richardk/iso27diy-corp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

moved scratch file folder

Browse source
This commit is contained in:
Richard Kranendonk 2026-06-01 20:11:34 +02:00
parent b415f1110c
commit 5edd29361f
18 changed files with 22 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

6
Content Factory/Scratch file/Data classification - how to make labels stick.md
View file

@ -1,6 +0,0 @@
# Data classification: how to make labels stick?
Data travels; how to make labels stick?
Links to the [Privacy in ISO 27001](../../Corpus/Standards/ISO27x/Privacy%20in%20ISO%2027001.md) issue of [Data Provenance](../../Corpus/Standards/AVG/Data%20Provenance.md) .

9
Content Factory/Scratch file/Example of ISO 27001 mystique.md
View file

@ -1,9 +0,0 @@
# Example of ISO 27001 mystique
ISO 27001 is a framework, and you cannot successfully implement it by treating the text of the standard as a series of instructions to be followed in the order in which they were printed. If you try that, things will become very confusing very quickly.
For example, the requirement of having an information security policy is first (?) mentioned in [Chapter 5.1](../../Corpus/MoCs/ISO_27001_2022_5.1_MoC%20Leadership%20and%20commitment.md), "Leadership and commitment", where it says that top management must have it established, *together* with information security objectives. Then in [Chapter 5.2](../../Corpus/Standards/ISO27x/OST/27001/EN/c-5.2-Policy.md), 'Policy', it states that these objectives form *part of* the information security policy, referencing forward to [Chapter 6.2](../../Corpus/MoCs/ISO_27001_2022_6.2_MoC%20Information%20security%20objectives%20and%20planning%20to%20achieve%20them.md), "Information security objectives and planning to achieve them", which demands that organizations should set objectives consistent with the policy. Of course there's also a corresponding Control called "Policies for information security" ([5.1](../../Corpus/Standards/ISO27x/legacy/iso27DIY%20mk%20I/ISO_27002_2022_5.1_MoC%20Policies%20for%20information%20security.md)), which explains that there will be an information security policy at the highest level of the organization, including objectives "or the framework for setting objectives", and further "topic-specific policies as needed", which of course need their own objectives.
Programmers may love this kind of recursiveness when it's in coding exercises.

4
Corpus/Standards/ISO27x/legacy/iso27DIY mk I/ISO27DIY Business drivers.md
View file

@ -1,3 +1,3 @@
- [Perverse prikkels in de normindustrie](../../../../../Content%20Factory/Scratch%20file/Perverse%20prikkels%20in%20de%20normindustrie.md)
- [GRC software is geschreven voor domeindeskundigen](../../../../../Content%20Factory/Scratch%20file/GRC%20software%20is%20geschreven%20voor%20domeindeskundigen.md)
- [Perverse prikkels in de normindustrie](../../../../../Marketing/content/Scratch%20file/Perverse%20prikkels%20in%20de%20normindustrie.md)
- [GRC software is geschreven voor domeindeskundigen](../../../../../Marketing/content/Scratch%20file/GRC%20software%20is%20geschreven%20voor%20domeindeskundigen.md)
- [Problems solved 1](../../../../Sparks/Problems%20solved%201.md)

2
Corpus/Standards/ISO27x/legacy/iso27DIY mk I/ISO27DIY Business model.md
View file

@ -1,6 +1,6 @@
Child notes:
- [Blurbs](../../../../Sparks/Blurbs.md)
- [Toegevoegde waarde van ISO27DIY](../../../../../Content%20Factory/Scratch%20file/Toegevoegde%20waarde%20van%20ISO27DIY.md)
- [Toegevoegde waarde van ISO27DIY](../../../../../Marketing/content/Scratch%20file/Toegevoegde%20waarde%20van%20ISO27DIY.md)
- [Friendly targets](../../../../../../💡Permanent%20ideas/Friendly%20targets.md)
- [Possible Colabs](../../../../../AuditGlue/Possible%20Colabs.md)
- [List of possible partners](../../../../../AuditGlue/List%20of%20possible%20partners.md)

2
Corpus/Standards/other/Privacy frameworks list.md
View file

@ -5,6 +5,6 @@
[Privacy in ISO 27k](../ISO27x/Privacy%20in%20ISO%2027k.md)
Related:
- [Privacy protection in Databases](../../../Content%20Factory/Scratch%20file/Privacy%20protection%20in%20Databases.md)
- [Privacy protection in Databases](../../../Marketing/content/Scratch%20file/Privacy%20protection%20in%20Databases.md)
- [ISO 27001 A.18.1.4 Privacy and protection of personally identifiable information](../ISO27x/legacy/ISO%2027001%202013/ISO%2027001%20A.18.1.4%20Privacy%20and%20protection%20of%20personally%20identifiable%20information.md)

6
marketing/content/Scratch file/Data classification - how to make labels stick.md Normal file
View file

@ -0,0 +1,6 @@
# Data classification: how to make labels stick?
Data travels; how to make labels stick?
Links to the [Privacy in ISO 27001](../../../Corpus/Standards/ISO27x/Privacy%20in%20ISO%2027001.md) issue of [Data Provenance](../../../Corpus/Standards/AVG/Data%20Provenance.md) .

9
marketing/content/Scratch file/Example of ISO 27001 mystique.md Normal file
View file

@ -0,0 +1,9 @@
# Example of ISO 27001 mystique
ISO 27001 is a framework, and you cannot successfully implement it by treating the text of the standard as a series of instructions to be followed in the order in which they were printed. If you try that, things will become very confusing very quickly.
For example, the requirement of having an information security policy is first (?) mentioned in [Chapter 5.1](../../Corpus/MoCs/ISO_27001_2022_5.1_MoC%20Leadership%20and%20commitment.md), "Leadership and commitment", where it says that top management must have it established, *together* with information security objectives. Then in [Chapter 5.2](../../../Corpus/Standards/ISO27x/OST/27001/EN/c-5.2-Policy.md), 'Policy', it states that these objectives form *part of* the information security policy, referencing forward to [Chapter 6.2](../../Corpus/MoCs/ISO_27001_2022_6.2_MoC%20Information%20security%20objectives%20and%20planning%20to%20achieve%20them.md), "Information security objectives and planning to achieve them", which demands that organizations should set objectives consistent with the policy. Of course there's also a corresponding Control called "Policies for information security" ([5.1](../../../Corpus/Standards/ISO27x/legacy/iso27DIY%20mk%20I/ISO_27002_2022_5.1_MoC%20Policies%20for%20information%20security.md)), which explains that there will be an information security policy at the highest level of the organization, including objectives "or the framework for setting objectives", and further "topic-specific policies as needed", which of course need their own objectives.
Programmers may love this kind of recursiveness when it's in coding exercises.

2
Content Factory/Scratch file/GRC software is geschreven voor domeindeskundigen.md → marketing/content/Scratch file/GRC software is geschreven voor domeindeskundigen.md
View file

@ -1,4 +1,4 @@
This note relates to the [ISO27DIY Business model](../../Corpus/Standards/ISO27x/legacy/iso27DIY%20mk%20I/ISO27DIY%20Business%20model.md)
This note relates to the [ISO27DIY Business model](../../../Corpus/Standards/ISO27x/legacy/iso27DIY%20mk%20I/ISO27DIY%20Business%20model.md)
Probleem: de GRC software wordt aangekocht om een operationeel probleem van de compliance officer op te lossen.

0
Content Factory/Scratch file/Hoe dwing je verantwoordelijkheid af.md → marketing/content/Scratch file/Hoe dwing je verantwoordelijkheid af.md
View file

0
Content Factory/Scratch file/Least privilege, need-to-know - principles vs practice.md → marketing/content/Scratch file/Least privilege, need-to-know - principles vs practice.md
View file

0
Content Factory/Scratch file/Perverse prikkels in de normindustrie.md → marketing/content/Scratch file/Perverse prikkels in de normindustrie.md
View file

0
Content Factory/Scratch file/Privacy protection in Databases.md → marketing/content/Scratch file/Privacy protection in Databases.md
View file

0
Content Factory/Scratch file/Toegevoegde waarde van ISO27DIY.md → marketing/content/Scratch file/Toegevoegde waarde van ISO27DIY.md
View file

0
Content Factory/Scratch file/Voordelen van processvolwassenheid.md → marketing/content/Scratch file/Voordelen van processvolwassenheid.md
View file

0
Content Factory/Scratch file/Weerbaarheid - bereid je voor op verstoring.md → marketing/content/Scratch file/Weerbaarheid - bereid je voor op verstoring.md
View file

0
Content Factory/Scratch file/longlist.md → marketing/content/Scratch file/longlist.md
View file

6
marketing/content/posts/ZZP/For Leadership/s02pxxnl - Toch een Cbw checklist.md
View file

@ -8,13 +8,9 @@ Deze checklist gaat niet over techniek, maar over management en beleid.
Het kost je een paar minuten, en dan weet je waar je staat, als op 1 juli 2026 de Cyberbeveiligingswet (Cbw) in werking treedt — en jij als bestuurder persoonlijk verantwoordelijk wordt voor informatiebeveiliging.
Als je na de checklist graag een uurtje wilt sparren over hoe nu verder, dan praat ik graag een uur met je.
— Cbw-compliance in 8 stappen — 5/5 \#managingsecurity \#Cbw \#NIS2
https://iso27diy.com/assets/cbw-checklist.html
---
— risicoanalyse en beveiligingsbeleid, incidentresponse, bedrijfscontinuïteit, leveranciersbeveiliging, systeembeveiliging, effectiviteitsbeoordeling, cyberhygiëne en opleiding, cryptografie, personeels- en toegangsbeheer, en authenticatie

2
marketing/content/posts/ZZP/For MSPs/Do you supply EU customers.md
View file

@ -15,4 +15,4 @@ They will check for the minimum measures listed in Art. 21(2):
You don't need to be certified. But you do need to be able to answer these questions — on paper, not just in your head. Have your answers ready!
You can find an interactive checklist [[on our site]]. If the checklist raises any questions on how to continue, I'm happy to spend an hour with you.
You can find an interactive checklist [on our site](https://iso27diy.com/assets/nis2-checklist.html). If the checklist raises any questions on how to continue, I'm happy to spend an hour with you.