Enterprise Cyber Communications Drafter

Transform complex cyber security risks, audit findings, and meeting notes into executive-grade business communications.

Install
cmdop skills install agensi-enterprise-cyber-communications-drafter

Enterprise Cyber Communications Drafter is a skill that converts raw cybersecurity inputs—vulnerability data, risk registers, meeting transcripts, audit findings, and programme updates—into structured, professional documents suitable for executive and governance audiences. It is designed for organisations where technical staff need to communicate security risks to boards, steering committees, and managing directors without conflating technical implementation responsibility with business ownership accountability.

The skill produces several categories of output. For executive communication, it drafts briefing notes, steering committee correspondence, and MD briefings. For governance and audit purposes, it generates audit-defensible responses, corrective action plans, and formal risk and issue wording. Meeting management outputs include distilled transcripts converted into formal minutes, recorded decisions, and action item logs. It also produces side-by-side change logs for technical or policy amendments.

All outputs are written in British English and follow professional governance standards. A key operating constraint is a supplied-facts-only rule: the skill works strictly from the inputs provided and inserts placeholders where metadata is absent rather than inferring or inventing details. This makes it appropriate for regulatory and compliance contexts where factual accuracy in written records is mandatory.

This skill is not a general-purpose writing assistant. It is narrowly scoped to enterprise cybersecurity communication tasks for corporate governance audiences. Organisations outside regulated industries or those needing informal technical documentation will find its governance-oriented structure more rigid than necessary.

Use cases

  • Draft a boardroom briefing note summarising a critical vulnerability disclosure for a non-technical MD
  • Convert a raw audit finding into an audit-defensible corrective action plan with ownership clearly assigned
  • Distil a cybersecurity steering committee transcript into formal minutes with recorded decisions and action items
  • Produce a risk register entry that translates technical vulnerability data into quantified business risk language
  • Generate a side-by-side change log comparing current and revised security policy wording
  • Draft a formal response to an external auditor using only supplied evidence, with placeholders for missing metadata

When to use it

  • When technical security findings must be translated into executive or board-level documents
  • When audit-defensible written records are required for regulatory or compliance review
  • When governance accountability—distinguishing technical ownership from business ownership—must be preserved in written artefacts
  • When meeting transcripts from cybersecurity programme reviews need to be formalised into minutes and action logs
  • When British English and corporate governance standards are required for all communications

When not to use it

  • When the organisation needs informal or conversational technical documentation rather than governance-grade artefacts
  • When the subject matter is outside cybersecurity and IT risk governance
  • When outputs must be in languages or English variants other than British English
  • When no structured input facts are available, as the skill uses placeholders rather than generating missing context
  • When a general-purpose document drafting tool covering broad business domains is needed