Front matter added with prepend_frontmatter.py

2026-05-02 11:31:49 +02:00 · 2026-05-02 11:31:49 +02:00 · 880e2f2044
commit 880e2f2044
parent 324add41f4
92 changed files with 2224 additions and 33 deletions
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.10-Acceptable-use-of-information-and-other-associated-assets.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.10-Acceptable-use-of-information-and-other-associated-assets.md
@ -1,3 +1,29 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.10"
+title: "Acceptable use of information and other associated assets"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Asset_management
+  - Information_protection
+security_domains:
+  - Governance_and_Ecosystem
+  - Protection
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.10 Acceptable use of information and other associated assets

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities                  | Security domains                      |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.11-Return-of-assets.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.11-Return-of-assets.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.11"
+title: "Return of assets"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Asset_management]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.11 Return of assets

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.12-Classification-of-information.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.12-Classification-of-information.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.12"
+title: "Classification of information"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Identify]
+operational_capabilities: [Information_protection]
+security_domains:
+  - Protection
+  - Defence
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.12 Classification of information

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities | Security domains     |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.13-Labelling-of-information.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.13-Labelling-of-information.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.13"
+title: "Labelling of information"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Information_protection]
+security_domains:
+  - Defence
+  - Protection
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.13 Labelling of information

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.14-Information-transfer.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.14-Information-transfer.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.14"
+title: "Information transfer"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Asset_management
+  - Information_protection
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.14 Information transfer

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities                  | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.15-Access-control.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.15-Access-control.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.15"
+title: "Access control"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Identity_and_access_management]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.15 Access control

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities        | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.16-Identity-management.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.16-Identity-management.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.16"
+title: "Identity management"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Identity_and_access_management]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.16 Identity management

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities        | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.17-Authentication-information.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.17-Authentication-information.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.17"
+title: "Authentication information"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Identity_and_access_management]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.17 Authentication information

 ### Control
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.18-Access-rights.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.18-Access-rights.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.18"
+title: "Access rights"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Identity_and_access_management]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.18 Access rights

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities        | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.19-Information-security-in-supplier-relationships.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.19-Information-security-in-supplier-relationships.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.19"
+title: "Information security in supplier relationships"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Identify]
+operational_capabilities: [Supplier_relationships_security]
+security_domains:
+  - Governance_and_Ecosystem
+  - Protection
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.19 Information security in supplier relationships

 **Control**
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.2-Information-security-roles-and-responsibilities.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.2-Information-security-roles-and-responsibilities.md
@ -1,3 +1,28 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.2"
+title: "Information security roles and responsibilities"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Identify]
+operational_capabilities: [Governance]
+security_domains:
+  - Governance_and_Ecosystem
+  - Protection
+  - Resilience
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.2 Information security roles and responsibilities

 ### Control
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.20-Addressing-information-security-within-supplier-agreements.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.20-Addressing-information-security-within-supplier-agreements.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.20"
+title: "Addressing information security within supplier agreements"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Identify]
+operational_capabilities: [Supplier_relationships_security]
+security_domains:
+  - Governance_and_Ecosystem
+  - Protection
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.20 Addressing information security within supplier agreements

 **Control**
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.21-Managing-information-security-in-the-ICT-supply-chain.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.21-Managing-information-security-in-the-ICT-supply-chain.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.21"
+title: "Managing information security in the ICT supply chain"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Identify]
+operational_capabilities: [Supplier_relationships_security]
+security_domains:
+  - Governance_and_Ecosystem
+  - Protection
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.21 Managing information security in the ICT supply chain

 **Control**
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.22-Monitoring-review-and-change-management-of-supplier-services.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.22-Monitoring-review-and-change-management-of-supplier-services.md
@ -1,3 +1,29 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.22"
+title: "Monitoring, review and change management of supplier services"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Identify]
+operational_capabilities: [Supplier_relationships_security]
+security_domains:
+  - Governance_and_Ecosystem
+  - Protection
+  - Defence
+  - Information_security_assurance
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.22 Monitoring, review, and change management of supplier services

 **Control**
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.23-Information-security-for-use-of-cloud-services.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.23-Information-security-for-use-of-cloud-services.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.23"
+title: "Information security for use of cloud services"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Supplier_relationships_security]
+security_domains:
+  - Governance_and_Ecosystem
+  - Protection
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.23 Information security for use of cloud services

 #### Control
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.24-Information-security-incident-management-planning-and-preparation.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.24-Information-security-incident-management-planning-and-preparation.md
@ -1,3 +1,29 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.24"
+title: "Information security incident management planning and preparation"
+theme: Organizational
+control_type: [Corrective]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Respond
+  - Recover
+operational_capabilities:
+  - Governance
+  - Information_security_event_management
+security_domains: [Defence]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.24 Information security incident management planning and preparation

 #### Control
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.25-Assessment-and-decision-on-information-security-events.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.25-Assessment-and-decision-on-information-security-events.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.25"
+title: "Assessment and decision on information security events"
+theme: Organizational
+control_type: [Detective]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Detect
+  - Respond
+operational_capabilities: [Information_security_event_management]
+security_domains: [Defence]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.25 Assessment and decision on information security events

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.26-Response-to-information-security-incidents.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.26-Response-to-information-security-incidents.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.26"
+title: "Response to information security incidents"
+theme: Organizational
+control_type: [Corrective]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Respond
+  - Recover
+operational_capabilities: [Information_security_event_management]
+security_domains: [Defence]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.26 Response to information security incidents

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.27-Learning-from-information-security-incidents.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.27-Learning-from-information-security-incidents.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.27"
+title: "Learning from information security incidents"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Identify
+  - Protect
+operational_capabilities: [Information_security_event_management]
+security_domains: [Defence]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.27 Learning from information security incidents

 #### Control
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.28-Collection-of-evidence.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.28-Collection-of-evidence.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.28"
+title: "Collection of evidence"
+theme: Organizational
+control_type: [Corrective]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Detect
+  - Respond
+operational_capabilities: [Information_security_event_management]
+security_domains: [Defence]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.28 Collection of evidence

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.29-Information-security-during-disruption.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.29-Information-security-during-disruption.md
@ -1,3 +1,31 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.29"
+title: "Information security during disruption"
+theme: Organizational
+control_type:
+  - Preventive
+  - Corrective
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Protect
+  - Respond
+operational_capabilities: [Continuity]
+security_domains:
+  - Protection
+  - Resilience
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.29 Information security during disruption

 | Control type            | Information security properties           | Cybersecurity concepts | Operational capabilities | Security domains        |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.3-Segregation-of-duties.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.3-Segregation-of-duties.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.3"
+title: "Segregation of duties"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Governance
+  - Identity_and_access_management
+security_domains: [Governance_and_Ecosystem]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.3 Segregation of duties

 ### Control
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.30-ICT-readiness-for-business-continuity.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.30-ICT-readiness-for-business-continuity.md
@ -1,3 +1,22 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.30"
+title: "ICT readiness for business continuity"
+theme: Organizational
+control_type: [Corrective]
+information_security_properties: [Availability]
+cybersecurity_concepts: [Respond]
+operational_capabilities: [Continuity]
+security_domains: [Resilience]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## **5.30** **ICT** **readiness** **for** **business** continuity

 ## Purpose
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.31-Legal-statutory-regulatory-and-contractual-requirements.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.31-Legal-statutory-regulatory-and-contractual-requirements.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.31"
+title: "Legal, statutory, regulatory and contractual requirements"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Identify]
+operational_capabilities: [Legal_and_compliance]
+security_domains:
+  - Governance_and_Ecosystem
+  - Protection
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.31 Legal, statutory, regulatory and contractual requirements

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities | Security domains                      |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.32-Intellectual-property-rights.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.32-Intellectual-property-rights.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.32"
+title: "Intellectual property rights"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Identify]
+operational_capabilities: [Legal_and_compliance]
+security_domains: [Governance_and_Ecosystem]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.32 Intellectual property rights

 **Control**
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.33-Protection-of-records.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.33-Protection-of-records.md
@ -1,12 +1,31 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.33"
+title: "Protection of records"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Identify
+  - Protect
+operational_capabilities:
+  - Legal_and_compliance
+  - Asset_management
+  - Information_protection
+security_domains: [Defence]
+tags:
+  - iso27002/2022/EN
+status: active
+---
 ## 5.33 Protection of records
  
-  
-
-| Control type | Information security properties           | Cybersecurity concepts | Operational capabilities                                        | Security domains |
-| ------------ | ----------------------------------------- | ---------------------- | --------------------------------------------------------------- | ---------------- |
-| #Preventive  | #Confidentiality #Integrity #Availability | #Identify #Protect     | #Legal_and_compliance #Asset_management #Information_protection | #Defence         |
-
-  
 **Control**
 Records should be protected from loss, destruction, falsification, unauthorized access and unauthorized release.

--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.34-Privacy-and-protection-of-PII.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.34-Privacy-and-protection-of-PII.md
@ -1,11 +1,32 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.34"
+title: "Privacy and protection of PII"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Identify
+  - Protect
+operational_capabilities:
+  - Information_protection
+  - Legal_and_compliance
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.34 Privacy and protection of PII


-
-| Control type | Information security properties           | Cybersecurity concepts | Operational capabilities                      | Security domains |
-| ------------ | ----------------------------------------- | ---------------------- | --------------------------------------------- | ---------------- |
-| #Preventive  | #Confidentiality #Integrity #Availability | #Identify #Protect     | #Information_protection #Legal_and_compliance | #Protection      |
-
 **Control**
 The organization should identify and meet the requirements regarding the preservation of privacy and protection of PII according to applicable laws and regulations and contractual requirements.

--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.35-Independent-review-of-information-security.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.35-Independent-review-of-information-security.md
@ -1,3 +1,29 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.35"
+title: "Independent review of information security"
+theme: Organizational
+control_type:
+  - Preventive
+  - Corrective
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Identify
+  - Protect
+operational_capabilities: [Information_security_assurance]
+security_domains: [Governance_and_Ecosystem]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.35 Independent review of information security

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.36-Compliance-with-policies-rules-and-standards-for-information-security.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.36-Compliance-with-policies-rules-and-standards-for-information-security.md
@ -1,3 +1,29 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.36"
+title: "Compliance with policies, rules and standards for information security"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Identify
+  - Protect
+operational_capabilities:
+  - Legal_and_compliance
+  - Information_security_assurance
+security_domains: [Governance_and_Ecosystem]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.36 Compliance with policies, rules and standards for information security

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities                              | Security domains          |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.37-Documented-operating-procedures.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.37-Documented-operating-procedures.md
@ -1,3 +1,41 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.37"
+title: "Documented operating procedures"
+theme: Organizational
+control_type:
+  - Preventive
+  - Corrective
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Protect
+  - Recover
+operational_capabilities:
+  - Asset_management
+  - Physical_security
+  - System_and_network_security
+  - Application_security
+  - Secure_configuration
+  - Identity_and_access_management
+  - Threat_and_vulnerability_management
+  - Continuity
+  - Information_security_event_management
+security_domains:
+  - Governance_and_Ecosystem
+  - Protection
+  - Defence
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.37 Documented operating procedures

 | Control type            | Information security properties           | Cybersecurity concepts | Operational capabilities                                                                                                                                                                                                              | Security domains                               |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.4-Management-responsibilities.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.4-Management-responsibilities.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.4"
+title: "Management responsibilities"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Identify]
+operational_capabilities: [Governance]
+security_domains: [Governance_and_Ecosystem]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.4 Management responsibilities

 #### Control
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.5-Contact-with-authorities.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.5-Contact-with-authorities.md
@ -1,3 +1,33 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.5"
+title: "Contact with authorities"
+theme: Organizational
+control_type:
+  - Preventive
+  - Corrective
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Identify
+  - Protect
+  - Respond
+  - Recover
+operational_capabilities: [Governance]
+security_domains:
+  - Defence
+  - Resilience
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.5 Contact with authorities

 #### Control
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.6-Contact-with-special-interest-groups.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.6-Contact-with-special-interest-groups.md
@ -1,3 +1,30 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.6"
+title: "Contact with special interest groups"
+theme: Organizational
+control_type:
+  - Preventive
+  - Corrective
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Protect
+  - Respond
+  - Recover
+operational_capabilities: [Governance]
+security_domains: [Defence]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.6 Contact with special interest groups

 #### Control
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.7-Threat-intelligence.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.7-Threat-intelligence.md
@ -1,3 +1,33 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.7"
+title: "Threat intelligence"
+theme: Organizational
+control_type:
+  - Preventive
+  - Detective
+  - Corrective
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Identify
+  - Detect
+  - Respond
+operational_capabilities: [Threat_and_vulnerability_management]
+security_domains:
+  - Defence
+  - Resilience
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.7 Threat intelligence

 #### Control
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.8-Information-security-in-project-management.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.8-Information-security-in-project-management.md
@ -1,3 +1,29 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.8"
+title: "Information security in project management"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Identify
+  - Protect
+operational_capabilities: [Governance]
+security_domains:
+  - Governance_and_Ecosystem
+  - Protection
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.8 Information security in project management

 #### Control
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-5.9-Inventory-of-information-and-other-associated-assets.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-5.9-Inventory-of-information-and-other-associated-assets.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.5.9"
+title: "Inventory of information and other associated assets"
+theme: Organizational
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Identify]
+operational_capabilities: [Asset_management]
+security_domains:
+  - Governance_and_Ecosystem
+  - Protection
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 5.9 Inventory of information and other associated assets

 | Control type | Information security properties | Cybersecurity concepts | Operational capabilities | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-6.1-Screening.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-6.1-Screening.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.6.1"
+title: "Screening"
+theme: People
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Human_resource_security]
+security_domains: [Governance_and_Ecosystem]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 6.1 Screening

 | **Control type** | **Information security properties**       | **Cybersecurity concepts** | **Operational capabilities** | **Security domains**      |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-6.2-Terms-and-conditions-of-employment.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-6.2-Terms-and-conditions-of-employment.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.6.2"
+title: "Terms and conditions of employment"
+theme: People
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Human_resource_security]
+security_domains: [Governance_and_Ecosystem]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 6.2 Terms and conditions of employment

 | **Control type** | **Information security properties**       | **Cybersecurity concepts** | **Operational capabilities** | **Security domains**      |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-6.3-Information-security-awareness-education-and-training.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-6.3-Information-security-awareness-education-and-training.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.6.3"
+title: "Information security awareness, education and training"
+theme: People
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Human_resource_security]
+security_domains: [Governance_and_Ecosystem]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 6.3 Information security awareness, education and training

 | **Control type** | **Information security properties**       | **Cybersecurity concepts** | **Operational capabilities** | **Security domains**      |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-6.4-Disciplinary-process.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-6.4-Disciplinary-process.md
@ -1,3 +1,29 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.6.4"
+title: "Disciplinary process"
+theme: People
+control_type:
+  - Preventive
+  - Corrective
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Protect
+  - Respond
+operational_capabilities: [Human_resource_security]
+security_domains: [Governance_and_Ecosystem]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 6.4 Disciplinary process

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-6.5-Responsibilities-after-termination-or-change-of-employment.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-6.5-Responsibilities-after-termination-or-change-of-employment.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.6.5"
+title: "Responsibilities after termination or change of employment"
+theme: People
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Human_resource_security
+  - Asset_management
+security_domains: [Governance_and_Ecosystem]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 6.5 Responsibilities after termination or change of employment

 | **Control type** | **Information security properties**       | **Cybersecurity concepts** | **Operational capabilities** | **Security domains** |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-6.6-Confidentiality-or-non-disclosure-agreements.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-6.6-Confidentiality-or-non-disclosure-agreements.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.6.6"
+title: "Confidentiality or non-disclosure agreements"
+theme: People
+control_type: [Preventive]
+information_security_properties: [Confidentiality]
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Human_resource_security
+  - Information_protection
+  - Supplier_relationships_security
+security_domains: [Governance_and_Ecosystem]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 6.6 Confidentiality or non-disclosure agreements

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-6.7-Remote-working.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-6.7-Remote-working.md
@ -1,3 +1,29 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.6.7"
+title: "Remote working"
+theme: People
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Asset_management
+  - Information_protection
+  - Physical_security
+  - System_and_network_security
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 6.7 Remote working

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-6.8-Information-security-event-reporting.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-6.8-Information-security-event-reporting.md
@ -1,15 +1,28 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.6.8"
+title: "Information security event reporting"
+theme: People
+control_type: [Detective]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Detect]
+operational_capabilities: [Information_security_event_management]
+security_domains: [Defence]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 6.8 Information security event reporting
  

-
-| **Control type** | **Information security properties** | **Cybersecurity concepts** | **Operational capabilities** | **Security domains** |
-
-|------------------|-----------------------------------------|---------------------------|---------------------------------------------|---------------------|
-
-| #Detective | #Confidentiality #Integrity #Availability | #Detect | #Information_security_event_management | #Defence |
-
-  
-
 **Control**

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-7.1-Physical-security-perimeters.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-7.1-Physical-security-perimeters.md
@ -1,9 +1,26 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.7.1"
+title: "Physical security perimeters"
+theme: Physical
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Physical_security]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
 ## 7.1 Physical security perimeters

-| **Control type** | **Information security properties** | **Cybersecurity concepts** | **Operational capabilities** | **Security domains** |
-|------------------|-----------------------------------------|---------------------------|-----------------------------------|---------------------|
-| #Preventive | #Confidentiality #Integrity #Availability | #Protect | #Physical_security |
-
 **Control**
 Security perimeters should be defined and used to protect areas that contain information and other associated assets.

--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-7.10-Storage-media.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-7.10-Storage-media.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.7.10"
+title: "Storage media"
+theme: Physical
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Physical_security
+  - Asset_management
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 7.10 Storage media

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-7.11-Supporting-utilities.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-7.11-Supporting-utilities.md
@ -1,3 +1,28 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.7.11"
+title: "Supporting utilities"
+theme: Physical
+control_type:
+  - Preventive
+  - Detective
+information_security_properties:
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Protect
+  - Detect
+operational_capabilities: [Physical_security]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 7.11 Supporting utilities

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-7.12-Cabling-security.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-7.12-Cabling-security.md
@ -1,3 +1,24 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.7.12"
+title: "Cabling security"
+theme: Physical
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Physical_security]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 7.12 Cabling security

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-7.13-Equipment-maintenance.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-7.13-Equipment-maintenance.md
@ -1,3 +1,29 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.7.13"
+title: "Equipment maintenance"
+theme: Physical
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Physical_security
+  - Asset_management
+security_domains:
+  - Protection
+  - Resilience
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 7.13 Equipment maintenance

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-7.14-Secure-disposal-or-re-use-of-equipment.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-7.14-Secure-disposal-or-re-use-of-equipment.md
@ -1,3 +1,24 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.7.14"
+title: "Secure disposal or re-use of equipment"
+theme: Physical
+control_type: [Preventive]
+information_security_properties: [Confidentiality]
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Physical_security
+  - Asset_management
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 7.14 Secure disposal or re-use of equipment

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-7.2-Physical-entry.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-7.2-Physical-entry.md
@ -1,15 +1,31 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.7.2"
+title: "Physical entry"
+theme: Physical
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Physical_security
+  - Identity_and_access_management
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 7.2 Physical entry



-| **Control type** | **Information security properties** | **Cybersecurity concepts** | **Operational capabilities** | **Security domains** |
-
-|------------------|-----------------------------------------|---------------------------|-----------------------------------------------------|---------------------|
-
-| #Preventive | #Confidentiality #Integrity #Availability | #Protect | #Physical_security #Identity_and_Access
-
-  
-
 **Control**

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-7.3-Securing-offices-rooms-and-facilities.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-7.3-Securing-offices-rooms-and-facilities.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.7.3"
+title: "Securing offices, rooms and facilities"
+theme: Physical
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Physical_security
+  - Asset_management
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 7.3 Securing offices, rooms and facilities

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-7.4-Physical-security-monitoring.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-7.4-Physical-security-monitoring.md
@ -1,3 +1,31 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.7.4"
+title: "Physical security monitoring"
+theme: Physical
+control_type:
+  - Preventive
+  - Detective
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Protect
+  - Detect
+operational_capabilities: [Physical_security]
+security_domains:
+  - Protection
+  - Defence
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 7.4 Physical security monitoring

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-7.5-Protecting-against-physical-and-environmental-threats.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-7.5-Protecting-against-physical-and-environmental-threats.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.7.5"
+title: "Protecting against physical and environmental threats"
+theme: Physical
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Physical_security]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 7.5 Protecting against physical and environmental threats

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-7.6-Working-in-secure-areas.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-7.6-Working-in-secure-areas.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.7.6"
+title: "Working in secure areas"
+theme: Physical
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Physical_security]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 7.6 Working in secure areas

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-7.7-Clear-desk-and-clear-screen.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-7.7-Clear-desk-and-clear-screen.md
@ -1,3 +1,22 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.7.7"
+title: "Clear desk and clear screen"
+theme: Physical
+control_type: [Preventive]
+information_security_properties: [Confidentiality]
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Physical_security]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 7.7 Clear desk and clear screen

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-7.8-Equipment-siting-and-protection.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-7.8-Equipment-siting-and-protection.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.7.8"
+title: "Equipment siting and protection"
+theme: Physical
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Physical_security
+  - Asset_management
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 7.8 Equipment siting and protection

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-7.9-Security-of-assets-off-premises.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-7.9-Security-of-assets-off-premises.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.7.9"
+title: "Security of assets off-premises"
+theme: Physical
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Physical_security
+  - Asset_management
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 7.9 Security of assets off-premises

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.1-User-endpoint-devices.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.1-User-endpoint-devices.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.1"
+title: "User endpoint devices"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Asset_management
+  - Information_protection
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.1 User endpoint devices

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.10-Information-deletion.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.10-Information-deletion.md
@ -1,3 +1,24 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.10"
+title: "Information deletion"
+theme: Technological
+control_type: [Preventive]
+information_security_properties: [Confidentiality]
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Information_protection
+  - Legal_and_compliance
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.10 Information deletion

 | **Control type** | **Information security properties** | **Cybersecurity concepts** | **Operational capabilities**                  | **Security domains** |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.11-Data-masking.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.11-Data-masking.md
@ -1,3 +1,22 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.11"
+title: "Data masking"
+theme: Technological
+control_type: [Preventive]
+information_security_properties: [Confidentiality]
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Information_protection]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.11 Data masking

 | **Control type** | **Information security properties** | **Cybersecurity concepts** | **Operational capabilities** | **Security domains** |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.12-Data-leakage-prevention.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.12-Data-leakage-prevention.md
@ -1,3 +1,28 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.12"
+title: "Data leakage prevention"
+theme: Technological
+control_type:
+  - Preventive
+  - Detective
+information_security_properties: [Confidentiality]
+cybersecurity_concepts:
+  - Protect
+  - Detect
+operational_capabilities: [Information_protection]
+security_domains:
+  - Protection
+  - Defence
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.12 Data leakage prevention

 | **Control type**       | **Information security properties** | **Cybersecurity concepts** | **Operational capabilities** | **Security domains** |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.13-Information-backup.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.13-Information-backup.md
@ -1,3 +1,24 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.13"
+title: "Information backup"
+theme: Technological
+control_type: [Corrective]
+information_security_properties:
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Recover]
+operational_capabilities: [Continuity]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.13 Information backup

 | Control type | Information security properties | Cybersecurity concepts | Operational capabilities | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.14-Redundancy-of-information-processing-facilities.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.14-Redundancy-of-information-processing-facilities.md
@ -1,3 +1,26 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.14"
+title: "Redundancy of information processing facilities"
+theme: Technological
+control_type: [Preventive]
+information_security_properties: [Availability]
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Continuity
+  - Asset_management
+security_domains:
+  - Protection
+  - Resilience
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.14 Redundancy of information processing facilities

 | Control type | Information security properties | Cybersecurity concepts | Operational capabilities      | Security domains        |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.15-Logging.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.15-Logging.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.15"
+title: "Logging"
+theme: Technological
+control_type: [Detective]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Detect]
+operational_capabilities: [Information_security_event_management]
+security_domains:
+  - Protection
+  - Defence
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.15 Logging

 | **Control type** | **Information security properties**       | **Cybersecurity concepts** | **Operational capabilities**           | **Security domains** |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.16-Monitoring-activities.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.16-Monitoring-activities.md
@ -1,3 +1,29 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.16"
+title: "Monitoring activities"
+theme: Technological
+control_type:
+  - Detective
+  - Corrective
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Detect
+  - Respond
+operational_capabilities: [Information_security_event_management]
+security_domains: [Defence]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.16 Monitoring activities

 | **Control type**       | **Information security properties**       | **Cybersecurity concepts** | **Operational capabilities**           | **Security domains** |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.17-Clock-synchronization.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.17-Clock-synchronization.md
@ -1,3 +1,26 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.17"
+title: "Clock synchronization"
+theme: Technological
+control_type: [Detective]
+information_security_properties: [Integrity]
+cybersecurity_concepts:
+  - Protect
+  - Detect
+operational_capabilities: [Information_security_event_management]
+security_domains:
+  - Protection
+  - Defence
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.17 Clock synchronization

 | **Control type** | **Information security properties** | **Cybersecurity concepts** | **Operational capabilities**           | **Security domains** |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.18-Use-of-privileged-utility-programs.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.18-Use-of-privileged-utility-programs.md
@ -1,3 +1,28 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.18"
+title: "Use of privileged utility programs"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - System_and_network_security
+  - Secure_configuration
+  - Application_security
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.18 Use of privileged utility programs

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities                                                 | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.19-Installation-of-software-on-operational-systems.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.19-Installation-of-software-on-operational-systems.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.19"
+title: "Installation of software on operational systems"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Secure_configuration
+  - Application_security
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.19 Installation of software on operational systems

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities                    | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.2-Privileged-access-rights.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.2-Privileged-access-rights.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.2"
+title: "Privileged access rights"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Identity_and_access_management]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.2 Privileged access rights

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities        | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.20-Networks-security.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.20-Networks-security.md
@ -1,3 +1,29 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.20"
+title: "Networks security"
+theme: Technological
+control_type:
+  - Preventive
+  - Detective
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Protect
+  - Detect
+operational_capabilities: [System_and_network_security]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.20 Networks security

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.21-Security-of-network-services.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.21-Security-of-network-services.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.21"
+title: "Security of network services"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [System_and_network_security]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.21 Security of network services

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities     | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.22-Segregation-of-networks.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.22-Segregation-of-networks.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.22"
+title: "Segregation of networks"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [System_and_network_security]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.22 Segregation of networks

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities     | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.23-Web-filtering.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.23-Web-filtering.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.23"
+title: "Web filtering"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [System_and_network_security]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.23 Web filtering

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities     | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.24-Use-of-cryptography.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.24-Use-of-cryptography.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.24"
+title: "Use of cryptography"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Secure_configuration]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.24 Use of cryptography

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.25-Secure-development-life-cycle.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.25-Secure-development-life-cycle.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.25"
+title: "Secure development life cycle"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Application_security
+  - System_and_network_security
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.25 Secure development life cycle

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities                           | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.26-Application-security-requirements.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.26-Application-security-requirements.md
@ -1,3 +1,29 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.26"
+title: "Application security requirements"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Application_security
+  - System_and_network_security
+security_domains:
+  - Protection
+  - Defence
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.26 Application security requirements

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities                           | Security domains     |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.27-Secure-system-architecture-and-engineering-principles.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.27-Secure-system-architecture-and-engineering-principles.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.27"
+title: "Secure system architecture and engineering principles"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Application_security
+  - System_and_network_security
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.27 Secure system architecture and engineering principles

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities                           | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.28-Secure-coding.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.28-Secure-coding.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.28"
+title: "Secure coding"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Application_security
+  - System_and_network_security
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.28 Secure coding

 #### Control
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.29-Security-testing-in-development-and-acceptance.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.29-Security-testing-in-development-and-acceptance.md
@ -1,3 +1,28 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.29"
+title: "Security testing in development and acceptance"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Identify]
+operational_capabilities:
+  - Application_security
+  - Information_security_assurance
+  - System_and_network_security
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.29 Security testing in development and acceptance

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities                                                           | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.3-Information-access-restriction.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.3-Information-access-restriction.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.3"
+title: "Information access restriction"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Identity_and_access_management]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.3 Information access restriction

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities        | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.30-Outsourced-development.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.30-Outsourced-development.md
@ -1,3 +1,35 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.30"
+title: "Outsourced development"
+theme: Technological
+control_type:
+  - Preventive
+  - Detective
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Identify
+  - Protect
+  - Detect
+operational_capabilities:
+  - System_and_network_security
+  - Application_security
+  - Supplier_relationships_security
+security_domains:
+  - Governance_and_Ecosystem
+  - Protection
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.30 Outsourced development

 | Control type           | Information security properties              | Cybersecurity concepts        | Operational capabilities                                                            | Security domains                      |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.31-Separation-of-development-test-and-production-environments.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.31-Separation-of-development-test-and-production-environments.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.31"
+title: "Separation of development, test and production environments"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Application_security
+  - System_and_network_security
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.31 Separation of development, test and production environments

 | Control type | Information security properties | Cybersecurity concepts | Operational capabilities | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.32-Change-management.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.32-Change-management.md
@ -1,3 +1,27 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.32"
+title: "Change management"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Application_security
+  - System_and_network_security
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.32 Change management

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities                           | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.33-Test-information.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.33-Test-information.md
@ -1,3 +1,24 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.33"
+title: "Test information"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Information_protection]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.33 Test information

 | Control type | Information security properties | Cybersecurity concepts | Operational capabilities | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.34-Protection-of-information-systems-during-audit-testing.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.34-Protection-of-information-systems-during-audit-testing.md
@ -1,3 +1,29 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.34"
+title: "Protection of information systems during audit testing"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - System_and_network_security
+  - Information_protection
+security_domains:
+  - Governance_and_Ecosystem
+  - Protection
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.34 Protection of information systems during audit testing

 | Control type | Information security properties | Cybersecurity concepts | Operational capabilities | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.4-Access-to-source-code.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.4-Access-to-source-code.md
@ -1,3 +1,28 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.4"
+title: "Access to source code"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities:
+  - Identity_and_access_management
+  - Application_security
+  - Secure_configuration
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.4 Access to source code

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities                                                    | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.5-Secure-authentication.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.5-Secure-authentication.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.5"
+title: "Secure authentication"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Identity_and_access_management]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.5 Secure authentication

 | Control type | Information security properties           | Cybersecurity concepts | Operational capabilities        | Security domains |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.6-Capacity-management.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.6-Capacity-management.md
@ -1,3 +1,31 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.6"
+title: "Capacity management"
+theme: Technological
+control_type:
+  - Preventive
+  - Detective
+information_security_properties:
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Identify
+  - Protect
+  - Detect
+operational_capabilities: [Continuity]
+security_domains:
+  - Governance_and_Ecosystem
+  - Protection
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.6 Capacity management

 | Control type           | Information security properties | Cybersecurity concepts     | Operational capabilities | Security domains                      |
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.7-Protection-against-malware.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.7-Protection-against-malware.md
@ -1,3 +1,34 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.7"
+title: "Protection against malware"
+theme: Technological
+control_type:
+  - Preventive
+  - Detective
+  - Corrective
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Protect
+  - Detect
+operational_capabilities:
+  - System_and_network_security
+  - Information_protection
+security_domains:
+  - Protection
+  - Defence
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.7  Protection against malware

 ## Control 
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.8-Management-of-technical-vulnerabilities.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.8-Management-of-technical-vulnerabilities.md
@ -1,3 +1,30 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.8"
+title: "Management of technical vulnerabilities"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts:
+  - Identify
+  - Protect
+operational_capabilities: [Threat_and_vulnerability_management]
+security_domains:
+  - Governance_and_Ecosystem
+  - Protection
+  - Defence
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.8 Management of technical vulnerabilities

  
--- a/Corpus/Standards/ISO27x/OST/27002/EN/a-8.9-Configuration-management.md
+++ b/Corpus/Standards/ISO27x/OST/27002/EN/a-8.9-Configuration-management.md
@ -1,3 +1,25 @@
+---
+notetype: sourcetext
+standard: ISO 27002
+version: 2022
+language: EN
+type: control
+id: "A.8.9"
+title: "Configuration management"
+theme: Technological
+control_type: [Preventive]
+information_security_properties:
+  - Confidentiality
+  - Integrity
+  - Availability
+cybersecurity_concepts: [Protect]
+operational_capabilities: [Secure_configuration]
+security_domains: [Protection]
+tags:
+  - iso27002/2022/EN
+status: active
+---
+
 ## 8.9 Configuration management

 ### Control