diff --git a/Content Factory/Scratch file/Data classification - how to make labels stick.md b/Content Factory/Scratch file/Data classification - how to make labels stick.md deleted file mode 100644 index 66f47f1..0000000 --- a/Content Factory/Scratch file/Data classification - how to make labels stick.md +++ /dev/null @@ -1,6 +0,0 @@ -# Data classification: how to make labels stick? - -Data travels; how to make labels stick? - -Links to the [Privacy in ISO 27001](../../Corpus/Standards/ISO27x/Privacy%20in%20ISO%2027001.md) issue of [Data Provenance](../../Corpus/Standards/AVG/Data%20Provenance.md) . - diff --git a/Content Factory/Scratch file/Example of ISO 27001 mystique.md b/Content Factory/Scratch file/Example of ISO 27001 mystique.md deleted file mode 100644 index 383e933..0000000 --- a/Content Factory/Scratch file/Example of ISO 27001 mystique.md +++ /dev/null @@ -1,9 +0,0 @@ -# Example of ISO 27001 mystique - -ISO 27001 is a framework, and you cannot successfully implement it by treating the text of the standard as a series of instructions to be followed in the order in which they were printed. If you try that, things will become very confusing very quickly. - -For example, the requirement of having an information security policy is first (?) mentioned in [Chapter 5.1](../../Corpus/MoCs/ISO_27001_2022_5.1_MoC%20Leadership%20and%20commitment.md), "Leadership and commitment", where it says that top management must have it established, *together* with information security objectives. Then in [Chapter 5.2](../../Corpus/Standards/ISO27x/OST/27001/EN/c-5.2-Policy.md), 'Policy', it states that these objectives form *part of* the information security policy, referencing forward to [Chapter 6.2](../../Corpus/MoCs/ISO_27001_2022_6.2_MoC%20Information%20security%20objectives%20and%20planning%20to%20achieve%20them.md), "Information security objectives and planning to achieve them", which demands that organizations should set objectives consistent with the policy. Of course there's also a corresponding Control called "Policies for information security" ([5.1](../../Corpus/Standards/ISO27x/legacy/iso27DIY%20mk%20I/ISO_27002_2022_5.1_MoC%20Policies%20for%20information%20security.md)), which explains that there will be an information security policy at the highest level of the organization, including objectives "or the framework for setting objectives", and further "topic-specific policies as needed", which of course need their own objectives. - -Programmers may love this kind of recursiveness when it's in coding exercises. - - diff --git a/Corpus/Standards/ISO27x/legacy/iso27DIY mk I/ISO27DIY Business drivers.md b/Corpus/Standards/ISO27x/legacy/iso27DIY mk I/ISO27DIY Business drivers.md index 4db5d68..b1c3113 100644 --- a/Corpus/Standards/ISO27x/legacy/iso27DIY mk I/ISO27DIY Business drivers.md +++ b/Corpus/Standards/ISO27x/legacy/iso27DIY mk I/ISO27DIY Business drivers.md @@ -1,3 +1,3 @@ -- [Perverse prikkels in de normindustrie](../../../../../Content%20Factory/Scratch%20file/Perverse%20prikkels%20in%20de%20normindustrie.md) -- [GRC software is geschreven voor domeindeskundigen](../../../../../Content%20Factory/Scratch%20file/GRC%20software%20is%20geschreven%20voor%20domeindeskundigen.md) +- [Perverse prikkels in de normindustrie](../../../../../Marketing/content/Scratch%20file/Perverse%20prikkels%20in%20de%20normindustrie.md) +- [GRC software is geschreven voor domeindeskundigen](../../../../../Marketing/content/Scratch%20file/GRC%20software%20is%20geschreven%20voor%20domeindeskundigen.md) - [Problems solved 1](../../../../Sparks/Problems%20solved%201.md) diff --git a/Corpus/Standards/ISO27x/legacy/iso27DIY mk I/ISO27DIY Business model.md b/Corpus/Standards/ISO27x/legacy/iso27DIY mk I/ISO27DIY Business model.md index efd2b20..9816b93 100644 --- a/Corpus/Standards/ISO27x/legacy/iso27DIY mk I/ISO27DIY Business model.md +++ b/Corpus/Standards/ISO27x/legacy/iso27DIY mk I/ISO27DIY Business model.md @@ -1,6 +1,6 @@ Child notes: - [Blurbs](../../../../Sparks/Blurbs.md) -- [Toegevoegde waarde van ISO27DIY](../../../../../Content%20Factory/Scratch%20file/Toegevoegde%20waarde%20van%20ISO27DIY.md) +- [Toegevoegde waarde van ISO27DIY](../../../../../Marketing/content/Scratch%20file/Toegevoegde%20waarde%20van%20ISO27DIY.md) - [Friendly targets](../../../../../../💡Permanent%20ideas/Friendly%20targets.md) - [Possible Colabs](../../../../../AuditGlue/Possible%20Colabs.md) - [List of possible partners](../../../../../AuditGlue/List%20of%20possible%20partners.md) diff --git a/Corpus/Standards/other/Privacy frameworks list.md b/Corpus/Standards/other/Privacy frameworks list.md index 0bde826..04d35be 100644 --- a/Corpus/Standards/other/Privacy frameworks list.md +++ b/Corpus/Standards/other/Privacy frameworks list.md @@ -5,6 +5,6 @@ [Privacy in ISO 27k](../ISO27x/Privacy%20in%20ISO%2027k.md) Related: -- [Privacy protection in Databases](../../../Content%20Factory/Scratch%20file/Privacy%20protection%20in%20Databases.md) +- [Privacy protection in Databases](../../../Marketing/content/Scratch%20file/Privacy%20protection%20in%20Databases.md) - [ISO 27001 A.18.1.4 Privacy and protection of personally identifiable information](../ISO27x/legacy/ISO%2027001%202013/ISO%2027001%20A.18.1.4%20Privacy%20and%20protection%20of%20personally%20identifiable%20information.md) diff --git a/marketing/content/Scratch file/Data classification - how to make labels stick.md b/marketing/content/Scratch file/Data classification - how to make labels stick.md new file mode 100644 index 0000000..ac96efa --- /dev/null +++ b/marketing/content/Scratch file/Data classification - how to make labels stick.md @@ -0,0 +1,6 @@ +# Data classification: how to make labels stick? + +Data travels; how to make labels stick? + +Links to the [Privacy in ISO 27001](../../../Corpus/Standards/ISO27x/Privacy%20in%20ISO%2027001.md) issue of [Data Provenance](../../../Corpus/Standards/AVG/Data%20Provenance.md) . + diff --git a/marketing/content/Scratch file/Example of ISO 27001 mystique.md b/marketing/content/Scratch file/Example of ISO 27001 mystique.md new file mode 100644 index 0000000..09aabdd --- /dev/null +++ b/marketing/content/Scratch file/Example of ISO 27001 mystique.md @@ -0,0 +1,9 @@ +# Example of ISO 27001 mystique + +ISO 27001 is a framework, and you cannot successfully implement it by treating the text of the standard as a series of instructions to be followed in the order in which they were printed. If you try that, things will become very confusing very quickly. + +For example, the requirement of having an information security policy is first (?) mentioned in [Chapter 5.1](../../Corpus/MoCs/ISO_27001_2022_5.1_MoC%20Leadership%20and%20commitment.md), "Leadership and commitment", where it says that top management must have it established, *together* with information security objectives. Then in [Chapter 5.2](../../../Corpus/Standards/ISO27x/OST/27001/EN/c-5.2-Policy.md), 'Policy', it states that these objectives form *part of* the information security policy, referencing forward to [Chapter 6.2](../../Corpus/MoCs/ISO_27001_2022_6.2_MoC%20Information%20security%20objectives%20and%20planning%20to%20achieve%20them.md), "Information security objectives and planning to achieve them", which demands that organizations should set objectives consistent with the policy. Of course there's also a corresponding Control called "Policies for information security" ([5.1](../../../Corpus/Standards/ISO27x/legacy/iso27DIY%20mk%20I/ISO_27002_2022_5.1_MoC%20Policies%20for%20information%20security.md)), which explains that there will be an information security policy at the highest level of the organization, including objectives "or the framework for setting objectives", and further "topic-specific policies as needed", which of course need their own objectives. + +Programmers may love this kind of recursiveness when it's in coding exercises. + + diff --git a/Content Factory/Scratch file/GRC software is geschreven voor domeindeskundigen.md b/marketing/content/Scratch file/GRC software is geschreven voor domeindeskundigen.md similarity index 89% rename from Content Factory/Scratch file/GRC software is geschreven voor domeindeskundigen.md rename to marketing/content/Scratch file/GRC software is geschreven voor domeindeskundigen.md index 600591b..559a192 100644 --- a/Content Factory/Scratch file/GRC software is geschreven voor domeindeskundigen.md +++ b/marketing/content/Scratch file/GRC software is geschreven voor domeindeskundigen.md @@ -1,4 +1,4 @@ -This note relates to the [ISO27DIY Business model](../../Corpus/Standards/ISO27x/legacy/iso27DIY%20mk%20I/ISO27DIY%20Business%20model.md) +This note relates to the [ISO27DIY Business model](../../../Corpus/Standards/ISO27x/legacy/iso27DIY%20mk%20I/ISO27DIY%20Business%20model.md) Probleem: de GRC software wordt aangekocht om een operationeel probleem van de compliance officer op te lossen. diff --git a/Content Factory/Scratch file/Hoe dwing je verantwoordelijkheid af.md b/marketing/content/Scratch file/Hoe dwing je verantwoordelijkheid af.md similarity index 100% rename from Content Factory/Scratch file/Hoe dwing je verantwoordelijkheid af.md rename to marketing/content/Scratch file/Hoe dwing je verantwoordelijkheid af.md diff --git a/Content Factory/Scratch file/Least privilege, need-to-know - principles vs practice.md b/marketing/content/Scratch file/Least privilege, need-to-know - principles vs practice.md similarity index 100% rename from Content Factory/Scratch file/Least privilege, need-to-know - principles vs practice.md rename to marketing/content/Scratch file/Least privilege, need-to-know - principles vs practice.md diff --git a/Content Factory/Scratch file/Perverse prikkels in de normindustrie.md b/marketing/content/Scratch file/Perverse prikkels in de normindustrie.md similarity index 100% rename from Content Factory/Scratch file/Perverse prikkels in de normindustrie.md rename to marketing/content/Scratch file/Perverse prikkels in de normindustrie.md diff --git a/Content Factory/Scratch file/Privacy protection in Databases.md b/marketing/content/Scratch file/Privacy protection in Databases.md similarity index 100% rename from Content Factory/Scratch file/Privacy protection in Databases.md rename to marketing/content/Scratch file/Privacy protection in Databases.md diff --git a/Content Factory/Scratch file/Toegevoegde waarde van ISO27DIY.md b/marketing/content/Scratch file/Toegevoegde waarde van ISO27DIY.md similarity index 100% rename from Content Factory/Scratch file/Toegevoegde waarde van ISO27DIY.md rename to marketing/content/Scratch file/Toegevoegde waarde van ISO27DIY.md diff --git a/Content Factory/Scratch file/Voordelen van processvolwassenheid.md b/marketing/content/Scratch file/Voordelen van processvolwassenheid.md similarity index 100% rename from Content Factory/Scratch file/Voordelen van processvolwassenheid.md rename to marketing/content/Scratch file/Voordelen van processvolwassenheid.md diff --git a/Content Factory/Scratch file/Weerbaarheid - bereid je voor op verstoring.md b/marketing/content/Scratch file/Weerbaarheid - bereid je voor op verstoring.md similarity index 100% rename from Content Factory/Scratch file/Weerbaarheid - bereid je voor op verstoring.md rename to marketing/content/Scratch file/Weerbaarheid - bereid je voor op verstoring.md diff --git a/Content Factory/Scratch file/longlist.md b/marketing/content/Scratch file/longlist.md similarity index 100% rename from Content Factory/Scratch file/longlist.md rename to marketing/content/Scratch file/longlist.md diff --git a/marketing/content/posts/ZZP/For Leadership/s02pxxnl - Toch een Cbw checklist.md b/marketing/content/posts/ZZP/For Leadership/s02pxxnl - Toch een Cbw checklist.md index ba4f3f1..b67fe8e 100644 --- a/marketing/content/posts/ZZP/For Leadership/s02pxxnl - Toch een Cbw checklist.md +++ b/marketing/content/posts/ZZP/For Leadership/s02pxxnl - Toch een Cbw checklist.md @@ -8,13 +8,9 @@ Deze checklist gaat niet over techniek, maar over management en beleid. Het kost je een paar minuten, en dan weet je waar je staat, als op 1 juli 2026 de Cyberbeveiligingswet (Cbw) in werking treedt — en jij als bestuurder persoonlijk verantwoordelijk wordt voor informatiebeveiliging. - Als je na de checklist graag een uurtje wilt sparren over hoe nu verder, dan praat ik graag een uur met je. — Cbw-compliance in 8 stappen — 5/5 \#managingsecurity \#Cbw \#NIS2 +https://iso27diy.com/assets/cbw-checklist.html - - ---- - — risicoanalyse en beveiligingsbeleid, incidentresponse, bedrijfscontinuïteit, leveranciersbeveiliging, systeembeveiliging, effectiviteitsbeoordeling, cyberhygiëne en opleiding, cryptografie, personeels- en toegangsbeheer, en authenticatie \ No newline at end of file diff --git a/marketing/content/posts/ZZP/For MSPs/Do you supply EU customers.md b/marketing/content/posts/ZZP/For MSPs/Do you supply EU customers.md index 0118976..db69e16 100644 --- a/marketing/content/posts/ZZP/For MSPs/Do you supply EU customers.md +++ b/marketing/content/posts/ZZP/For MSPs/Do you supply EU customers.md @@ -15,4 +15,4 @@ They will check for the minimum measures listed in Art. 21(2): You don't need to be certified. But you do need to be able to answer these questions — on paper, not just in your head. Have your answers ready! -You can find an interactive checklist [[on our site]]. If the checklist raises any questions on how to continue, I'm happy to spend an hour with you. +You can find an interactive checklist [on our site](https://iso27diy.com/assets/nis2-checklist.html). If the checklist raises any questions on how to continue, I'm happy to spend an hour with you.