliance-readiness

安装完成后，根据代理的提示提供所需的行业和 AI 库存数据来启动评估。

AI 合规准备就绪度 数据架构与分类体系

该技能将评估数据组织成结构化的分类法，以实现清晰的报告和可审计性：

name: compliance-readiness
description: AI Compliance Readiness Assessment — evaluate how prepared an organization is for AI governance regulations (EU AI Act, NIST AI RMF, HHS mandates, state bar AI rules). Scores readiness across 8 dimensions and generates an action plan. Use when assessing AI compliance gaps, preparing for audits, or building a governance roadmap.

AI Compliance Readiness Assessment

Evaluate organizational readiness for AI governance regulations and generate an actionable compliance roadmap.

When to Use

• Assessing AI compliance posture before an audit
• Preparing for EU AI Act (Aug 2026), HHS AI mandates, NIST AI RMF
• Building a governance roadmap for AI deployments
• Evaluating risk exposure from current AI usage

How to Use

When asked to assess AI compliance readiness, gather these inputs:

Required Inputs

1. Industry (legal, healthcare, financial-services, insurance, construction, manufacturing, government, other)
2. Company size (employees or revenue range)
3. AI systems in use (list: ch@tbots, document review, fraud detection, hiring tools, customer service, analytics, other)
4. Jurisdictions (US-only, EU-exposed, both, global)

Optional Inputs

• Current governance framework (if any)
• Upcoming audit dates
• Existing compliance certifications (SOC2, ISO 27001, HIPAA, etc.)
• Number of AI vendors/tools in use

Assessment Framework

Score each dimension 1-5 (1=no controls, 5=mature):

8 Dimensions

1. Risk Classification — Have you categorized AI systems by risk level per EU AI Act / NIST?
2. Documentation — Technical docs, model cards, data lineage for each AI system?
3. Human Oversight — Defined human-in-the-loop processes for high-risk decisions?
4. Bias & Fairness — Regular bias audits, fairness metrics, disparate impact testing?
5. Data Governance — Training data provenance, consent, retention, and deletion policies?
6. Incident Response — AI-specific incident playbook, reporting procedures, rollback plans?
7. Vendor Management — AI vendor risk assessments, contractual AI governance requirements?
8. Audit Trail — Logging, explainability, decision traceability for AI-assisted outputs?

Scoring

• 35-40: Compliance-ready — minor gaps to address
• 25-34: Partially prepared — significant work needed in specific areas
• 15-24: High risk — major gaps across multiple dimensions
• 8-14: Critical — immediate action required before any regulatory review

Output Format

Generate a report with:

1. Executive Summary — Overall score, risk level, top 3 gaps
2. Dimension Scores — Table with score, evidence, and gap description per dimension
3. Regulatory Exposure — Which regulations apply and key deadlines:
   • EU AI Act: Aug 2, 2026 (high-risk system requirements)
   • HHS AI Transparency: April 3, 2026 (healthcare)
   • NIST AI RMF: Ongoing (federal contractors + best practice)
   • State bar AI rules: Varies (legal industry)