small fixes

Corpus/Standards/ISO-27002-OST/ISO27002-EN-2022/.nova/Configuration.json

@@ -0,0 +1,5 @@
+{
+  "workspace.art_style" : 1,
+  "workspace.color" : 6,
+  "workspace.name" : "ISO27002-EN"
+}

Corpus/Standards/ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.14_OT Information transfer.md

@@ -56,16 +56,10 @@ f\) restrictions associated with electronic communication facilities (e.g. preve
 
 g\) advising personnel and other interested parties not to send short message service (SMS) or instant messages with critical information since these can be read in public places (and therefore by unauthorized persons) or stored in devices not adequately protected;
 
-  
-
 h\) advising personnel and other interested parties about the problems of using fax machines or services, namely:
 
-  
-
 1\) unauthorized access to built-in message stores to retrieve messages;
 
-  
-
 2\) deliberate or accidental programming of machines to send messages to specific numbers.
 
   

Corpus/Standards/ISO-27002-OST/ISO27002-NL-2022/.nova/Configuration.json

@@ -0,0 +1,5 @@
+{
+  "workspace.art_style" : 1,
+  "workspace.color" : 6,
+  "workspace.name" : "ISO27002-NL-2022"
+}

Corpus/Standards/ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_8.19_BT Installeren van software op operationele systemen.md

@@ -25,9 +25,7 @@ De integriteit van operationele systemen garanderen en voorkomen dat misbruik wo
 
 De volgende richtlijnen behoren in overweging te worden genomen om wijzigingen en de installatie van software op operationele systemen op beveiligde wijze te beheren:
 
-a) updates van operationele software alleen laten uitvoeren door daartoe opgeleide beheerders met
+a) updates van operationele software alleen laten uitvoeren door daartoe opgeleide beheerders met passende beheerdersrechten (zie 8.2)
-
-passende beheerdersrechten (zie 8.2)
 
 b) garanderen dat er alleen goedgekeurde uitvoerbare code, en geen ontwikkelcode of compilers, op operationele systemen wordt geïnstalleerd;
 

Corpus/Standards/ISO-27002-OST/check_references.py

@@ -0,0 +1,137 @@
+#!/usr/bin/env python3
+import os
+import re
+from pathlib import Path
+
+
+def version_parse(v):
+    return tuple(map(int, (v.split("."))))
+
+
+# Configuration
+EN_FOLDER = "ISO27002-EN-2022"
+NL_FOLDER = "ISO27002-NL-2022"
+EN_PATTERN = re.compile(r"ISO_27002_2022_([\d\.]+)_OT.*\.md")
+NL_PATTERN = re.compile(r"ISO_27002_2022_NL_([\d\.]+)_BT.*\.md")
+# Reference patterns
+EN_REF_PATTERN = re.compile(r"\(see ([\d\.]+)\)|in ([\d\.]+)\)")
+NL_REF_PATTERN = re.compile(r"\(zie \[?([\d\.]+)\]?\(?[^)]*\)?\)|in ([\d\.]+)\)")
+
+
+def extract_references(file_path, pattern):
+    """Extract all reference numbers from a file"""
+    references = set()
+    try:
+        with open(file_path, "r", encoding="utf-8") as f:
+            content = f.read()
+
+        matches = pattern.findall(content)
+        for match in matches:
+            # Either group 1 or group 2 will have the value
+            ref = match[0] if match[0] else match[1]
+            references.add(ref)
+    except Exception as e:
+        print(f"Error reading {file_path}: {e}")
+    return sorted(references, key=version_parse)
+
+
+def main():
+    # Index files by section number
+    en_files = {}
+    nl_files = {}
+
+    # Scan EN folder
+    for filename in os.listdir(EN_FOLDER):
+        if not filename.endswith(".md"):
+            continue
+        match = EN_PATTERN.match(filename)
+        if match:
+            section = match.group(1)
+            en_files[section] = os.path.join(EN_FOLDER, filename)
+
+    # Scan NL folder
+    for filename in os.listdir(NL_FOLDER):
+        if not filename.endswith(".md"):
+            continue
+        match = NL_PATTERN.match(filename)
+        if match:
+            section = match.group(1)
+            nl_files[section] = os.path.join(NL_FOLDER, filename)
+
+    mismatches = []
+    matched = 0
+
+    # Compare each matching pair
+    for section in en_files:
+        if section not in nl_files:
+            mismatches.append({"section": section, "missing_nl": True})
+            continue
+
+        matched += 1
+        en_refs = extract_references(en_files[section], EN_REF_PATTERN)
+        nl_refs = extract_references(nl_files[section], NL_REF_PATTERN)
+
+        if set(en_refs) != set(nl_refs):
+            mismatches.append(
+                {
+                    "section": section,
+                    "en_file": Path(en_files[section]).name,
+                    "nl_file": Path(nl_files[section]).name,
+                    "en_refs": en_refs,
+                    "nl_refs": nl_refs,
+                    "only_en": sorted(set(en_refs) - set(nl_refs), key=version_parse),
+                    "only_nl": sorted(set(nl_refs) - set(en_refs), key=version_parse),
+                }
+            )
+
+    # Sort mismatches by section number properly
+    mismatches.sort(key=lambda x: version_parse(x["section"]))
+
+    # Generate Markdown report
+    report_content = []
+    report_content.append("# ISO 27002:2022 Reference Mismatch Report")
+    report_content.append("")
+    report_content.append(f"**Generated:** {os.popen('date -Iseconds').read().strip()}")
+    report_content.append("")
+    report_content.append("## Summary")
+    report_content.append(f"- Total EN files: {len(en_files)}")
+    report_content.append(f"- Total NL files: {len(nl_files)}")
+    report_content.append(f"- Matched file pairs: {matched}")
+    report_content.append(f"- Files with mismatched references: {len(mismatches)}")
+    report_content.append("")
+    report_content.append("---")
+    report_content.append("")
+
+    for item in mismatches:
+        report_content.append(f"## Section {item['section']}")
+        report_content.append("")
+        report_content.append(f"- **EN file**: `{item['en_file']}`")
+        report_content.append(f"- **NL file**: `{item['nl_file']}`")
+        report_content.append("")
+        report_content.append("| Language | References |")
+        report_content.append("|----------|------------|")
+        report_content.append(
+            f"| English  | {', '.join(item['en_refs']) if item['en_refs'] else '*None*'} |"
+        )
+        report_content.append(
+            f"| Dutch    | {', '.join(item['nl_refs']) if item['nl_refs'] else '*None*'} |"
+        )
+        report_content.append("")
+        if item["only_en"]:
+            report_content.append(f"✅ **Only in EN**: {', '.join(item['only_en'])}")
+        if item["only_nl"]:
+            report_content.append(f"❌ **Only in NL**: {', '.join(item['only_nl'])}")
+        report_content.append("")
+        report_content.append("---")
+        report_content.append("")
+
+    # Write markdown file
+    with open("reference_mismatch_report.md", "w", encoding="utf-8") as f:
+        f.write("\n".join(report_content))
+
+    print(f"Report written to reference_mismatch_report.md")
+    print(f"Found {len(mismatches)} mismatched files, sorted by section number")
+
+
+if __name__ == "__main__":
+    main()

Corpus/Standards/ISO-27002-OST/reference_mismatch_report.md

@@ -0,0 +1,493 @@
+# ISO 27002:2022 Reference Mismatch Report
+
+**Generated:** 2026-04-21T15:10:19+02:00
+
+## Summary
+- Total EN files: 93
+- Total NL files: 98
+- Matched file pairs: 93
+- Files with mismatched references: 34
+
+---
+
+## Section 5.2
+
+- **EN file**: `ISO_27002_2022_5.2_OT Information security roles and responsibilities.md`
+- **NL file**: `ISO_27002_2022_NL_5.2_BT Rollen en verantwoordelijkheden bij informatiebeveiliging.md`
+
+| Language | References |
+|----------|------------|
+| English  | *None* |
+| Dutch    | 5.1 |
+
+❌ **Only in NL**: 5.1
+
+---
+
+## Section 5.5
+
+- **EN file**: `ISO_27002_2022_5.5_OT Contact with authorities.md`
+- **NL file**: `ISO_27002_2022_NL_5.5_BT Contact met overheidsinstanties.md`
+
+| Language | References |
+|----------|------------|
+| English  | *None* |
+| Dutch    | 5.24, 5.29 |
+
+❌ **Only in NL**: 5.24, 5.29
+
+---
+
+## Section 5.6
+
+- **EN file**: `ISO_27002_2022_5.6_OT Contact with special interest groups.md`
+- **NL file**: `ISO_27002_2022_NL_5.6_BT Contact met speciale belangengroepen.md`
+
+| Language | References |
+|----------|------------|
+| English  | *None* |
+| Dutch    | 5.24 |
+
+❌ **Only in NL**: 5.24
+
+---
+
+## Section 5.14
+
+- **EN file**: `ISO_27002_2022_5.14_OT Information transfer.md`
+- **NL file**: `ISO_27002_2022_NL_5.14_BT Overdragen van informatie.md`
+
+| Language | References |
+|----------|------------|
+| English  | 5.10, 5.13, 8.7, 8.24 |
+| Dutch    | 5.10, 5.13, 5.31, 8.7, 8.24 |
+
+❌ **Only in NL**: 5.31
+
+---
+
+## Section 5.15
+
+- **EN file**: `ISO_27002_2022_5.15_OT Access control.md`
+- **NL file**: `ISO_27002_2022_NL_5.15_BT Toegangsbeveiliging.md`
+
+| Language | References |
+|----------|------------|
+| English  | 5.3, 5.13, 5.16, 5.18, 8.2, 8.15, 8.26 |
+| Dutch    | 5.2, 5.3, 5.10, 5.13, 5.16, 5.17, 5.18, 5.31, 7.2, 8.2, 8.15, 8.26 |
+
+❌ **Only in NL**: 5.2, 5.10, 5.17, 5.31, 7.2
+
+---
+
+## Section 5.18
+
+- **EN file**: `ISO_27002_2022_5.18_OT Access rights.md`
+- **NL file**: `ISO_27002_2022_NL_5.18_BT Toegangsrechten.md`
+
+| Language | References |
+|----------|------------|
+| English  | 5.3, 5.9, 5.15 |
+| Dutch    | 5.3, 5.9, 5.15, 5.20, 6.1 |
+
+❌ **Only in NL**: 5.20, 6.1
+
+---
+
+## Section 5.20
+
+- **EN file**: `ISO_27002_2022_5.20_OT Addressing information security within supplier agreements.md`
+- **NL file**: `ISO_27002_2022_NL_5.20_BT Adresseren van informatiebeveiliging in leveranciersovereenkomsten.md`
+
+| Language | References |
+|----------|------------|
+| English  | *None* |
+| Dutch    | 5.10 |
+
+❌ **Only in NL**: 5.10
+
+---
+
+## Section 5.22
+
+- **EN file**: `ISO_27002_2022_5.22_OT Monitoring, review and change management of supplier services.md`
+- **NL file**: `ISO_27002_2022_NL_5.22_BT Monitoren, beoordelen en het beheren van wijzigingen van leveranciersdiensten.md`
+
+| Language | References |
+|----------|------------|
+| English  | *None* |
+| Dutch    | 5.24 |
+
+❌ **Only in NL**: 5.24
+
+---
+
+## Section 5.23
+
+- **EN file**: `ISO_27002_2022_5.23_OT Information security for use of cloud services.md`
+- **NL file**: `ISO_27002_2022_NL_5.23_BT Informatiebeveiliging voor het gebruik van clouddiensten.md`
+
+| Language | References |
+|----------|------------|
+| English  | *None* |
+| Dutch    | 5.19 |
+
+❌ **Only in NL**: 5.19
+
+---
+
+## Section 5.24
+
+- **EN file**: `ISO_27002_2022_5.24_OT Information security incident management planning and preparation.md`
+- **NL file**: `ISO_27002_2022_NL_5.24_BT Plannen en voorbereiden van het beheer van informatiebeveiligingsincidenten.md`
+
+| Language | References |
+|----------|------------|
+| English  | *None* |
+| Dutch    | 5.5, 5.25, 5.26, 5.28, 6.8, 8.15, 8.16 |
+
+❌ **Only in NL**: 5.5, 5.25, 5.26, 5.28, 6.8, 8.15, 8.16
+
+---
+
+## Section 5.26
+
+- **EN file**: `ISO_27002_2022_5.26_OT Response to information security incidents.md`
+- **NL file**: `ISO_27002_2022_NL_5.26_BT Reageren op informatiebeveiligingsincidenten.md`
+
+| Language | References |
+|----------|------------|
+| English  | 5.24, 5.27, 5.28 |
+| Dutch    | 5.24, 5.28, 5.29 |
+
+✅ **Only in EN**: 5.27
+❌ **Only in NL**: 5.29
+
+---
+
+## Section 5.27
+
+- **EN file**: `ISO_27002_2022_5.27_OT Learning from information security incidents.md`
+- **NL file**: `ISO_27002_2022_NL_5.27_BT Leren van informatiebeveiligingsincidenten.md`
+
+| Language | References |
+|----------|------------|
+| English  | *None* |
+| Dutch    | 5.24, 6.3 |
+
+❌ **Only in NL**: 5.24, 6.3
+
+---
+
+## Section 5.37
+
+- **EN file**: `ISO_27002_2022_5.37_OT Documented operating procedures.md`
+- **NL file**: `ISO_27002_2022_NL_5.37_BT Gedocumenteerde bedieningsprocedures.md`
+
+| Language | References |
+|----------|------------|
+| English  | 7.4, 8.13, 8.18 |
+| Dutch    | 7.4, 7.10, 8.6, 8.13, 8.15, 8.18 |
+
+❌ **Only in NL**: 7.10, 8.6, 8.15
+
+---
+
+## Section 6.2
+
+- **EN file**: `ISO_27002_2022_6.2_OT Terms and conditions of employment.md`
+- **NL file**: `ISO_27002_2022_NL_6.2_BT Arbeidsovereenkomst.md`
+
+| Language | References |
+|----------|------------|
+| English  | 6.4, 6.5, 6.6 |
+| Dutch    | 5.9, 5.31, 6.4, 6.5, 6.6 |
+
+❌ **Only in NL**: 5.9, 5.31
+
+---
+
+## Section 6.4
+
+- **EN file**: `ISO_27002_2022_6.4_OT Disciplinary process.md`
+- **NL file**: `ISO_27002_2022_NL_6.4_BT Disciplinaire procedure.md`
+
+| Language | References |
+|----------|------------|
+| English  | 5.28 |
+| Dutch    | 5.1 |
+
+✅ **Only in EN**: 5.28
+❌ **Only in NL**: 5.1
+
+---
+
+## Section 6.6
+
+- **EN file**: `ISO_27002_2022_6.6_OT Confidentiality or non-disclosure agreements.md`
+- **NL file**: `ISO_27002_2022_NL_6.6_BT Vertrouwelijkheids- of geheimhoudingsovereenkomsten.md`
+
+| Language | References |
+|----------|------------|
+| English  | *None* |
+| Dutch    | 5.31 |
+
+❌ **Only in NL**: 5.31
+
+---
+
+## Section 7.2
+
+- **EN file**: `ISO_27002_2022_7.2_OT Physical entry.md`
+- **NL file**: `ISO_27002_2022_NL_7.2_BT Fysieke toegangsbeveiliging.md`
+
+| Language | References |
+|----------|------------|
+| English  | 5.18, 5.33 |
+| Dutch    | 5.9, 5.18, 5.33 |
+
+❌ **Only in NL**: 5.9
+
+---
+
+## Section 7.9
+
+- **EN file**: `ISO_27002_2022_7.9_OT Security of assets off-premises.md`
+- **NL file**: `ISO_27002_2022_NL_7.9_BT Beveiligen van bedrijfsmiddelen buiten het terrein.md`
+
+| Language | References |
+|----------|------------|
+| English  | 5.14, 7.4, 7.5 |
+| Dutch    | 5.33, 7.4, 7.5 |
+
+✅ **Only in EN**: 5.14
+❌ **Only in NL**: 5.33
+
+---
+
+## Section 8.7
+
+- **EN file**: `ISO_27002_2022_8.7_OT Protection against malware.md`
+- **NL file**: `ISO_27002_2022_NL_8.7_BT Bescherming tegen malware.md`
+
+| Language | References |
+|----------|------------|
+| English  | *None* |
+| Dutch    | 6.3, 8.8, 8.13, 8.19 |
+
+❌ **Only in NL**: 6.3, 8.8, 8.13, 8.19
+
+---
+
+## Section 8.8
+
+- **EN file**: `ISO_27002_2022_8.8_OT Management of technical vulnerabilities.md`
+- **NL file**: `ISO_27002_2022_NL_8.8_BT Beheer van technische kwetsbaarheden.md`
+
+| Language | References |
+|----------|------------|
+| English  | 5.20, 5.23, 5.26, 8.28, 8.32 |
+| Dutch    | 5.20, 5.23, 5.26, 8.20, 8.28, 8.32 |
+
+❌ **Only in NL**: 8.20
+
+---
+
+## Section 8.12
+
+- **EN file**: `ISO_27002_2022_8.12_OT Data leakage prevention.md`
+- **NL file**: `ISO_27002_2022_NL_8.12_BT Voorkomen van gegevenslekken (Data leakage prevention).md`
+
+| Language | References |
+|----------|------------|
+| English  | *None* |
+| Dutch    | 5.15 |
+
+❌ **Only in NL**: 5.15
+
+---
+
+## Section 8.16
+
+- **EN file**: `ISO_27002_2022_8.16_OT Monitoring activities.md`
+- **NL file**: `ISO_27002_2022_NL_8.16_BT Monitoren van activiteiten.md`
+
+| Language | References |
+|----------|------------|
+| English  | 5.7, 5.25, 5.26 |
+| Dutch    | 5.7, 5.26, 5.36 |
+
+✅ **Only in EN**: 5.25
+❌ **Only in NL**: 5.36
+
+---
+
+## Section 8.19
+
+- **EN file**: `ISO_27002_2022_8.19_OT Installation of software on operational systems.md`
+- **NL file**: `ISO_27002_2022_NL_8.19_BT Installeren van software op operationele systemen.md`
+
+| Language | References |
+|----------|------------|
+| English  | 5.22, 8.5 |
+| Dutch    | 5.22, 8.2, 8.8 |
+
+✅ **Only in EN**: 8.5
+❌ **Only in NL**: 8.2, 8.8
+
+---
+
+## Section 8.20
+
+- **EN file**: `ISO_27002_2022_8.20_OT Networks security.md`
+- **NL file**: `ISO_27002_2022_NL_8.20_BT Beveiliging netwerkcomponenten.md`
+
+| Language | References |
+|----------|------------|
+| English  | 5.3 |
+| Dutch    | 5.3, 5.14, 8.15 |
+
+❌ **Only in NL**: 5.14, 8.15
+
+---
+
+## Section 8.24
+
+- **EN file**: `ISO_27002_2022_8.24_OT Use of cryptography.md`
+- **NL file**: `ISO_27002_2022_NL_8.24_BT Gebruik van cryptografie.md`
+
+| Language | References |
+|----------|------------|
+| English  | 5.22, 5.31, 8.24 |
+| Dutch    | 5.20, 5.31, 8.24 |
+
+✅ **Only in EN**: 5.22
+❌ **Only in NL**: 5.20
+
+---
+
+## Section 8.25
+
+- **EN file**: `ISO_27002_2022_8.25_OT Secure development life cycle.md`
+- **NL file**: `ISO_27002_2022_NL_8.25_BT Beveiligen tijdens de ontwikkelcyclus.md`
+
+| Language | References |
+|----------|------------|
+| English  | *None* |
+| Dutch    | 5.8, 5.32, 8.4, 8.8, 8.9, 8.27, 8.28, 8.29, 8.30, 8.31 |
+
+❌ **Only in NL**: 5.8, 5.32, 8.4, 8.8, 8.9, 8.27, 8.28, 8.29, 8.30, 8.31
+
+---
+
+## Section 8.26
+
+- **EN file**: `ISO_27002_2022_8.26_OT Application security requirements.md`
+- **NL file**: `ISO_27002_2022_NL_8.26_BT Toepassingsbeveiligingseisen.md`
+
+| Language | References |
+|----------|------------|
+| English  | *None* |
+| Dutch    | 5.12, 5.15, 5.16, 5.17, 5.31, 8.24 |
+
+❌ **Only in NL**: 5.12, 5.15, 5.16, 5.17, 5.31, 8.24
+
+---
+
+## Section 8.27
+
+- **EN file**: `ISO_27002_2022_8.27_OT Secure system architecture and engineering principles.md`
+- **NL file**: `ISO_27002_2022_NL_8.27_BT Veilige systeemarchitectuur en technische uitgangspunten.md`
+
+| Language | References |
+|----------|------------|
+| English  | *None* |
+| Dutch    | 5.12, 5.15, 5.16, 5.17 |
+
+❌ **Only in NL**: 5.12, 5.15, 5.16, 5.17
+
+---
+
+## Section 8.28
+
+- **EN file**: `ISO_27002_2022_8.28_OT Secure coding.md`
+- **NL file**: `ISO_27002_2022_NL_8.28_BT Veilig coderen.md`
+
+| Language | References |
+|----------|------------|
+| English  | *None* |
+| Dutch    | 8.8, 8.29 |
+
+❌ **Only in NL**: 8.8, 8.29
+
+---
+
+## Section 8.29
+
+- **EN file**: `ISO_27002_2022_8.29_OT Security testing in development and acceptance.md`
+- **NL file**: `ISO_27002_2022_NL_8.29_BT Testen van de beveiliging tijdens ontwikkeling en acceptatie.md`
+
+| Language | References |
+|----------|------------|
+| English  | 5.8, 5.20, 8.3, 8.5, 8.24, 8.28, 8.31 |
+| Dutch    | 5.8, 5.20, 8.3, 8.5, 8.9, 8.24, 8.28, 8.31 |
+
+❌ **Only in NL**: 8.9
+
+---
+
+## Section 8.30
+
+- **EN file**: `ISO_27002_2022_8.30_OT Outsourced development.md`
+- **NL file**: `ISO_27002_2022_NL_8.30_BT Uitbestede systeemontwikkeling.md`
+
+| Language | References |
+|----------|------------|
+| English  | 5.32, 8.29, 8.31 |
+| Dutch    | 5.32, 8.25, 8.29, 8.31 |
+
+❌ **Only in NL**: 8.25
+
+---
+
+## Section 8.31
+
+- **EN file**: `ISO_27002_2022_8.31_OT Separation of development, test and production environments.md`
+- **NL file**: `ISO_27002_2022_NL_8.31_BT Scheiding van ontwikkel-, test- en productieomgevingen.md`
+
+| Language | References |
+|----------|------------|
+| English  | 8.29 |
+| Dutch    | 8.29, 8.33 |
+
+❌ **Only in NL**: 8.33
+
+---
+
+## Section 8.32
+
+- **EN file**: `ISO_27002_2022_8.32_OT Change management.md`
+- **NL file**: `ISO_27002_2022_NL_8.32_BT Wijzigingsbeheer.md`
+
+| Language | References |
+|----------|------------|
+| English  | 5.30, 5.37, 8.29, 8.31 |
+| Dutch    | 5.37, 8.29, 8.31 |
+
+✅ **Only in EN**: 5.30
+
+---
+
+## Section 8.34
+
+- **EN file**: `ISO_27002_2022_8.34_OT Protection of information systems during audit testing.md`
+- **NL file**: `ISO_27002_2022_NL_8.34_BT Bescherming van informatiesystemen tijdens audits.md`
+
+| Language | References |
+|----------|------------|
+| English  | *None* |
+| Dutch    | 4.2 |
+
+❌ **Only in NL**: 4.2
+
+---