v0.4.0

[Sushegaad]

v0.4.0 — April 18, 2026

🆕 New Skills (3)

ISO 27701 Privacy Information Management — Expert PIMS advisor covering both ISO 27701:2025 (standalone) and ISO 27701:2019 (ISO 27001 extension); gap analysis, SoA generation, privacy risk assessment, DPIA support, and GDPR/CCPA/LGPD alignment across all 78 Annex A controls (A.1 controller, A.2 processor, A.3 shared security).

DORA Digital Operational Resilience — Full DORA (Regulation (EU) 2022/2554) compliance advisor for EU financial entities; covers all 64 articles, all 12 adopted RTS/ITS, ICT risk management framework, incident classification and three-stage reporting (4h/72h/1 month), TLPT scoping, ICT third-party risk, and Register of Information requirements.

DPDPA India Digital Personal Data Protection — Advisor covering India's Digital Personal Data Protection Act, 2023 and DPDP Rules, 2025 (effective May 2027); all 44 sections and 23 Rules, notice and consent requirements, Data Principal rights, 72-hour breach notification, children's data (18-year threshold), Significant Data Fiduciary obligations, and GDPR-to-DPDPA gap analysis.

🏛️ FedRAMP Skill — Improvements

Updated based on user feedback. Added correct references.

🤖 ISO 42001 Skill — Improvements

Updated based on user feedback.

🔒 ISO 27701 Skill — Improvements

• Version-selection logic — Skill now leads with the 2019 extension model when the user has an existing ISO 27001 certification, and defaults to the 2025 standalone edition for greenfield implementations.
• GDPR alignment prominence — GDPR alignment is now mentioned in the opening paragraph of every ISO 27701 explanation.
• PII Processor terminology table — Added exact ISO 27701 control language ("PII subject rights assistance obligations", "sub-processor notification and consent", "processing under controller authority") — the precise phrases used in audits and DPA contracts.
• Key Statements section — Explicit guidance that ISO 27701 is not a GDPR safe harbor, has not been approved as a formal Article 42 GDPR certification scheme, and that ISO 27701:2019 requires ISO 27001 as a prerequisite and cannot be certified standalone.

📊 Updated Benchmark

Re-ran the 60-case eval suite following ISO 27701 improvements. ISO 27701 delta flipped from −8% to +20% (76% → 100% with skill). Overall suite: skills now score 94% vs baseline of 83% (+11 point delta, 282/300 assertions passed), up from 92% / +8pts in v0.3.0.

---

This discussion was created from the release v0.4.0.