removed emoji from filenames, Obsidian changed all relevant links

Corpus/Sparks/Example of ISO 27001 mystique.md

@@ -0,0 +1,9 @@
+# Example of ISO 27001 mystique
+
+ISO 27001 is a framework, and you cannot successfully implement it by treating the text of the standard as a series of instructions to be followed in the order in which they were printed. If you try that, things will become very confusing very quickly.
+
+For example, the requirement of having an information security policy is first (?) mentioned in [Chapter 5.1](../MoCs/ISO_27001_2022_5.1_MoC%20Leadership%20and%20commitment.md), "Leadership and commitment", where it says that top management must have it established, *together* with information security objectives. Then in [Chapter 5.2](../Standards/ISO27x/OST/27001/EN/c-5.2-Policy.md), 'Policy', it states that these objectives form *part of* the information security policy, referencing forward to  [Chapter 6.2](../MoCs/ISO_27001_2022_6.2_MoC%20Information%20security%20objectives%20and%20planning%20to%20achieve%20them.md), "Information security objectives and planning to achieve them", which demands that organizations should set objectives consistent with the  policy. Of course there's also a corresponding Control called "Policies for information security" ([5.1](../Standards/ISO27x/legacy/iso27DIY%20mk%20I/ISO_27002_2022_5.1_MoC%20Policies%20for%20information%20security.md)), which explains that there will be an information security policy at the highest level of the organization, including objectives "or the framework for setting objectives", and further "topic-specific policies as needed", which of course need their own objectives.
+
+Programmers may love this kind of recursiveness when it's in coding exercises.
+
+