richardk/iso27diy-corp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Moved a directory, changed some filenames

Browse source
This commit is contained in:
Richard Kranendonk 2026-06-06 20:37:28 +02:00
parent ae27a60bcf
commit 347706835e
195 changed files with 696 additions and 255 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Corpus/Standards/ISO27x/OST/27001/Detailed comparison between 2017 and 2022.md
View file

@ -2,7 +2,7 @@
According to [Mark Bernard](https://www.linkedin.com/posts/markesbernard_the-changes-to-isoiec-27001-isms-are-not-activity-7344467878198329344-nZN7) , 28 juni 2025, "The changes to ISO/IEC 27001 ISMS are not straightforward. Some believe that the total number of controls was reduced; however, the truth is that new controls were added while existing controls were consolidated and streamlined."
![](../../Changes%20in%20ISO%2027001-2022%20table.jpeg)
![](../../about/Changes%20in%20ISO%2027001-2022%20table.jpeg)
## New ISMS Control Objectives - ISO 27001:2022 CLAUSE 4 TO 10

2
Corpus/Standards/ISO27x/OST/27001/EN/c-3-Terms-and-definitions.md
View file

@ -15,4 +15,4 @@ status: active
For the purposes of this document, the terms and definitions given in
ISO/IEC 27000 apply.
[ISO 27000 MoC](../../../ISO%2027000%20MoC.md)
[ISO 27000 MoC](../../../about/ISO%2027000%20MoC.md)

2
Corpus/Standards/ISO27x/OST/27001/EN/c-4.1-Understanding-the-organization-and-its-context.md
View file

@ -15,5 +15,5 @@ status: active
The organization shall determine external and internal issues that are relevant to its purpose and that affect its ability to achieve the intended outcome(s) of its information security management system.
NOTE Determining these issues refers to establishing the external and internal context of the organization considered in [Clause 5.4.1](../../../ISO31000-5.4.1-Understanding-the-organization-and-its-context.md) of ISO 31000:2018.
NOTE Determining these issues refers to establishing the external and internal context of the organization considered in [Clause 5.4.1](../../../about/ISO31000-5.4.1-Understanding-the-organization-and-its-context.md) of ISO 31000:2018.

BIN
Corpus/Standards/ISO27x/OST/ISO 27001_2022_EN.docx Normal file
View file

Binary file not shown.

12725
Corpus/Standards/ISO27x/OST/ISO 27002_2022_EN_complete.md Normal file
View file

File diff suppressed because it is too large Load diff

40
Corpus/Standards/ISO27x/OST/Index to the original texts of ISO 27001.md → Corpus/Standards/ISO27x/OST/ISO_27001_2022_EN_Index.md
View file

@ -1,53 +1,53 @@
# Index to the original texts of ISO 27001
2022 version
| Clause | Title |
| ----------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **F** | **[Foreword](27001/EN/c-f-Foreword.md)** |
| Clause | Title |
| ----------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **F** | **[Foreword](27001/EN/c-f-Foreword.md)** |
| **0** | **[Introduction](27001/EN/c-0-Introduction.md)** |
| **1** | **[Scope](27001/EN/c-1-Scope.md)** |
| **2** | **[Normative references](27001/EN/c-2-Normative-references.md)** |
| **3** | **[Terms and definitions](27001/EN/c-3-Terms-and-definitions.md)** |
| **4** | **Context of the organization** |
| **4** | **Context of the organization** |
| 4.1 | [Understanding the organization and its context ](27001/EN/c-4.1-Understanding-the-organization-and-its-context.md) |
| 4.2 | [Understanding the needs and expectations of interested parties ](27001/EN/c-4.2-Understanding-the-needs-and-expectations-of-interested-parties.md) |
| 4.3 | [Determining the scope of the information security management system ](27001/EN/c-4.3-Determining-the-scope-of-the-information-security-management-system.md) |
| 4.4 | [Information security management system ](27001/EN/c-4.4-Information-security-management-system.md) |
| **5** | **Leadership** |
| **5** | **Leadership** |
| 5.1 | [Leadership and commitment ](27001/EN/c-5.1-Leadership-and-commitment.md) |
| 5.2 | [Policy ](27001/EN/c-5.2-Policy.md) |
| 5.3 | [Organizational roles, responsibilities and authorities ](27001/EN/c-5.3-Organizational-roles-responsibilities-and-authorities.md) |
| **6** | **Planning** |
| 6.1 | Actions to address risks and opportunities *(no content)* |
| **6** | **Planning** |
| 6.1 | Actions to address risks and opportunities *(no content)* |
| 6.1.1 | [General ](27001/EN/c-6.1.1-General.md) |
| 6.1.2 | [Information security risk assessment ](27001/EN/c-6.1.2-Information-security-risk-assessment.md) |
| 6.1.3 | [Information security risk treatment ](27001/EN/c-6.1.3-Information-security-risk-treatment.md) |
| 6.2 | [Information security objectives and planning to achieve them ](27001/EN/c-6.2-Information-security-objectives-and-planning-to-achieve-them.md) |
| 6.3 | [Planning of changes ](27001/EN/c-6.3-Planning-of-changes.md) |
| **7** | **Support** |
| **7** | **Support** |
| 7.1 | [ Resources ](27001/EN/c-7.1-Resources.md) |
| 7.2 | [ Competence ](27001/EN/c-7.2-Competence.md) |
| 7.3 | [ Awareness ](27001/EN/c-7.3-Awareness.md) |
| 7.4 | [ Communication ](27001/EN/c-7.4-Communication.md) |
| 7.5 | [ Documented information ](27001/EN/c-7.5-Documented-information.md) |
| 7.5.1 | General ↑ |
| 7.5.2 | Creating and updating ↑ |
| 7.5.3 | Control of documented information ↑ |
| **8** | **Operation** |
| 7.5.1 | General ↑ |
| 7.5.2 | Creating and updating ↑ |
| 7.5.3 | Control of documented information ↑ |
| **8** | **Operation** |
| 8.1 | [Operational planning and control ](27001/EN/c-8.1-Operational-planning-and-control.md) |
| 8.2 | [Information security risk assessment ](27001/EN/c-8.2-Information-security-risk-assessment.md) |
| 8.3 | [Information security risk treatment ](27001/EN/c-8.3-Information-security-risk-treatment.md) |
| **9** | **Performance evaluation** |
| **9** | **Performance evaluation** |
| 9.1 | [Monitoring, measurement, analysis and evaluation ](27001/EN/c-9.1-Monitoring-measurement-analysis-and-evaluation.md) |
| 9.2 | [Internal audit ](27001/EN/c-9.2-Internal-audit.md) |
| 9.2.1 | General ↑ |
| 9.2.2 | Internal audit programme ↑ |
| 9.2.1 | General ↑ |
| 9.2.2 | Internal audit programme ↑ |
| 9.3 | [Management review ](27001/EN/c-9.3-Management-review.md) |
| 9.3.1 | General ↑ |
| 9.3.2 | Management review inputs ↑ |
| 9.3.3 | Management review results ↑ |
| **10** | **Improvement** |
| 9.3.1 | General ↑ |
| 9.3.2 | Management review inputs ↑ |
| 9.3.3 | Management review results ↑ |
| **10** | **Improvement** |
| 10.1 | [Continual improvement ](27001/EN/c-10.1-Continual-improvement.md) |
| 10.2 | [Nonconformity and corrective action ](27001/EN/c-10.2-Nonconformity-and-corrective-action.md) |
| **Annex A** | **[Information security controls reference ](Index%20to%20the%20original%20texts%20of%20ISO%2027002.md)** |
| **Annex A** | **[Information security controls reference ](ISO_27002_2022_EN_Index.md)** |

0
Corpus/Standards/ISO27x/OST/Index to the original texts of ISO 27002.md → Corpus/Standards/ISO27x/OST/ISO_27002_2022_EN_Index.md
View file