richardk/iso27diy-corp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

removed emojis, merged 2 folders, removed duplication

Browse source
This commit is contained in:
Richard Kranendonk 2026-05-11 16:47:35 +02:00
parent 9b7b3a3a85
commit 24403ce731
92 changed files with 106 additions and 1432 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Corpus/Literature notes/Assets, Vulnerabilities, Threats, Risks.md
View file

@ -9,7 +9,7 @@ A risk occurs when there's a chance of an asset being compromised, through the e
Adapted from source: [Vigilant Software](https://www.vigilantsoftware.co.uk/blog/risk-terminology-understanding-assets-threats-and-vulnerabilities), retrieved December 8, 2021.
[Assets](../Sparks/Assets.md)
[Vulnerability](../Drafts%20and%20Ideas/Vulnerability.md)
[Vulnerability 1](../Sparks/Vulnerability%201.md)
[Threat](Threat.md)
[Risks](../Sparks/Risks.md)

2
Corpus/Literature notes/CISA RVWP.md
View file

@ -3,5 +3,5 @@ https://www.cisa.gov/stopransomware/Ransomware-Vulnerability-Warning-Pilot
Related:
[Assets, Vulnerabilities, Threats, Risks](..//Assets,%20Vulnerabilities,%20Threats,%20Risks.md)
[Vulnerability](../Drafts%20and%20Ideas/Vulnerability.md)
[Vulnerability 1](../Sparks/Vulnerability%201.md)

2
Corpus/Literature notes/Checklists Gerardus Blokdyk/Checklist for auditing Access Management.md
View file

@ -9,7 +9,7 @@ Relevant ISO 27001 clauses/controls:
- [ISO 27001 A 18 Compliance](../../Standards/ISO27x/legacy/ISO%2027001%202013/ISO%2027001%20A%2018%20Compliance.md)
Related:
- [Identity and Access Management (IAM)](../../Drafts%20and%20Ideas/Identity%20and%20Access%20Management%20(IAM).md)
- [Identity and Access Management (IAM)](../../Sparks/Identity%20and%20Access%20Management%20(IAM).md)
## Organized by Key Themes: Identity, Access, Cloud, Security, Management, Data, Network, Risk, Development, Project:

2
Corpus/Literature notes/Checklists Gerardus Blokdyk/Checklist for auditing DevOps IoT.md
View file

@ -9,7 +9,7 @@ Relevant ISO 27001 clauses/controls:
- [ISO 27001 A.14.2 Security in development and support processes](../../Standards/ISO27x/legacy/ISO%2027001%202013/ISO%2027001%20A.14.2%20Security%20in%20development%20and%20support%20processes.md)
Related:
- [Operational Technology](../../Drafts%20and%20Ideas/Operational%20Technology.md)
- [Operational Technology](../../Sparks/Operational%20Technology.md)
- [DevSecOps and ISO 27k](../../Sparks/DevSecOps%20and%20ISO%2027k.md)
## DevOps IoT: Ask This;

2
Corpus/Literature notes/Checklists Gerardus Blokdyk/Checklist for auditing Security Operations.md
View file

@ -124,7 +124,7 @@ Administer and maintain security systems in the cybersecurity security operation
How do you identify which assets are being compromised and what type of data is involved?
Warrant that your organization is involved in network security environment (Security Operations Center, Security Incident Response Team, or Cyber Security Incident Response) investigating targeted intrusions through complex network segments or Be certain that your company is involved in [Operational Technology](../../Drafts%20and%20Ideas/Operational%20Technology.md) engineering and security concepts. 
Warrant that your organization is involved in network security environment (Security Operations Center, Security Incident Response Team, or Cyber Security Incident Response) investigating targeted intrusions through complex network segments or Be certain that your company is involved in [Operational Technology](../../Sparks/Operational%20Technology.md) engineering and security concepts. 
Have external information aggregators been evaluated for value in API security operations?

2
Corpus/Literature notes/Checklists Gerardus Blokdyk/Checklist for auditing Threat Intelligence.md
View file

@ -398,7 +398,7 @@ Serve on a team of Cyber threat analysts responsible for the 24x7 analyses and r
Do you actively share [Operational Technology](../../Drafts%20and%20Ideas/Operational%20Technology.md) threat related intelligence with your peers?
Do you actively share [Operational Technology](../../Sparks/Operational%20Technology.md) threat related intelligence with your peers?
Maintain and drive the development of new reports of Cyber Threat Intelligence analysis to peers, management and (internal) customer teams for purposes of situational awareness and making threat intelligence actionable. 

2
Corpus/Literature notes/Datatags System.md
View file

@ -4,7 +4,7 @@ Science. 2015101601. October 16, 2015. http://techscience.org/a/2015101601; PDF
Related:
- [ISO 27001 A 8.2 Information classification](../Standards/ISO27x/legacy/ISO%2027001%202013/ISO%2027001%20A%208.2%20Information%20classification.md)
- [Privacy](../Drafts%20and%20Ideas/Privacy.md)
- [Privacy 1](../Sparks/Privacy%201.md)
Sweeney at all have developed a privacy oriented data classification system with six levels:

2
Corpus/Literature notes/Def_Sec_Handbook_Chapter_10.md
View file

@ -1,6 +1,6 @@
# Chapter 10: Password Management and Multifactor Authentication
See also: [Identity and Access Management (IAM)](../Drafts%20and%20Ideas/Identity%20and%20Access%20Management%20(IAM).md), [Roles in Identity and Access Management (IAM)](Roles%20in%20Identity%20and%20Access%20Management%20(IAM).md)
See also: [Identity and Access Management (IAM)](../Sparks/Identity%20and%20Access%20Management%20(IAM).md), [Roles in Identity and Access Management (IAM)](Roles%20in%20Identity%20and%20Access%20Management%20(IAM).md)
## Password practices
Password complexity and brute force cracking:

2
Corpus/Literature notes/Factor Analysis of Information Risk (FAIR).md
View file

@ -5,5 +5,5 @@ FAIR principles can be applied "to clarify organizational risk appetite and tole
[Source](https://www.fairinstitute.org/blog/cyber-risk-management-establishing-a-blueprint-with-fair)
Related:
- [Risk appetite](../Drafts%20and%20Ideas/Risk%20appetite.md)
- [Risk appetite 1](../Sparks/Risk%20appetite%201.md)
- [Risk tolerance](..//Risk%20tolerance.md)

2
Corpus/Literature notes/Security Threat Modeling.md
View file

@ -3,7 +3,7 @@
https://insights.sei.cmu.edu/blog/threat-modeling-12-available-methods/
Related:
- [Create a threat analysis chatbot](../Drafts%20and%20Ideas/Controls/Create%20a%20threat%20analysis%20chatbot.md)
- [Create a threat analysis chatbot](../Sparks/Create%20a%20threat%20analysis%20chatbot.md)
![700](Threat%20scenario%20elements.jpeg)

4
Corpus/Literature notes/Topical InfoSec Kanban’s.md
View file

@ -1,6 +1,6 @@
The planning function of AuditGlue may take the form of a (series of) Kanban boards.
For inspiration, below is a collection of Kanban boards on information security topics, published by [The Art of Service](../Drafts%20and%20Ideas/The%20Art%20of%20Service.md). Offering Kanban's in cooperation with them should be considered.
For inspiration, below is a collection of Kanban boards on information security topics, published by [The Art of Service](../Sparks/The%20Art%20of%20Service.md). Offering Kanban's in cooperation with them should be considered.
Note that these boards where created with Airtable.com.
@ -30,7 +30,7 @@ Note that these boards where created with Airtable.com.
### Related notes:
- [📼 ISO27DIY Video Series](../Standards/ISO27x/legacy/iso27DIY%20mk%20I/📼%20ISO27DIY%20Video%20Series.md)
- [ISO27DIY Additional resources](../Standards/ISO27x/legacy/iso27DIY%20mk%20I/ISO27DIY%20Additional%20resources.md)
- [List of possible partners](../Drafts%20and%20Ideas/List%20of%20possible%20partners.md)
- [List of possible partners 1](../Sparks/List%20of%20possible%20partners%201.md)
- [ISO27DIY Workshop Overview template](../Standards/ISO27x/legacy/iso27DIY%20mk%20I/📒%20Templates/ISO27DIY%20Workshop%20Overview%20template.md)
- [Advised Documents for ISO 27001](../../../iso27DIY-gis/reference/Advised%20Documents%20for%20ISO%2027001.md)
- [💾 AuditGlue software](../Standards/ISO27x/legacy/iso27DIY%20mk%20I/💾%20AuditGlue%20software.md)