Refined metadata scheme and applied it to posts

2026-06-02 17:54:44 +02:00 · 2026-06-02 17:54:44 +02:00 · 831590bc72
commit 831590bc72
parent e806e6764b
19 changed files with 703 additions and 47 deletions
--- a/marketing/publications/posts/ZZP/For
+++ b/marketing/publications/posts/ZZP/For
@ -1,3 +1,36 @@
+---
+title: "IT is not going to fix your security problem"
+language: en
+
+proposition: advisory
+
+series-id: s01
+series-title: "Security as an organisational challenge"
+series-part: 1
+
+audience:
+  - leadership
+
+channels:
+  - linkedin
+linkedin-account: personal
+
+content-type:
+  - post
+
+status: published
+
+publish-dates:
+  linkedin: 2026-05-13T17:30:00Z
+
+published-urls:
+  linkedin: "https://www.linkedin.com/posts/richardkranendonk_managingsecurity-activity-7460380869439016960-G-7x"
+
+notetype: publication
+isotags: []
+tags: []
+---
+
 `Posted on 13 May 2026 19:30 CEST to LinkedIn personal stream`
 # IT is not going to fix your security problem

@ -5,10 +38,10 @@ IT is not going to fix your security.

 Not because they don't want to. Not because they lack technical skills. But because essential parts of information security are out of scope for the IT department.

-Here’s what I see in practice:.
+Here's what I see in practice:.
 - A website developer temporarily shares admin rights with an external consultant to troubleshoot an integration.
 - The account of the maintenance engineer that left the company last year is still being used. 
- A sales agent in Brazil gets full access to the company’s CRM, despite operating under a different legal framework.
+- A sales agent in Brazil gets full access to the company's CRM, despite operating under a different legal framework.

 Examples of non-trivial information security risks arising in day-to-day operations. They cannot be fixed by technical solutions. Why? Because they're management issues, not IT problems.

--- a/marketing/publications/posts/ZZP/For
+++ b/marketing/publications/posts/ZZP/For
@ -1,3 +1,36 @@
+---
+title: "De IT afdeling gaat jouw beveiliging niet op orde krijgen"
+language: nl
+
+proposition: advisory
+
+series-id: s01
+series-title: "Security als managementvraagstuk"
+series-part: 1
+
+audience:
+  - leadership
+
+channels:
+  - linkedin
+linkedin-account: personal
+
+content-type:
+  - post
+
+status: published
+
+publish-dates:
+  linkedin: 2026-05-13T08:30:00Z
+
+published-urls:
+  linkedin: "https://www.linkedin.com/posts/richardkranendonk_managingsecurity-activity-7460245060933136384-IiMo"
+
+notetype: publication
+isotags: []
+tags: []
+---
+
 `posted on 13 May 2026 10:30 CEST to LinkedIn personal stream`
 # De IT afdeling gaat jouw beveiliging niet op orde krijgen

--- a/marketing/publications/posts/ZZP/For
+++ b/marketing/publications/posts/ZZP/For
@ -1,3 +1,36 @@
+---
+title: "All security risks start with a decision"
+language: en
+
+proposition: advisory
+
+series-id: s01
+series-title: "Security as an organisational challenge"
+series-part: 2
+
+audience:
+  - leadership
+
+channels:
+  - linkedin
+linkedin-account: personal
+
+content-type:
+  - post
+
+status: published
+
+publish-dates:
+  linkedin: 2026-05-14T17:15:00Z
+
+published-urls:
+  linkedin: "https://www.linkedin.com/posts/richardkranendonk_managingsecurity-activity-7460739462822592512-sZ68"
+
+notetype: publication
+isotags: []
+tags: []
+---
+
 `Posted on 14 May 2026 19:15 CEST to LinkedIn personal stream`
 # All security risks start with a decision

--- a/marketing/publications/posts/ZZP/For
+++ b/marketing/publications/posts/ZZP/For
@ -1,3 +1,36 @@
+---
+title: "Een beveiligingsrisico begint met een beslissing"
+language: nl
+
+proposition: advisory
+
+series-id: s01
+series-title: "Security als managementvraagstuk"
+series-part: 2
+
+audience:
+  - leadership
+
+channels:
+  - linkedin
+linkedin-account: personal
+
+content-type:
+  - post
+
+status: published
+
+publish-dates:
+  linkedin: 2026-05-18T08:15:00Z
+
+published-urls:
+  linkedin: "https://www.linkedin.com/posts/richardkranendonk_managingsecurity-activity-7462053131720413185-S-oH"
+
+notetype: publication
+isotags: []
+tags: []
+---
+
 `posted on 18 May 2026 10:15 CEST to LinkedIn personal stream`
 # Een beveiligingsrisico begint met een beslissing

--- a/marketing/publications/posts/ZZP/For
+++ b/marketing/publications/posts/ZZP/For
@ -1,3 +1,36 @@
+---
+title: "Security isn't an IT problem, it's a management issue"
+language: en
+
+proposition: advisory
+
+series-id: s01
+series-title: "Security as an organisational challenge"
+series-part: 3
+
+audience:
+  - leadership
+
+channels:
+  - linkedin
+linkedin-account: personal
+
+content-type:
+  - post
+
+status: published
+
+publish-dates:
+  linkedin: 2026-05-15T17:30:00Z
+
+published-urls:
+  linkedin: "https://www.linkedin.com/posts/richardkranendonk_managingsecurity-iso27001-resilience-activity-7461105663067283456-E_-F"
+
+notetype: publication
+isotags: []
+tags: []
+---
+
 `Posted on 15 May 2026 19:30 CEST to LinkedIn personal stream`
 # Security isn't an IT problem, it's a management issue.

--- a/marketing/publications/posts/ZZP/For
+++ b/marketing/publications/posts/ZZP/For
@ -1,3 +1,36 @@
+---
+title: "Security is geen IT-probleem, maar een managementvraagstuk"
+language: nl
+
+proposition: advisory
+
+series-id: s01
+series-title: "Security als managementvraagstuk"
+series-part: 3
+
+audience:
+  - leadership
+
+channels:
+  - linkedin
+linkedin-account: personal
+
+content-type:
+  - post
+
+status: published
+
+publish-dates:
+  linkedin: 2026-05-19T08:00:00Z
+
+published-urls:
+  linkedin: "https://www.linkedin.com/posts/richardkranendonk_managingsecurity-iso27001-cyberweerbaarheid-activity-7462411782574452736-VfjA"
+
+notetype: publication
+isotags: []
+tags: []
+---
+
 `posted on 19 May 2026 10:00 CEST to LinkedIn personal stream`
 # Security is geen IT-probleem, maar een managementvraagstuk.

--- a/marketing/publications/posts/ZZP/For
+++ b/marketing/publications/posts/ZZP/For
@ -1,4 +1,30 @@
-`posted on XX May 2026 XX:XX CEST to LinkedIn personal stream`
+---
+title: "Good intentions don't scale"
+language: en
+
+proposition: advisory
+
+series-id: s01
+series-title: "Security as an organisational challenge"
+series-part: 4
+
+audience:
+  - leadership
+
+channels:
+  - linkedin
+linkedin-account: personal
+
+content-type:
+  - post
+
+status: draft
+
+notetype: publication
+isotags: []
+tags: []
+---
+
 # Good intentions don't scale

 Good intentions don't scale. 
--- a/marketing/publications/posts/ZZP/For
+++ b/marketing/publications/posts/ZZP/For
@ -1,3 +1,36 @@
+---
+title: "Op 1 juli treedt de Cbw in werking"
+language: nl
+
+proposition: advisory
+
+series-id: s02
+series-title: "Cbw-compliance in 8 stappen"
+series-part: 1
+
+audience:
+  - leadership
+
+channels:
+  - linkedin
+linkedin-account: personal
+
+content-type:
+  - post
+
+status: published
+
+publish-dates:
+  linkedin: 2026-05-21T08:03:00Z
+
+published-urls:
+  linkedin: "https://www.linkedin.com/posts/richardkranendonk_managingsecurity-cbw-nis2-share-7463137163187171328-OQMx/"
+
+notetype: publication
+isotags: []
+tags: []
+---
+
 `posted on 21 May 2026 10:03 CEST to LinkedIn personal stream`

 Als bestuurder wordt jij op 1 juli 2026 persoonlijk verantwoordelijk voor informatiebeveiliging.
--- a/marketing/publications/posts/ZZP/For
+++ b/marketing/publications/posts/ZZP/For
@ -1,3 +1,36 @@
+---
+title: "Je cybersecurity hoeft niet perfect te zijn"
+language: nl
+
+proposition: advisory
+
+series-id: s02
+series-title: "Cbw-compliance in 8 stappen"
+series-part: 2
+
+audience:
+  - leadership
+
+channels:
+  - linkedin
+linkedin-account: personal
+
+content-type:
+  - post
+
+status: published
+
+publish-dates:
+  linkedin: 2026-05-26T08:40:00Z
+
+published-urls:
+  linkedin: "https://www.linkedin.com/posts/richardkranendonk_managingsecurity-cbw-nis2-share-7464958267241267200-rCSz/"
+
+notetype: publication
+isotags: []
+tags: []
+---
+
 `posted on 26 May 2026 10:40 CEST to LinkedIn personal stream`
 # Je cybersecurity hoeft niet perfect te zijn

--- a/marketing/publications/posts/ZZP/For
+++ b/marketing/publications/posts/ZZP/For
@ -1,3 +1,36 @@
+---
+title: "De Cbw voor bestuurders: waar begin je?"
+language: nl
+
+proposition: advisory
+
+series-id: s02
+series-title: "Cbw-compliance in 8 stappen"
+series-part: 3
+
+audience:
+  - leadership
+
+channels:
+  - linkedin
+linkedin-account: personal
+
+content-type:
+  - post
+
+status: published
+
+publish-dates:
+  linkedin: 2026-05-27T08:22:00Z
+
+published-urls:
+  linkedin: "https://www.linkedin.com/posts/richardkranendonk_managingsecurity-cbw-nis2-share-7465316450682011650-lg9O/"
+
+notetype: publication
+isotags: []
+tags: []
+---
+
 `posted on 27 May 2026 10:22 CEST to LinkedIn personal stream`
 # De Cbw voor bestuurders: waar begin je?

--- a/marketing/publications/posts/ZZP/For
+++ b/marketing/publications/posts/ZZP/For
@ -1,3 +1,36 @@
+---
+title: "Hoe kun je als bestuurder aantonen dat je voldoet aan de Cbw?"
+language: nl
+
+proposition: advisory
+
+series-id: s02
+series-title: "Cbw-compliance in 8 stappen"
+series-part: 4
+
+audience:
+  - leadership
+
+channels:
+  - linkedin
+linkedin-account: personal
+
+content-type:
+  - post
+
+status: published
+
+publish-dates:
+  linkedin: 2026-05-28T08:33:00Z
+
+published-urls:
+  linkedin: "https://www.linkedin.com/posts/richardkranendonk_managingsecurity-cbw-nis2-share-7465681697880035329-E7VV/"
+
+notetype: publication
+isotags: []
+tags: []
+---
+
 `posted on 28 May 2026 10:33 CEST to LinkedIn personal stream`

 # Hoe kun je als bestuurder aantonen dat je voldoet aan de Cbw?
--- a/marketing/publications/posts/ZZP/For
+++ b/marketing/publications/posts/ZZP/For
@ -1,3 +1,36 @@
+---
+title: "De Cbw is geen project!"
+language: nl
+
+proposition: advisory
+
+series-id: s02
+series-title: "Cbw-compliance in 8 stappen"
+series-part: 5
+
+audience:
+  - leadership
+
+channels:
+  - linkedin
+linkedin-account: personal
+
+content-type:
+  - post
+
+status: published
+
+publish-dates:
+  linkedin: 2026-06-01T13:31:00Z
+
+published-urls:
+  linkedin: "https://www.linkedin.com/posts/richardkranendonk_managingsecurity-cbw-nis2-activity-7467206197365030912-E-pn"
+
+notetype: publication
+isotags: []
+tags: []
+---
+
 `posted on 1 June 2026 15:31 CEST to LinkedIn personal stream`

 # De Cbw is geen project!
--- a/marketing/publications/posts/ZZP/For
+++ b/marketing/publications/posts/ZZP/For
@ -1,3 +1,28 @@
+---
+title: "Bonus post: Cbw en ISO 27001"
+language: nl

+proposition: advisory
+
+series-id: s02
+series-title: "Cbw-compliance in 8 stappen"
+series-part: 6
+
+audience:
+  - leadership
+
+channels:
+  - linkedin
+linkedin-account: personal
+
+content-type:
+  - post
+
+status: draft
+
+notetype: publication
+isotags: []
+tags: []
+---

 — Cbw-compliance in 8 stappen — 5/5 \#managingsecurity \#Cbw \#NIS2
--- a/marketing/publications/posts/ZZP/For
+++ b/marketing/publications/posts/ZZP/For
@ -1,3 +1,30 @@
+---
+title: "Er is geen diploma voor Cbw-compliance"
+language: nl
+
+proposition: advisory
+
+series-id: s02
+series-title: "Cbw-compliance in 8 stappen"
+series-part: null
+
+audience:
+  - leadership
+
+channels:
+  - linkedin
+linkedin-account: personal
+
+content-type:
+  - post
+
+status: draft
+
+notetype: publication
+isotags: []
+tags: []
+---
+
 Er is geen diploma voor Cbw-compliance, but the ISO 27001 comes pretty close.

 — Cbw-compliance in 8 stappen — 5/5 \#managingsecurity \#Cbw \#NIS2
--- a/marketing/publications/posts/ZZP/For
+++ b/marketing/publications/posts/ZZP/For
@ -1,3 +1,30 @@
+---
+title: "Toch een Cbw checklist"
+language: nl
+
+proposition: advisory
+
+series-id: s02
+series-title: "Cbw-compliance in 8 stappen"
+series-part: null
+
+audience:
+  - leadership
+
+channels:
+  - linkedin
+linkedin-account: personal
+
+content-type:
+  - post
+
+status: draft
+
+notetype: publication
+isotags: []
+tags: []
+---
+
 # De Cbw voor bestuurders: weten waar je staat vóór 1 juli 2026

 In mijn vorige post schreef ik, dat je de minimummaatregelen uit artikel 21 van de Cyberbeveiligingswet moet zien als een kader om te sturen in een voortdurend veranderende omgeving, en niet als een checklist voor eenmalig gebruik.
@ -13,4 +40,3 @@ Als je na de checklist graag een uurtje wilt sparren over hoe nu verder, dan pra
 — Cbw-compliance in 8 stappen — 5/5 \#managingsecurity \#Cbw \#NIS2

 https://iso27diy.com/assets/cbw-checklist.html
-
--- a/marketing/publications/posts/ZZP/For
+++ b/marketing/publications/posts/ZZP/For
@ -1,3 +1,26 @@
+---
+title: "Do you supply EU customers in vital sectors?"
+language: en
+
+proposition: advisory
+
+audience:
+  - msp
+
+channels:
+  - linkedin
+linkedin-account: personal
+
+content-type:
+  - post
+
+status: draft
+
+notetype: publication
+isotags: []
+tags: []
+---
+
 **Do you supply EU customers in vital sectors? They will send you this checklist.**

 The EU Cybersecurity Act (NIS2) is now being implemented across member states of the European Union. One of its core requirements: supply chain responsibility. Organizations that fall under the law are legally obligated to assess the security posture of their suppliers — and to contractually enforce minimum standards.
--- a/marketing/publications/posts/ZZP/You
+++ b/marketing/publications/posts/ZZP/You
@ -1,3 +1,26 @@
+---
+title: "Sorry, but you can't automate ISO 27001 compliance"
+language: en
+
+proposition: advisory
+
+audience:
+  - general
+
+channels:
+  - linkedin
+linkedin-account: personal
+
+content-type:
+  - post
+
+status: draft
+
+notetype: publication
+isotags: []
+tags: []
+---
+
 **Sorry, but you can't automate ISO 27001 compliance**

 Some vendors promise ISO 27001 certification at next to nothing, through the use of AI. Cheap, fast, and effortless. If it sounds too good to be true, it probably is.
--- a/metadata/corpus-metadata-backup.md
+++ b/metadata/corpus-metadata-backup.md
@ -0,0 +1,97 @@
+# Corpus Metadata
+
+- All notes in `/Users/rico/Library/Mobile Documents/iCloud~md~obsidian/Documents/MyVault/iso27diy-corp/Corpus` need metadata. 
+- These metadata need to follow the [obsidian-front-matter-syntax](obsidian-front-matter-syntax.md). 
+- Obsidian calls metadata variables 'Properties'
+- In this Corpus we use General properties (every note should have them) and specific properties (depending on the kind of note, which can be inferred from the `notetype` property, see below).
+
+## General properties
+
+**Notetype**
+
+The `notetype` field will have one of the following values:
+
+- `guide`: guided, hands-on lessons, learning by doing, interactive lessons
+- `explanation`: background and context to the standards, paraphrases of the original standard texts, opinion, discussion, underlying principles, interpretation
+- `application`: steps to solve a specific, real-world problem. Implementing the standard in real world environments, implementation aids, implementation examples, templates, etc.
+- `reference`: secondary sources of information, like original standard texts, dictionaries, terms and definitions.
+- `publication`: for content created by TSW for publication, e.g. articles, eBooks, social media posts.
+- `other`: for all notes that, by there content, cannot be placed in one for the previous categories.
+- `iso27diyGIS`: notes that belong to the ISO27DIY Guided Implementation System (GIS).
+
+**Language**
+
+- For the `language` property we use the language code as defined in ISO 639-1.
+
+**Isotags**
+
+The property `isotags`, of type list, allows any note to be linked to clauses and controls of the ISO 27001 / ISO 27002 standard, by the `id` property of the Original Standard Texts, found in `Corpus/Standards/ISO27x/OST/27001/EN` and `/Corpus/Standards/ISO27x/OST/27002/EN`, respectively.
+
+For example, a note that needs to be linked to ISO 27001 clause 5.2 Policy, will get a value of `C.5.2` added to its `isotags` list. Likewise, a note that needs to be linked to ISO 27002 control 5.15 Access control, will get a value of `A.5.15` added to its `isotags` list.
+
+## Properties for ISO 27001 and 27002 Original Standard Texts
+
+Original Standard Texts are found in `Corpus/Standards/ISO27x/OST/` .
+
+*Important: the body of these notes must never be changed!*
+
+OST notes inherit the general properties, and also have the following properties:
+
+-  `status`: as of yet, the only value defined for the property is `active`. I foresee a `superseded` or `replaced` status for later.
+- `sourcetext`: the standard name and version, e.g. `iso27001:en:2022`
+
+The OST/27002 have specific properties deduced from chapter 4 of the standard ("Themes and Attributes"). They are:
+- `theme`
+- `control_type`
+- `information_security_properties`
+- `cybersecurity_concepts`
+- `operational_capabilities`
+- `security_domains`. 
+
+For the possible values of these properties, see [themes-and-attributes-in-iso-27002](themes-and-attributes-in-iso-27002.md).
+
+## Properties for the ISO27DIY Guided Implementation System
+
+- Notes in the `iso27DIY-gis` folder and subfolders are of `notetype`  `iso27diyGIS`.
+- Notes in the `iso27DIY-gis/guide` subfolder ...
+- Notes in the `iso27DIY-gis/reference` subfolder ...
+
+## Properties for Publications
+
+- publications can be found in `iso27diy-corp/Marketing/publications` and are of `notetype` `publication`
+
+
+```
+---
+title: ""            # post title
+series: ""           # series title
+series-slug: ""      # series title as a slug, e.g. "access-control-basics"
+series-part: 1       # position within the series; omit if standalone
+theme: ""            # broader topic cluster, e.g. "ISO27001 myths"
+channels:            # list — a post can go to multiple channels
+  - linkedin
+  - newsletter
+  - blog
+status: draft        # draft | ready | scheduled | published
+publish-dates:       # ISO 8601, e.g. 2026-06-10; can be a list if channels differ
+  linkedin: 2026-06-10
+  newsletter: 2026-06-17
+  blog: 2026-06-17
+published-urls:      # fill in after publishing; one per channel
+  linkedin: ""
+  blog: ""
+content-type: ""     # post | article | newsletter-section | thread
+source-notes:        # vault notes this was drawn from
+  - "[[path/to/note]]"
+tags: []
+
+notetype: publication
+isotags:
+iso-id
+audience
+
+---
+```
+
+
+
--- a/metadata/corpus-metadata.md
+++ b/metadata/corpus-metadata.md
@ -16,7 +16,7 @@ The `notetype` field will have one of the following values:
 - `application`: steps to solve a specific, real-world problem. Implementing the standard in real world environments, implementation aids, implementation examples, templates, etc.
 - `reference`: secondary sources of information, like original standard texts, dictionaries, terms and definitions.
 - `publication`: for content created by TSW for publication, e.g. articles, eBooks, social media posts.
- `other`: for all notes that, by there content, cannot be placed in one for the previous categories.
+- `other`: for all notes that, by their content, cannot be placed in one of the previous categories.
 - `iso27diyGIS`: notes that belong to the ISO27DIY Guided Implementation System (GIS).

 **Language**
@ -37,7 +37,7 @@ Original Standard Texts are found in `Corpus/Standards/ISO27x/OST/` .

 OST notes inherit the general properties, and also have the following properties:

-  `status`: as of yet, the only value defined for the property is `active`. I foresee a `superseded` or `replaced` status for later.
+- `status`: as of yet, the only value defined for the property is `active`. I foresee a `superseded` or `replaced` status for later.
 - `sourcetext`: the standard name and version, e.g. `iso27001:en:2022`

 The OST/27002 have specific properties deduced from chapter 4 of the standard ("Themes and Attributes"). They are:
@ -46,52 +46,98 @@ The OST/27002 have specific properties deduced from chapter 4 of the standard ("
 - `information_security_properties`
 - `cybersecurity_concepts`
 - `operational_capabilities`
- `security_domains`. 
+- `security_domains`

 For the possible values of these properties, see [themes-and-attributes-in-iso-27002](themes-and-attributes-in-iso-27002.md).

 ## Properties for the ISO27DIY Guided Implementation System

- Notes in the `iso27DIY-gis` folder and subfolders are of `notetype`  `iso27diyGIS`.
+- Notes in the `iso27DIY-gis` folder and subfolders are of `notetype` `iso27diyGIS`.
 - Notes in the `iso27DIY-gis/guide` subfolder ...
 - Notes in the `iso27DIY-gis/reference` subfolder ...

 ## Properties for Publications

- publications can be found in `iso27diy-corp/Marketing/publications` and are of `notetype` `publication`
+Publications are found in `iso27diy-corp/Marketing/publications` and are of `notetype` `publication`.

+### Folder structure

-```
+All publication notes live directly under `iso27diy-corp/Marketing/publications/posts/`. There are no audience or proposition subfolders — segmentation is handled entirely by front matter.
+
+### Controlled vocabularies
+
+**`proposition`** — which ISO27DIY product or practice this content promotes:
+- `advisory` — Richard's advisory practice (ZZP)
+- `canvas` — the Canvas Method product
+- `iso27diy` — the ISO27DIY SaaS product
+
+**`audience`** — who the content is aimed at:
+- `leadership` — directors, board members, senior management
+- `msp` — managed service providers
+- `technical` — IT professionals, security practitioners
+- `general` — no specific segment
+
+**`channels`** — where the content is published:
+- `linkedin`
+- `newsletter`
+- `blog`
+
+**`linkedin-account`** — which LinkedIn account was used; only relevant when `linkedin` is in `channels`:
+- `personal` — Richard's personal LinkedIn profile
+- `company` — ISO27DIY company page
+
+**`content-type`** — the format of the content:
+- `post`
+- `article`
+- `newsletter-section`
+- `thread`
+
+**`status`**:
+- `draft` — work in progress
+- `ready` — approved, not yet scheduled
+- `scheduled` — publish date set
+- `published` — live
+
+### Template
+
+```yaml
 ---
-title: ""            # post title
-series: ""           # series title
-series-slug: ""      # series title as a slug, e.g. "access-control-basics"
-series-part: 1       # position within the series; omit if standalone
-theme: ""            # broader topic cluster, e.g. "ISO27001 myths"
-channels:            # list — a post can go to multiple channels
+title: ""                # human-readable post title
+language: ""             # ISO 639-1 code: en | nl
+
+proposition: ""          # advisory | canvas | iso27diy
+
+series-id: ""            # short machine-readable code, e.g. s01, s02; omit if standalone
+series-title: ""         # human-readable series name; omit if standalone
+series-part:             # integer position within series; null if unpositioned draft; omit if standalone
+
+audience:                # one or more of: leadership | msp | technical | general
+  - leadership
+
+channels:                # one or more of: linkedin | newsletter | blog
  - linkedin
-  - newsletter
-  - blog
-status: draft        # draft | ready | scheduled | published
-publish-dates:       # ISO 8601, e.g. 2026-06-10; can be a list if channels differ
-  linkedin: 2026-06-10
-  newsletter: 2026-06-17
-  blog: 2026-06-17
-published-urls:      # fill in after publishing; one per channel
+linkedin-account: personal   # personal | company; omit if linkedin not in channels
+
+content-type:            # one or more of: post | article | newsletter-section | thread
+  - post
+
+status: draft            # draft | ready | scheduled | published
+
+publish-dates:           # ISO 8601 datetime in UTC, e.g. 2026-05-13T17:30:00Z
+  linkedin: 2026-05-13T17:30:00Z
+
+published-urls:          # fill after publishing; omit channels not yet published
  linkedin: ""
-  blog: ""
-content-type: ""     # post | article | newsletter-section | thread
-source-notes:        # vault notes this was drawn from
+
+source-notes:            # optional — vault notes this was drawn from; omit if none
  - "[[path/to/note]]"
-tags: []

 notetype: publication
-isotags:
-iso-id
-audience
-
+isotags: []              # ISO 27001/27002 clause/control links; omit if not applicable
+tags: []
 ---
 ```

+### Filename convention

-
+Publication filenames follow the pattern `{series-id}p{series-part}{language} - {title-slug}.md`, e.g. `s01p01en - IT is not going to fix your security problem.md`. Standalone posts use a plain descriptive slug with no series prefix.