diff --git a/About/Value Proposition Canvas for iso27DIY.md b/About/Value Proposition Canvas for iso27DIY.md index b68a2d0..25356b6 100644 --- a/About/Value Proposition Canvas for iso27DIY.md +++ b/About/Value Proposition Canvas for iso27DIY.md @@ -1,6 +1,6 @@ # Value Proposition Canvas -![[Value Proposition Canvas.jpg]] +![](../../๐Ÿ“Ž%20Attachments/Value%20Proposition%20Canvas.jpg) **Products & Services**: * **Guided Implementation System**: 50+ micro-sessions guiding the process. * **GRC Tooling**: Easy-to-use system for managing artifacts, risks, and assets. diff --git a/AuditGlue/GIS-content-map.md b/AuditGlue/GIS-content-map.md index a730ab9..e2ab6ac 100644 --- a/AuditGlue/GIS-content-map.md +++ b/AuditGlue/GIS-content-map.md @@ -1,74 +1,74 @@ # GIS Content Map - **m100: Implementing with ISO27DIY** - - [[m100s010-Modules-and-Sessions|m100s010]]: Modules and Sessions - - [[m100s020-about-AuditGlue|m100s020]]: About AuditGlue + - [m100s010](../../iso27DIY-gis/guide/m100/m100s010-Modules-and-Sessions.md): Modules and Sessions + - [m100s020](../../iso27DIY-gis/guide/m100/m100s020-about-AuditGlue.md): About AuditGlue - **m200: About ISO 27001** - - [[m200s010-about-ISO27001|m200s010]]: About ISO 27001 + - [m200s010](../../iso27DIY-gis/guide/m200/m200s010-about-ISO27001.md): About ISO 27001 - **m300: Strategy, Risks and Leadership** - - [[m300s010-introduction|m300s010]]: Introduction to Strategy, Risks and Leadership - - [[m310s010-organizational-goals|m310s010]]: Organizational Goals - - [[m310s020-threat-landscape|m310s020]]: The Threat Landscape - - [[m310s030-Identifying-Strategic-Risks|m310s030]]: Identifying Strategic Risks - - [[m310s040-qualifying-risks|m310s040]]: Qualifying Risks - - [[m310s050-qualifying-impact|m310s050]]: Qualifying Impact - - [[m310s060-creating-the-risk-matrix|m310s060]]: Creating the Risk Matrix - - [[m310s070-Governance-model|m310s070]]: Governance model - - m310s080: Information Security Policy ([[ISO_27001_2022_5.2_MoC Policy|C5.2]]) + - [m300s010](../../iso27DIY-gis/guide/m300/m300s010-introduction.md): Introduction to Strategy, Risks and Leadership + - [m310s010](../../iso27DIY-gis/guide/m310/m310s010-organizational-goals.md): Organizational Goals + - [m310s020](../../iso27DIY-gis/guide/m310/m310s020-threat-landscape.md): The Threat Landscape + - [m310s030](../../iso27DIY-gis/guide/m310/m310s030-Identifying-Strategic-Risks.md): Identifying Strategic Risks + - [m310s040](../../iso27DIY-gis/guide/m310/m310s040-qualifying-risks.md): Qualifying Risks + - [m310s050](../../iso27DIY-gis/guide/m310/m310s050-qualifying-impact.md): Qualifying Impact + - [m310s060](../../iso27DIY-gis/guide/m310/m310s060-creating-the-risk-matrix.md): Creating the Risk Matrix + - [m310s070](../../iso27DIY-gis/guide/m310/m310s070-Governance-model.md): Governance model + - m310s080: Information Security Policy ([C5.2](../Corpus/Standards/MoCs/ISO_27001_2022_5.2_MoC%20Policy.md)) - **m400: Context of the Organization** - - [[m400s010-introduction|m400s010]]: Introduction: Why Context Matters - - m400s020: Standards, Laws and Regulations ([[ISO_27001_2022_4.2_MoC Understanding the needs and expectations of interested parties|C4.2]], [[ISO_27002_2022_5.31_MoC Legal, statutory, regulatory and contractual requirements|A5.31]], [[ISO_27002_2022_5.34_MoC Privacy and protection of PII|A5.34]]) - - m400s030: [[iso27diy-git-SYNC!/m300/m300s520-DESTEP-analysis|m300s520]]: **DESTEP analysis** ([[ISO_27001_2022_4.2_MoC Understanding the needs and expectations of interested parties|C4.2]]) - - m400s040: [[iso27diy-m300s510|m300s510]]: **SWOT analysis** ([[ISO_27001_2022_4.1_MoC Understanding the organization and its context|C4.1]]) - - m400s050: Stakeholder Analysis ([[ISO_27001_2022_4.2_MoC Understanding the needs and expectations of interested parties|C4.2]]) + - [m400s010](../../iso27DIY-gis/guide/m400/m400s010-introduction.md): Introduction: Why Context Matters + - m400s020: Standards, Laws and Regulations ([C4.2](../Corpus/Standards/MoCs/ISO_27001_2022_4.2_MoC%20Understanding%20the%20needs%20and%20expectations%20of%20interested%20parties.md), [A5.31](../Corpus/Standards/MoCs/ISO_27002_2022_5.31_MoC%20Legal,%20statutory,%20regulatory%20and%20contractual%20requirements.md), [A5.34](../Corpus/Standards/MoCs/ISO_27002_2022_5.34_MoC%20Privacy%20and%20protection%20of%20PII.md)) + - m400s030: [[iso27diy-git-SYNC!/m300/m300s520-DESTEP-analysis|m300s520]]: **DESTEP analysis** ([C4.2](../Corpus/Standards/MoCs/ISO_27001_2022_4.2_MoC%20Understanding%20the%20needs%20and%20expectations%20of%20interested%20parties.md)) + - m400s040: [[iso27diy-m300s510|m300s510]]: **SWOT analysis** ([C4.1](../Corpus/Standards/MoCs/ISO_27001_2022_4.1_MoC%20Understanding%20the%20organization%20and%20its%20context.md)) + - m400s050: Stakeholder Analysis ([C4.2](../Corpus/Standards/MoCs/ISO_27001_2022_4.2_MoC%20Understanding%20the%20needs%20and%20expectations%20of%20interested%20parties.md)) - **m410:Organizational Structures** - - [[Introduction for Organizational Structures]] - - Organizational processes ([[ISO_27001_2022_4.1_MoC Understanding the organization and its context|C4.1]]) - - Organization Chart ([[ISO_27001_2022_4.1_MoC Understanding the organization and its context|C4.1]]) - - Job architecture ([[ISO_27001_2022_4.1_MoC Understanding the organization and its context|C4.1]]) - - Physical context (sites, buildings, areas) ([[ISO_27002_2022_7.1_MoC Physical security perimeters|A7.1]]) - - Asset identification ([[ISO_27002_2022_5.9_MoC Inventory of information and other associated assets|A5.9]], [[ISO_27002_2022_5.32_MoC Intellectual property rights|A5.32]]) + - [Introduction for Organizational Structures](../../๐ŸŽ‡%20Sparks/Introduction%20for%20Organizational%20Structures.md) + - Organizational processes ([C4.1](../Corpus/Standards/MoCs/ISO_27001_2022_4.1_MoC%20Understanding%20the%20organization%20and%20its%20context.md)) + - Organization Chart ([C4.1](../Corpus/Standards/MoCs/ISO_27001_2022_4.1_MoC%20Understanding%20the%20organization%20and%20its%20context.md)) + - Job architecture ([C4.1](../Corpus/Standards/MoCs/ISO_27001_2022_4.1_MoC%20Understanding%20the%20organization%20and%20its%20context.md)) + - Physical context (sites, buildings, areas) ([A7.1](../Corpus/Standards/MoCs/ISO_27002_2022_7.1_MoC%20Physical%20security%20perimeters.md)) + - Asset identification ([A5.9](../../ISO_27002_2022_5.9_MoC%20Inventory%20of%20information%20and%20other%20associated%20assets.md), [A5.32](../Corpus/Standards/MoCs/ISO_27002_2022_5.32_MoC%20Intellectual%20property%20rights.md)) - **420: Planning the Implementation** - - [[m300s120-Setting-ISMS-Objectives|m300s120]]: Setting ISMS Objectives + - [m300s120](../../iso27DIY-gis/guide/m300/m300s120-Setting-ISMS-Objectives.md): Setting ISMS Objectives - [[iso27diy-git-SYNC!/m300/m300s200-scope|m300s200]]: Setting the Scope - - Planning the ISMS implementation ([[ISO_27001_2022_6.1.1_MoC General|C6.1.1]]) + - Planning the ISMS implementation ([C6.1.1](../Corpus/Standards/MoCs/ISO_27001_2022_6.1.1_MoC%20General.md)) - **m500: Risks and Measures** - - Risk identification ([[ISO_27001_2022_6.1.2_MoC Information security risk assessment|C6.1.2]]) - - Risk analysis ([[ISO_27001_2022_6.1.2_MoC Information security risk assessment|C6.1.2]]) - - Data classification ([[ISO_27002_2022_5.12_MoC Classification of information|A5.12]]) - - Technical vulnerabilities Test ([[ISO_27002_2022_8.8_MoC Management of technical vulnerabilities|A8.8]]) - - Threat analysis (technical) ([[ISO_27001_2022_6.1.2_MoC Information security risk assessment|C6.1.2]], [[ISO_27002_2022_5.7_MoC Threat intelligence|A5.7]], [[ISO_27002_2022_5.6_MoC Contact with special interest groups|A5.6]]) - - Controls identification ([[ISO_27001_2022_6.1.3_MoC Information security risk treatment|C6.1.3]]) - - Roles and responsibilities ([[ISO_27001_2022_5.2_MoC Policy|C5.2]], [[ISO_27001_2022_5.3_MoC Organizational roles, responsibilities and authorities|C5.3]], [[ISO_27002_2022_5.4_MoC Management responsibilities|A5.4]], [[ISO_27002_2022_5.3_MoC Segregation of duties|A5.3]], [[ISO_27002_2022_5.5_MoC Contact with authorities|A5.5]]) โ€“ see [[m400-more-governance]] - - Planning Controls implementation ([[ISO_27001_2022_8.1_MoC Operational planning and control|C8.1]]) - - Risk Management ([[ISO_27001_2022_8.1_MoC Operational planning and control|C8.1]], [[ISO_27001_2022_8.2_MoC Information security risk assessment|C8.2]], [[ISO_27001_2022_8.3_MoC Information security risk treatment|C8.3]], [[ISO_27001_2022_10.1_MoC Continual improvement|C10.1]]) - - Controls implementation ([[ISO_27001_2022_8.3_MoC Information security risk treatment|C8.3]]) + - Risk identification ([C6.1.2](../Corpus/Standards/MoCs/ISO_27001_2022_6.1.2_MoC%20Information%20security%20risk%20assessment.md)) + - Risk analysis ([C6.1.2](../Corpus/Standards/MoCs/ISO_27001_2022_6.1.2_MoC%20Information%20security%20risk%20assessment.md)) + - Data classification ([A5.12](../Corpus/Standards/MoCs/ISO_27002_2022_5.12_MoC%20Classification%20of%20information.md)) + - Technical vulnerabilities Test ([A8.8](../Corpus/Standards/MoCs/ISO_27002_2022_8.8_MoC%20Management%20of%20technical%20vulnerabilities.md)) + - Threat analysis (technical) ([C6.1.2](../Corpus/Standards/MoCs/ISO_27001_2022_6.1.2_MoC%20Information%20security%20risk%20assessment.md), [A5.7](../Corpus/Standards/MoCs/ISO_27002_2022_5.7_MoC%20Threat%20intelligence.md), [A5.6](../Corpus/Standards/MoCs/ISO_27002_2022_5.6_MoC%20Contact%20with%20special%20interest%20groups.md)) + - Controls identification ([C6.1.3](../Corpus/Standards/MoCs/ISO_27001_2022_6.1.3_MoC%20Information%20security%20risk%20treatment.md)) + - Roles and responsibilities ([C5.2](../Corpus/Standards/MoCs/ISO_27001_2022_5.2_MoC%20Policy.md), [C5.3](../Corpus/Standards/MoCs/ISO_27001_2022_5.3_MoC%20Organizational%20roles,%20responsibilities%20and%20authorities.md), [A5.4](../Corpus/Standards/MoCs/ISO_27002_2022_5.4_MoC%20Management%20responsibilities.md), [A5.3](../Corpus/Standards/MoCs/ISO_27002_2022_5.3_MoC%20Segregation%20of%20duties.md), [A5.5](../Corpus/Standards/MoCs/ISO_27002_2022_5.5_MoC%20Contact%20with%20authorities.md)) โ€“ see [m400-more-governance](../../iso27DIY-gis/guide/m400/m400-more-governance.md) + - Planning Controls implementation ([C8.1](../Corpus/Standards/MoCs/ISO_27001_2022_8.1_MoC%20Operational%20planning%20and%20control.md)) + - Risk Management ([C8.1](../Corpus/Standards/MoCs/ISO_27001_2022_8.1_MoC%20Operational%20planning%20and%20control.md), [C8.2](../Corpus/Standards/MoCs/ISO_27001_2022_8.2_MoC%20Information%20security%20risk%20assessment.md), [C8.3](../Corpus/Standards/MoCs/ISO_27001_2022_8.3_MoC%20Information%20security%20risk%20treatment.md), [C10.1](../Corpus/Standards/MoCs/ISO_27001_2022_10.1_MoC%20Continual%20improvement.md)) + - Controls implementation ([C8.3](../Corpus/Standards/MoCs/ISO_27001_2022_8.3_MoC%20Information%20security%20risk%20treatment.md)) - **m600: Supporting the ISMS** - - Resources ([[ISO_27001_2022_7.1_MoC Resources|C7.1]]) - - Competencies ([[ISO_27001_2022_7.2_MoC Competence|C7.2]]) - - Documentation ([[ISO_27002_2022_5.33_MoC Protection of records|A5.33]], [[ISO_27001_2022_7.5.2_MoC Creating and updating|C7.5.2]]) - - Policies ([[ISO_27002_2022_5.1_MoC Policies for information security|A5.1]]) - - Review calendar ([[ISO_27002_2022_5.35_MoC Independent review of information security|A5.35]], [[ISO_27001_2022_7.5.2_MoC Creating and updating|C7.5.2]]) - - Communication and Awareness ([[ISO_27001_2022_7.3_MoC Awareness|C7.3]], [[ISO_27001_2022_7.4_MoC Communication|C7.4]]) + - Resources ([C7.1](../Corpus/Standards/MoCs/ISO_27001_2022_7.1_MoC%20Resources.md)) + - Competencies ([C7.2](../Corpus/Standards/MoCs/ISO_27001_2022_7.2_MoC%20Competence.md)) + - Documentation ([A5.33](../Corpus/Standards/MoCs/ISO_27002_2022_5.33_MoC%20Protection%20of%20records.md), [C7.5.2](../Corpus/Standards/MoCs/ISO_27001_2022_7.5.2_MoC%20Creating%20and%20updating.md)) + - Policies ([A5.1](../../๐Ÿงฑ%20Projects/iso27DIY%20mk%20I/ISO_27002_2022_5.1_MoC%20Policies%20for%20information%20security.md)) + - Review calendar ([A5.35](../Corpus/Standards/MoCs/ISO_27002_2022_5.35_MoC%20Independent%20review%20of%20information%20security.md), [C7.5.2](../Corpus/Standards/MoCs/ISO_27001_2022_7.5.2_MoC%20Creating%20and%20updating.md)) + - Communication and Awareness ([C7.3](../Corpus/Standards/MoCs/ISO_27001_2022_7.3_MoC%20Awareness.md), [C7.4](../Corpus/Standards/MoCs/ISO_27001_2022_7.4_MoC%20Communication.md)) - **m700: Securing the Business** - m710: Business Continuity - - Incident management ([[ISO_27002_2022_5.24_MoC Information security incident management planning and preparation|A5.24]], [[ISO_27002_2022_5.25_MoC Assessment and decision on information security events|A5.25]], [[ISO_27002_2022_5.26_MoC Response to information security incidents|A5.26]], [[ISO_27002_2022_5.27_MoC Learning from information security incidents|A5.27]], [[ISO_27002_2022_5.28_MoC Collection of evidence|A5.28]], [[ISO_27002_2022_5.29_MoC Information security during disruption|A5.29]], [[ISO_27002_2022_5.5_MoC Contact with authorities|A5.5]], [[ISO_27002_2022_5.6_MoC Contact with special interest groups|A5.6]]) - - Business Impact Analyses ([[ISO_27002_2022_5.29_MoC Information security during disruption|A5.29]], [[ISO_27002_2022_5.30_MoC ICT readiness for business continuity|A5.30]]) - - Business Continuity Planning ([[ISO_27002_2022_5.29_MoC Information security during disruption|A5.29]], [[ISO_27002_2022_5.30_MoC ICT readiness for business continuity|A5.30]], [[ISO_27002_2022_7.11_MoC Supporting utilities|A7.11]], [[ISO_27002_2022_5.5_MoC Contact with authorities|A5.5]]) + - Incident management ([A5.24](../Corpus/Standards/MoCs/ISO_27002_2022_5.24_MoC%20Information%20security%20incident%20management%20planning%20and%20preparation.md), [A5.25](../Corpus/Standards/MoCs/ISO_27002_2022_5.25_MoC%20Assessment%20and%20decision%20on%20information%20security%20events.md), [A5.26](../Corpus/Standards/MoCs/ISO_27002_2022_5.26_MoC%20Response%20to%20information%20security%20incidents.md), [A5.27](../Corpus/Standards/MoCs/ISO_27002_2022_5.27_MoC%20Learning%20from%20information%20security%20incidents.md), [A5.28](../Corpus/Standards/MoCs/ISO_27002_2022_5.28_MoC%20Collection%20of%20evidence.md), [A5.29](../Corpus/Standards/MoCs/ISO_27002_2022_5.29_MoC%20Information%20security%20during%20disruption.md), [A5.5](../Corpus/Standards/MoCs/ISO_27002_2022_5.5_MoC%20Contact%20with%20authorities.md), [A5.6](../Corpus/Standards/MoCs/ISO_27002_2022_5.6_MoC%20Contact%20with%20special%20interest%20groups.md)) + - Business Impact Analyses ([A5.29](../Corpus/Standards/MoCs/ISO_27002_2022_5.29_MoC%20Information%20security%20during%20disruption.md), [A5.30](../Corpus/Standards/MoCs/ISO_27002_2022_5.30_MoC%20ICT%20readiness%20for%20business%20continuity.md)) + - Business Continuity Planning ([A5.29](../Corpus/Standards/MoCs/ISO_27002_2022_5.29_MoC%20Information%20security%20during%20disruption.md), [A5.30](../Corpus/Standards/MoCs/ISO_27002_2022_5.30_MoC%20ICT%20readiness%20for%20business%20continuity.md), [A7.11](../Corpus/Standards/MoCs/ISO_27002_2022_7.11_MoC%20Supporting%20utilities.md), [A5.5](../Corpus/Standards/MoCs/ISO_27002_2022_5.5_MoC%20Contact%20with%20authorities.md)) - m720: People Processes - - HR Policies ([[ISO_27002_2022_6.1_MoC Screening|A6.1]], [[ISO_27002_2022_6.2_MoC Terms and conditions of employment|A6.2]], [[ISO_27002_2022_6.3_MoC Information security awareness, education and training|A6.3]], [[ISO_27002_2022_6.4_MoC Disciplinary process|A6.4]], [[ISO_27002_2022_6.5_MoC Responsibilities after termination or change of employment|A6.5]], [[ISO_27002_2022_6.6_MoC Confidentiality or non-disclosure agreements|A6.6]]) - - User policies ([[ISO_27002_2022_5.10_MoC Acceptable use of information and other associated assets|A5.10]], [[ISO_27002_2022_5.11_MoC Return of assets|A5.11]], [[ISO_27002_2022_5.12_MoC Classification of information|A5.12]], [[ISO_27002_2022_5.13_MoC Labelling of information|A5.13]], [[ISO_27002_2022_5.14_MoC Information transfer|A5.14]], [[ISO_27002_2022_5.37_MoC Documented operating procedures|A5.37]], [[ISO_27002_2022_6.7_MoC Remote working|A6.7]], [[ISO_27002_2022_6.8_MoC Information security event reporting|A6.8]], [[ISO_27002_2022_7.7_MoC Clear desk and clear screen|A7.7]], [[ISO_27002_2022_8.24_MoC Use of cryptography|A8.24]]) - - Training ([[ISO_27002_2022_6.3_MoC Information security awareness, education and training|A6.3]]) + - HR Policies ([A6.1](../Corpus/Standards/MoCs/ISO_27002_2022_6.1_MoC%20Screening.md), [A6.2](../Corpus/Standards/MoCs/ISO_27002_2022_6.2_MoC%20Terms%20and%20conditions%20of%20employment.md), [A6.3](../Corpus/Standards/MoCs/ISO_27002_2022_6.3_MoC%20Information%20security%20awareness,%20education%20and%20training.md), [A6.4](../Corpus/Standards/MoCs/ISO_27002_2022_6.4_MoC%20Disciplinary%20process.md), [A6.5](../Corpus/Standards/MoCs/ISO_27002_2022_6.5_MoC%20Responsibilities%20after%20termination%20or%20change%20of%20employment.md), [A6.6](../Corpus/Standards/MoCs/ISO_27002_2022_6.6_MoC%20Confidentiality%20or%20non-disclosure%20agreements.md)) + - User policies ([A5.10](../Corpus/Standards/MoCs/ISO_27002_2022_5.10_MoC%20Acceptable%20use%20of%20information%20and%20other%20associated%20assets.md), [A5.11](../Corpus/Standards/MoCs/ISO_27002_2022_5.11_MoC%20Return%20of%20assets.md), [A5.12](../Corpus/Standards/MoCs/ISO_27002_2022_5.12_MoC%20Classification%20of%20information.md), [A5.13](../Corpus/Standards/MoCs/ISO_27002_2022_5.13_MoC%20Labelling%20of%20information.md), [A5.14](../Corpus/Standards/MoCs/ISO_27002_2022_5.14_MoC%20Information%20transfer.md), [A5.37](../Corpus/Standards/MoCs/ISO_27002_2022_5.37_MoC%20Documented%20operating%20procedures.md), [A6.7](../Corpus/Standards/MoCs/ISO_27002_2022_6.7_MoC%20Remote%20working.md), [A6.8](../Corpus/Standards/MoCs/ISO_27002_2022_6.8_MoC%20Information%20security%20event%20reporting.md), [A7.7](../Corpus/Standards/MoCs/ISO_27002_2022_7.7_MoC%20Clear%20desk%20and%20clear%20screen.md), [A8.24](../Corpus/Standards/MoCs/ISO_27002_2022_8.24_MoC%20Use%20of%20cryptography.md)) + - Training ([A6.3](../Corpus/Standards/MoCs/ISO_27002_2022_6.3_MoC%20Information%20security%20awareness,%20education%20and%20training.md)) - 730: Technology processes - - Access Control ([[ISO_27002_2022_5.15_MoC Access control|A5.15]], [[ISO_27002_2022_5.16_MoC Identity management|A5.16]], [[ISO_27002_2022_5.17_MoC Authentication information|A5.17]], [[ISO_27002_2022_5.18_MoC Access rights|A5.18]], [[ISO_27002_2022_8.2_MoC Privileged access rights|A8.2]], [[ISO_27002_2022_8.3_MoC Information access restriction|A8.3]], [[ISO_27002_2022_8.4_MoC Access to source code|A8.4]], [[ISO_27002_2022_8.5_MoC Secure authentication|A8.5]]) - - Technologies lifecycle ([[ISO_27002_2022_5.8_MoC Information security in project management|A5.8]], [[ISO_27002_2022_5.23_MoC Information security for use of cloud services|A5.23]], [[ISO_27002_2022_8.26_MoC Application security requirements|A8.26]], [[ISO_27002_2022_8.27_MoC Secure system architecture and engineering principles|A8.27]], [[ISO_27002_2022_8.28_MoC Secure coding|A8.28]], [[ISO_27002_2022_8.29_MoC Security testing in development and acceptance|A8.29]], [[ISO_27002_2022_8.30_MoC Outsourced development|A8.30]], [[ISO_27002_2022_8.31_MoC Separation of development, test and production environments|A8.31]], [[ISO_27002_2022_8.32_MoC Change management|A8.32]], [[ISO_27002_2022_8.33_MoC Test information|A8.33]], [[ISO_27002_2022_7.13_MoC Equipment maintenance|A7.13]], [[ISO_27002_2022_7.14_MoC Secure disposal or re-use of equipment|A7.14]], [[ISO_27002_2022_8.6_MoC Capacity management|A8.6]]) - - Vendor management ([[ISO_27002_2022_5.19_MoC Information security in supplier relationships|A5.19]], [[ISO_27002_2022_5.20_MoC Addressing information security within supplier agreements|A5.20]], [[ISO_27002_2022_5.21_MoC Managing information security in the ICT supply chain|A5.21]], [[ISO_27002_2022_5.22_MoC Monitoring, review and change management of supplier services|A5.22]], [[ISO_27002_2022_5.23_MoC Information security for use of cloud services|A5.23]], [[ISO_27002_2022_8.29_MoC Security testing in development and acceptance|A8.29]]) - - Device management ([[ISO_27002_2022_7.9_MoC Security of assets off-premises|A7.9]], [[ISO_27002_2022_7.10_MoC Storage media|A7.10]], [[ISO_27002_2022_8.1_MoC User endpoint devices|A8.1]], [[ISO_27002_2022_8.7_MoC Protection against malware|A8.7]]) - - IT administration ([[ISO_27002_2022_8.7_MoC Protection against malware|A8.7]], [[ISO_27002_2022_8.8_MoC Management of technical vulnerabilities|A8.8]], [[ISO_27002_2022_8.9_MoC Configuration management|A8.9]], [[ISO_27002_2022_8.10_MoC Information deletion|A8.10]], [[ISO_27002_2022_8.11_MoC Data masking|A8.11]], [[ISO_27002_2022_8.12_MoC Data leakage prevention|A8.12]], [[ISO_27002_2022_8.13_MoC Information backup|A8.13]], [[ISO_27002_2022_8.14_MoC Redundancy of information processing facilities|A8.14]], [[ISO_27002_2022_8.15_MoC Logging|A8.15]], [[ISO_27002_2022_8.16_MoC Monitoring activities|A8.16]], [[ISO_27002_2022_8.17_MoC Clock synchronization|A8.17]], [[ISO_27002_2022_8.18_MoC Use of privileged utility programs|A8.18]], [[ISO_27002_2022_8.19_MoC Installation of software on operational systems|A8.19]], [[ISO_27002_2022_8.20_MoC Networks security|A8.20]], [[ISO_27002_2022_8.21_MoC Security of network services|A8.21]], [[ISO_27002_2022_8.22_MoC Segregation of networks|A8.22]], [[ISO_27002_2022_8.23_MoC Web filtering|A8.23]], [[ISO_27002_2022_8.24_MoC Use of cryptography|A8.24]], [[ISO_27002_2022_8.25_MoC Secure development life cycle|A8.25]], [[ISO_27002_2022_8.26_MoC Application security requirements|A8.26]], [[ISO_27002_2022_8.27_MoC Secure system architecture and engineering principles|A8.27]], [[ISO_27002_2022_8.28_MoC Secure coding|A8.28]], [[ISO_27002_2022_8.29_MoC Security testing in development and acceptance|A8.29]], [[ISO_27002_2022_8.30_MoC Outsourced development|A8.30]], [[ISO_27002_2022_8.31_MoC Separation of development, test and production environments|A8.31]], [[ISO_27002_2022_8.32_MoC Change management|A8.32]], [[ISO_27002_2022_8.33_MoC Test information|A8.33]], [[ISO_27002_2022_8.34_MoC Protection of information systems during audit testing|A8.34]], [[ISO_27002_2022_5.6_MoC Contact with special interest groups|A5.6]]) - - Physical security ([[ISO_27002_2022_7.1_MoC Physical security perimeters|A7.1]], [[ISO_27002_2022_7.2_MoC Physical entry|A7.2]], [[ISO_27002_2022_7.3_MoC Securing offices, rooms and facilities|A7.3]], [[ISO_27002_2022_7.4_MoC Physical security monitoring|A7.4]], [[ISO_27002_2022_7.5_MoC Protecting against physical and environmental threats|A7.5]], [[ISO_27002_2022_7.6_MoC Working in secure areas|A7.6]], [[ISO_27002_2022_7.7_MoC Clear desk and clear screen|A7.7]], [[ISO_27002_2022_7.8_MoC Equipment siting and protection|A7.8]], [[ISO_27002_2022_7.12_MoC Cabling security|A7.12]]) -- **800: Evaluate and Improve** ([[ISO_27001_2022_9_MoC Performance evaluation|C9]], [[ISO_27001_2022_10_MoC Improvement|C10]]) - - Audits and Reviews ([[ISO_27001_2022_9.2_MoC Internal audit|C9.2]], [[ISO_27002_2022_5.35_MoC Independent review of information security|A5.35]], [[ISO_27002_2022_5.36_MoC Compliance with policies, rules and standards for information security|A5.36]]) - - Management Reviews ([[ISO_27001_2022_9.3_MoC Management review|C9.3]]) - - Planning of Changes ([[ISO_27001_2022_6.3_MoC Planning of changes|C6.3]]) + - Access Control ([A5.15](../Corpus/Standards/MoCs/ISO_27002_2022_5.15_MoC%20Access%20control.md), [A5.16](../Corpus/Standards/MoCs/ISO_27002_2022_5.16_MoC%20Identity%20management.md), [A5.17](../Corpus/Standards/MoCs/ISO_27002_2022_5.17_MoC%20Authentication%20information.md), [A5.18](../Corpus/Standards/MoCs/ISO_27002_2022_5.18_MoC%20Access%20rights.md), [A8.2](../Corpus/Standards/MoCs/ISO_27002_2022_8.2_MoC%20Privileged%20access%20rights.md), [A8.3](../Corpus/Standards/MoCs/ISO_27002_2022_8.3_MoC%20Information%20access%20restriction.md), [A8.4](../Corpus/Standards/MoCs/ISO_27002_2022_8.4_MoC%20Access%20to%20source%20code.md), [A8.5](../Corpus/Standards/MoCs/ISO_27002_2022_8.5_MoC%20Secure%20authentication.md)) + - Technologies lifecycle ([A5.8](../Corpus/Standards/MoCs/ISO_27002_2022_5.8_MoC%20Information%20security%20in%20project%20management.md), [A5.23](../Corpus/Standards/MoCs/ISO_27002_2022_5.23_MoC%20Information%20security%20for%20use%20of%20cloud%20services.md), [A8.26](../Corpus/Standards/MoCs/ISO_27002_2022_8.26_MoC%20Application%20security%20requirements.md), [A8.27](../Corpus/Standards/MoCs/ISO_27002_2022_8.27_MoC%20Secure%20system%20architecture%20and%20engineering%20principles.md), [A8.28](../Corpus/Standards/MoCs/ISO_27002_2022_8.28_MoC%20Secure%20coding.md), [A8.29](../Corpus/Standards/MoCs/ISO_27002_2022_8.29_MoC%20Security%20testing%20in%20development%20and%20acceptance.md), [A8.30](../Corpus/Standards/MoCs/ISO_27002_2022_8.30_MoC%20Outsourced%20development.md), [A8.31](../Corpus/Standards/MoCs/ISO_27002_2022_8.31_MoC%20Separation%20of%20development,%20test%20and%20production%20environments.md), [A8.32](../Corpus/Standards/MoCs/ISO_27002_2022_8.32_MoC%20Change%20management.md), [A8.33](../Corpus/Standards/MoCs/ISO_27002_2022_8.33_MoC%20Test%20information.md), [A7.13](../Corpus/Standards/MoCs/ISO_27002_2022_7.13_MoC%20Equipment%20maintenance.md), [A7.14](../Corpus/Standards/MoCs/ISO_27002_2022_7.14_MoC%20Secure%20disposal%20or%20re-use%20of%20equipment.md), [A8.6](../Corpus/Standards/MoCs/ISO_27002_2022_8.6_MoC%20Capacity%20management.md)) + - Vendor management ([A5.19](../Corpus/Standards/MoCs/ISO_27002_2022_5.19_MoC%20Information%20security%20in%20supplier%20relationships.md), [A5.20](../Corpus/Standards/MoCs/ISO_27002_2022_5.20_MoC%20Addressing%20information%20security%20within%20supplier%20agreements.md), [A5.21](../Corpus/Standards/MoCs/ISO_27002_2022_5.21_MoC%20Managing%20information%20security%20in%20the%20ICT%20supply%20chain.md), [A5.22](../Corpus/Standards/MoCs/ISO_27002_2022_5.22_MoC%20Monitoring,%20review%20and%20change%20management%20of%20supplier%20services.md), [A5.23](../Corpus/Standards/MoCs/ISO_27002_2022_5.23_MoC%20Information%20security%20for%20use%20of%20cloud%20services.md), [A8.29](../Corpus/Standards/MoCs/ISO_27002_2022_8.29_MoC%20Security%20testing%20in%20development%20and%20acceptance.md)) + - Device management ([A7.9](../Corpus/Standards/MoCs/ISO_27002_2022_7.9_MoC%20Security%20of%20assets%20off-premises.md), [A7.10](../Corpus/Standards/MoCs/ISO_27002_2022_7.10_MoC%20Storage%20media.md), [A8.1](../Corpus/Standards/MoCs/ISO_27002_2022_8.1_MoC%20User%20endpoint%20devices.md), [A8.7](../Corpus/Standards/MoCs/ISO_27002_2022_8.7_MoC%20Protection%20against%20malware.md)) + - IT administration ([A8.7](../Corpus/Standards/MoCs/ISO_27002_2022_8.7_MoC%20Protection%20against%20malware.md), [A8.8](../Corpus/Standards/MoCs/ISO_27002_2022_8.8_MoC%20Management%20of%20technical%20vulnerabilities.md), [A8.9](../Corpus/Standards/MoCs/ISO_27002_2022_8.9_MoC%20Configuration%20management.md), [A8.10](../Corpus/Standards/MoCs/ISO_27002_2022_8.10_MoC%20Information%20deletion.md), [A8.11](../Corpus/Standards/MoCs/ISO_27002_2022_8.11_MoC%20Data%20masking.md), [A8.12](../Corpus/Standards/MoCs/ISO_27002_2022_8.12_MoC%20Data%20leakage%20prevention.md), [A8.13](../Corpus/Standards/MoCs/ISO_27002_2022_8.13_MoC%20Information%20backup.md), [A8.14](../Corpus/Standards/MoCs/ISO_27002_2022_8.14_MoC%20Redundancy%20of%20information%20processing%20facilities.md), [A8.15](../Corpus/Standards/MoCs/ISO_27002_2022_8.15_MoC%20Logging.md), [A8.16](../Corpus/Standards/MoCs/ISO_27002_2022_8.16_MoC%20Monitoring%20activities.md), [A8.17](../Corpus/Standards/MoCs/ISO_27002_2022_8.17_MoC%20Clock%20synchronization.md), [A8.18](../Corpus/Standards/MoCs/ISO_27002_2022_8.18_MoC%20Use%20of%20privileged%20utility%20programs.md), [A8.19](../Corpus/Standards/MoCs/ISO_27002_2022_8.19_MoC%20Installation%20of%20software%20on%20operational%20systems.md), [A8.20](../Corpus/Standards/MoCs/ISO_27002_2022_8.20_MoC%20Networks%20security.md), [A8.21](../Corpus/Standards/MoCs/ISO_27002_2022_8.21_MoC%20Security%20of%20network%20services.md), [A8.22](../Corpus/Standards/MoCs/ISO_27002_2022_8.22_MoC%20Segregation%20of%20networks.md), [A8.23](../Corpus/Standards/MoCs/ISO_27002_2022_8.23_MoC%20Web%20filtering.md), [A8.24](../Corpus/Standards/MoCs/ISO_27002_2022_8.24_MoC%20Use%20of%20cryptography.md), [A8.25](../Corpus/Standards/MoCs/ISO_27002_2022_8.25_MoC%20Secure%20development%20life%20cycle.md), [A8.26](../Corpus/Standards/MoCs/ISO_27002_2022_8.26_MoC%20Application%20security%20requirements.md), [A8.27](../Corpus/Standards/MoCs/ISO_27002_2022_8.27_MoC%20Secure%20system%20architecture%20and%20engineering%20principles.md), [A8.28](../Corpus/Standards/MoCs/ISO_27002_2022_8.28_MoC%20Secure%20coding.md), [A8.29](../Corpus/Standards/MoCs/ISO_27002_2022_8.29_MoC%20Security%20testing%20in%20development%20and%20acceptance.md), [A8.30](../Corpus/Standards/MoCs/ISO_27002_2022_8.30_MoC%20Outsourced%20development.md), [A8.31](../Corpus/Standards/MoCs/ISO_27002_2022_8.31_MoC%20Separation%20of%20development,%20test%20and%20production%20environments.md), [A8.32](../Corpus/Standards/MoCs/ISO_27002_2022_8.32_MoC%20Change%20management.md), [A8.33](../Corpus/Standards/MoCs/ISO_27002_2022_8.33_MoC%20Test%20information.md), [A8.34](../Corpus/Standards/MoCs/ISO_27002_2022_8.34_MoC%20Protection%20of%20information%20systems%20during%20audit%20testing.md), [A5.6](../Corpus/Standards/MoCs/ISO_27002_2022_5.6_MoC%20Contact%20with%20special%20interest%20groups.md)) + - Physical security ([A7.1](../Corpus/Standards/MoCs/ISO_27002_2022_7.1_MoC%20Physical%20security%20perimeters.md), [A7.2](../Corpus/Standards/MoCs/ISO_27002_2022_7.2_MoC%20Physical%20entry.md), [A7.3](../Corpus/Standards/MoCs/ISO_27002_2022_7.3_MoC%20Securing%20offices,%20rooms%20and%20facilities.md), [A7.4](../Corpus/Standards/MoCs/ISO_27002_2022_7.4_MoC%20Physical%20security%20monitoring.md), [A7.5](../Corpus/Standards/MoCs/ISO_27002_2022_7.5_MoC%20Protecting%20against%20physical%20and%20environmental%20threats.md), [A7.6](../Corpus/Standards/MoCs/ISO_27002_2022_7.6_MoC%20Working%20in%20secure%20areas.md), [A7.7](../Corpus/Standards/MoCs/ISO_27002_2022_7.7_MoC%20Clear%20desk%20and%20clear%20screen.md), [A7.8](../Corpus/Standards/MoCs/ISO_27002_2022_7.8_MoC%20Equipment%20siting%20and%20protection.md), [A7.12](../Corpus/Standards/MoCs/ISO_27002_2022_7.12_MoC%20Cabling%20security.md)) +- **800: Evaluate and Improve** ([C9](../Corpus/Standards/MoCs/ISO_27001_2022_9_MoC%20Performance%20evaluation.md), [C10](../Corpus/Standards/MoCs/ISO_27001_2022_10_MoC%20Improvement.md)) + - Audits and Reviews ([C9.2](../Corpus/Standards/MoCs/ISO_27001_2022_9.2_MoC%20Internal%20audit.md), [A5.35](../Corpus/Standards/MoCs/ISO_27002_2022_5.35_MoC%20Independent%20review%20of%20information%20security.md), [A5.36](../Corpus/Standards/MoCs/ISO_27002_2022_5.36_MoC%20Compliance%20with%20policies,%20rules%20and%20standards%20for%20information%20security.md)) + - Management Reviews ([C9.3](../Corpus/Standards/MoCs/ISO_27001_2022_9.3_MoC%20Management%20review.md)) + - Planning of Changes ([C6.3](../Corpus/Standards/MoCs/ISO_27001_2022_6.3_MoC%20Planning%20of%20changes.md)) - **900: ISO 27001 Audits** - - Afwijkingen en Correcties ([[ISO_27001_2022_10.1_MoC Continual improvement|C10.1]]) \ No newline at end of file + - Afwijkingen en Correcties ([C10.1](../Corpus/Standards/MoCs/ISO_27001_2022_10.1_MoC%20Continual%20improvement.md)) \ No newline at end of file diff --git a/AuditGlue/PRD Product Requirements Document for iso27DYI.md b/AuditGlue/PRD Product Requirements Document for iso27DYI.md index 9119455..0fc6457 100644 --- a/AuditGlue/PRD Product Requirements Document for iso27DYI.md +++ b/AuditGlue/PRD Product Requirements Document for iso27DYI.md @@ -73,7 +73,7 @@ Management interfaces must be added to the system to allow employees of Thinking ## Functional Diagram -![[CleanShot 2025-07-17 at 10.45.16.png]] +![](../../๐Ÿ“Ž%20Attachments/CleanShot%202025-07-17%20at%2010.45.16.png) ## iso72DYI Technical Requirements diff --git a/AuditGlue/System alternative/Agent Design Intent Card.md b/AuditGlue/System alternative/Agent Design Intent Card.md index e286521..899cc86 100644 --- a/AuditGlue/System alternative/Agent Design Intent Card.md +++ b/AuditGlue/System alternative/Agent Design Intent Card.md @@ -8,7 +8,7 @@ tags: [Cognigy course](https://academy.cognigy.com/courses/take/conversation-design-course/lessons/24748613-request-and-reply) Proceed with 4.3 **Agent Design Intent Card** -![[Agent Design Intent Card.png]] +![](../../../๐Ÿ“Ž%20Attachments/Agent%20Design%20Intent%20Card.png) Notice: - Who = the user diff --git a/AuditGlue/System alternative/Using AI to create policies.md b/AuditGlue/System alternative/Using AI to create policies.md index d7b0a79..af7647d 100644 --- a/AuditGlue/System alternative/Using AI to create policies.md +++ b/AuditGlue/System alternative/Using AI to create policies.md @@ -22,7 +22,7 @@ Examples: 4. develop interventions based on these differences **Threat analysis** -- do a threat analysis, see [[Create a threat analysis chatbot]] +- do a threat analysis, see [Create a threat analysis chatbot](../../Drafts%20and%20Ideas/Controls/Create%20a%20threat%20analysis%20chatbot.md) **Policy drafting** diff --git a/AuditGlue/System alternative/iso27DIY UI ideas.md b/AuditGlue/System alternative/iso27DIY UI ideas.md index 23ebe70..450e2a6 100644 --- a/AuditGlue/System alternative/iso27DIY UI ideas.md +++ b/AuditGlue/System alternative/iso27DIY UI ideas.md @@ -9,13 +9,13 @@ https://advisera.com/conformio/ **academy.cognigy.com** Video courses for conversation design -![[Cognigy.png|1000]] +![1000](../../../๐Ÿ“Ž%20Attachments/Cognigy.png) **PECB eLearning** -![[CleanShot 2025-07-01 at 13.59.22 1.png|1000]] +![1000](../../../๐Ÿ“Ž%20Attachments/CleanShot%202025-07-01%20at%2013.59.22%201.png) **Writing assistant made with Base44** -![[screenshot 1.png]] +![](../../../๐Ÿ“Ž%20Attachments/screenshot%201.png) diff --git a/Corpus/MoCs/Change management MoC.md b/Corpus/MoCs/Change management MoC.md index b65ee95..ff7f6ee 100644 --- a/Corpus/MoCs/Change management MoC.md +++ b/Corpus/MoCs/Change management MoC.md @@ -1,11 +1,11 @@ #iso27002/2022/EN Change Management in ISO 27002: -- [[ISO_27002_2022_5.8_MoC Information security in project management|5.8:]] Information security in project management -- [[ISO_27002_2022_5.22_MoC Monitoring, review and change management of supplier services|5.22:]] Monitoring, review and change management of supplier services -- [[ISO_27002_2022_8.28_MoC Secure coding|8.28:]] Secure coding -- [[ISO_27002_2022_8.29_MoC Security testing in development and acceptance|8.29:]] Security testing in development and acceptance -- [[ISO_27002_2022_8.32_MoC Change management|8.32:]] Change management +- [5.8:](../Standards/MoCs/ISO_27002_2022_5.8_MoC%20Information%20security%20in%20project%20management.md) Information security in project management +- [5.22:](../Standards/MoCs/ISO_27002_2022_5.22_MoC%20Monitoring,%20review%20and%20change%20management%20of%20supplier%20services.md) Monitoring, review and change management of supplier services +- [8.28:](../Standards/MoCs/ISO_27002_2022_8.28_MoC%20Secure%20coding.md) Secure coding +- [8.29:](../Standards/MoCs/ISO_27002_2022_8.29_MoC%20Security%20testing%20in%20development%20and%20acceptance.md) Security testing in development and acceptance +- [8.32:](../Standards/MoCs/ISO_27002_2022_8.32_MoC%20Change%20management.md) Change management Also check the topic of risk / impact assessment. diff --git a/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT 4.1 Understanding the organization and its context.md b/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT 4.1 Understanding the organization and its context.md index ea71efe..6d56377 100644 --- a/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT 4.1 Understanding the organization and its context.md +++ b/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT 4.1 Understanding the organization and its context.md @@ -2,5 +2,5 @@ The organization shall determine external and internal issues that are relevant to its purpose and that affect its ability to achieve the intended outcome(s) of its information security management system. -NOTE Determining these issues refers to establishing the external and internal context of the organization considered in [[ISO_31000_OT 5.4.1 Understanding the organization and its context|Clause 5.4.1]] of ISO 31000:2018. +NOTE Determining these issues refers to establishing the external and internal context of the organization considered in [Clause 5.4.1](../../ISO_31000_OT%205.4.1%20Understanding%20the%20organization%20and%20its%20context.md) of ISO 31000:2018. diff --git a/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT 4.3 Determining the scope of the information security management system.md b/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT 4.3 Determining the scope of the information security management system.md index 6dcbd43..0c3aa4e 100644 --- a/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT 4.3 Determining the scope of the information security management system.md +++ b/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT 4.3 Determining the scope of the information security management system.md @@ -5,9 +5,9 @@ The organization shall determine the boundaries and applicability of the informa When determining this scope, the organization shall consider: -a\) the external and internal issues referred to in [[ISO_27001_2022_OT 4.1 Understanding the organization and its context|4.1]]; +a\) the external and internal issues referred to in [4.1](ISO_27001_2022_OT%204.1%20Understanding%20the%20organization%20and%20its%20context.md); -b\) the requirements referred to in [[ISO_27001_2022_4.2_MoC Understanding the needs and expectations of interested parties|4.2]]; +b\) the requirements referred to in [4.2](../../MoCs/ISO_27001_2022_4.2_MoC%20Understanding%20the%20needs%20and%20expectations%20of%20interested%20parties.md); c\) interfaces and dependencies between activities performed by the organization, and those that are performed by other organizations. diff --git a/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT 5.2 Policy.md b/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT 5.2 Policy.md index e8bcc7a..414bca5 100644 --- a/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT 5.2 Policy.md +++ b/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT 5.2 Policy.md @@ -5,7 +5,7 @@ Top management shall establish an information security policy that: a\) is appropriate to the purpose of the organization; -b\) includes information security objectives (see [[ISO_27001_OT 6.2 Information security objectives and planning to achieve them|6.2]]) or provides the framework for setting information security objectives; +b\) includes information security objectives (see [6.2](ISO_27001_OT%206.2%20Information%20security%20objectives%20and%20planning%20to%20achieve%20them.md)) or provides the framework for setting information security objectives; c\) includes a commitment to satisfy applicable requirements related to information security; diff --git a/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT 6.1.1 General.md b/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT 6.1.1 General.md index f0456d3..e3268c0 100644 --- a/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT 6.1.1 General.md +++ b/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT 6.1.1 General.md @@ -1,6 +1,6 @@ ### 6.1.1 General -When planning for the information security management system, the organization shall consider the issues referred to in [[ISO_27001_2022_OT 4.1 Understanding the organization and its context|4.1]] and the requirements referred to in [[ISO_27001_2022_OT 4.2 Understanding the needs and expectations of interested parties|4.2]] and determine the risks and opportunities that need to be addressed to: +When planning for the information security management system, the organization shall consider the issues referred to in [4.1](ISO_27001_2022_OT%204.1%20Understanding%20the%20organization%20and%20its%20context.md) and the requirements referred to in [4.2](ISO_27001_2022_OT%204.2%20Understanding%20the%20needs%20and%20expectations%20of%20interested%20parties.md) and determine the risks and opportunities that need to be addressed to: a\) ensure the information security management system can achieve its intended outcome(s); diff --git a/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT 8.2 Information security risk assessment.md b/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT 8.2 Information security risk assessment.md index c680dce..27c30b7 100644 --- a/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT 8.2 Information security risk assessment.md +++ b/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT 8.2 Information security risk assessment.md @@ -1,6 +1,6 @@ #iso27001/2022/EN # Clause 8.2: Information security risk assessment -The organization shall perform information security risk assessments at planned intervals or when significant changes are proposed or occur, taking account of the criteria established in [[ISO_27001_OT 6.1.2 Information security risk assessment|6.1.2a]]. +The organization shall perform information security risk assessments at planned intervals or when significant changes are proposed or occur, taking account of the criteria established in [6.1.2a](ISO_27001_OT%206.1.2%20Information%20security%20risk%20assessment.md). The organization shall retain documented information of the results of the information security risk assessments. \ No newline at end of file diff --git a/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT Terms and definitions.md b/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT Terms and definitions.md index 7f5c32a..6145a1a 100644 --- a/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT Terms and definitions.md +++ b/Corpus/Standards/ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT Terms and definitions.md @@ -5,4 +5,4 @@ For the purposes of this document, the terms and definitions given in ISO/IEC 27000 apply. -[[ISO 27000 MoC]] \ No newline at end of file +[ISO 27000 MoC](../../../../../๐Ÿ‘ฉ๐Ÿผโ€โš–๏ธ%20Standards%20and%20Regulations/ISO%2027K/ISO%2027000%20MoC.md) \ No newline at end of file diff --git a/Corpus/Standards/ISO-27001-OST/ISO27001-NL-2023/ISO_27001_2023_NL_Index.md b/Corpus/Standards/ISO-27001-OST/ISO27001-NL-2023/ISO_27001_2023_NL_Index.md index 34d10ee..15db930 100644 --- a/Corpus/Standards/ISO-27001-OST/ISO27001-NL-2023/ISO_27001_2023_NL_Index.md +++ b/Corpus/Standards/ISO-27001-OST/ISO27001-NL-2023/ISO_27001_2023_NL_Index.md @@ -7,7 +7,7 @@ Publicatiedatum: augustus 2023 | **0** | **Inleiding** | [[ISO_27001_2023_NL_BT 0 Inzicht in de organisatie en haar context \|BT]] | [[ISO_27001_2023_NL_NN 0 Inzicht in de organisatie en haar context \|NN]] | | **1** | **Onderwerp en toepassingsgebied** | [[ISO_27001_2023_NL_BT 1 Onderwerp en toepassingsgebied \|BT]] | [[ISO_27001_2023_NL_NN 1 Onderwerp en toepassingsgebied \|NN]] | | **2** | **Normatieve verwijzingen** | [[ISO_27001_2023_NL_BT 2 Normatieve verwijzingen \|BT]] | [[ISO_27001_2023_NL_NN 2 Normatieve verwijzingen \|NN]] | -| **3** | **Termen en definities** | [[ISO_27001_2023_NL_BT 3 Termen en definities \|BT]] | [[ISO_27001_2023_NL_NN 3 Termen en definities \|NN]] | +| **3** | **Termen en definities** | [BT](ISO_27001_2023_NL_BT%203%20Termen%20en%20definities.md) | [[ISO_27001_2023_NL_NN 3 Termen en definities \|NN]] | | **4** | **Context van de organisatie** | | | | 4.1 | Inzicht in de organisatie en haar context | [[ISO_27001_2023_NL_BT 4.1 Inzicht in de organisatie en haar context \|BT]] | [[ISO_27001_2023_NL_NN 4.1 Inzicht in de organisatie en haar context \|NN]] | | 4.2 | Inzicht in de behoeften en verwachtingen van belanghebbenden | [[ISO_27001_2023_NL_BT 4.2 Inzicht in de behoeften en verwachtingen van belanghebbenden \|BT]] | [[ISO_27001_2023_NL_NN 4.2 Inzicht in de behoeften en verwachtingen van belanghebbenden \|NN]] | diff --git a/Corpus/Standards/ISO-27001-OST/ISO27001-NL-2023/ISO_27001_2023_NL_PDF.md b/Corpus/Standards/ISO-27001-OST/ISO27001-NL-2023/ISO_27001_2023_NL_PDF.md index 2bede09..944055f 100644 --- a/Corpus/Standards/ISO-27001-OST/ISO27001-NL-2023/ISO_27001_2023_NL_PDF.md +++ b/Corpus/Standards/ISO-27001-OST/ISO27001-NL-2023/ISO_27001_2023_NL_PDF.md @@ -1,6 +1,6 @@ #iso27001/2023/NL # ISO 27001 2023 NL -![[ISO_IEC_27001_2023_NL.pdf]] +![](../../../../../๐Ÿ“Ž%20Attachments/ISO_IEC_27001_2023_NL.pdf) diff --git a/Corpus/Standards/ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.30_OT ICT readiness for business continuity.md b/Corpus/Standards/ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.30_OT ICT readiness for business continuity.md index 5f4f4c2..57a9d36 100644 --- a/Corpus/Standards/ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.30_OT ICT readiness for business continuity.md +++ b/Corpus/Standards/ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.30_OT ICT readiness for business continuity.md @@ -1,7 +1,7 @@ #iso27002/2022/EN See also: -- [[BCP_Bedrijfscontinuรฏteitsplanning]] -- [[Disaster Recovery Planning]] +- [BCP_Bedrijfscontinuรฏteitsplanning](../../../../../๐Ÿ“š๏ธ%20Literature%20notes/BCP_Bedrijfscontinuรฏteitsplanning.md) +- [Disaster Recovery Planning](../../../../../๐ŸŽ‡%20Sparks/Disaster%20Recovery%20Planning.md) # **5.30** **ICT** **readiness** **for** **business** continuity diff --git a/Corpus/Standards/ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.7_OT Threat intelligence.md b/Corpus/Standards/ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.7_OT Threat intelligence.md index ff075dc..538e7c8 100644 --- a/Corpus/Standards/ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.7_OT Threat intelligence.md +++ b/Corpus/Standards/ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.7_OT Threat intelligence.md @@ -44,5 +44,5 @@ c) ย as input to the information security test processes and techniques. The organization should share threat intelligence with other organizations on a mutual basis in order to improve overall threat intelligence. # Related: -- [[Threat Intelligence]] +- [Threat Intelligence](../../../../../๐ŸŽ‡%20Sparks/Threat%20Intelligence.md) - [[ISO_27002_PE 5.7 Threat intelligence]] diff --git a/Corpus/Standards/ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_4.2_BT Thema's en attributen.md b/Corpus/Standards/ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_4.2_BT Thema's en attributen.md index 16a2856..1a73e35 100644 --- a/Corpus/Standards/ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_4.2_BT Thema's en attributen.md +++ b/Corpus/Standards/ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_4.2_BT Thema's en attributen.md @@ -44,4 +44,4 @@ Beveiligingsdomeinen is een attribuut om beheersmaatregelen te bekijken vanuit h De in dit document vermelde attributen zijn gekozen op basis van het feit dat ze als generiek genoeg worden beschouwd om door verschillende soorten organisaties te worden gebruiktrganisaties kunnen ervoor kiezen een of meer van de in dit document vermelde attributen buiten beschouwing te latene kunnen ook zelf attributen (met de bijbehorende attribuutwaarden) aanmaken om hun eigen organisatieoverzichten te maken. Hoofdstuk A.2 bevat voorbeelden van dergelijke attributen. -Zie ook: [[ISO_27002_NL_Template_Attribuuttabel]] \ No newline at end of file +Zie ook: [ISO_27002_NL_Template_Attribuuttabel](../../../../../๐Ÿ“’%20Templates/ISO_27002_NL_Template_Attribuuttabel.md) \ No newline at end of file diff --git a/Corpus/Standards/ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_Index.md b/Corpus/Standards/ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_Index.md index 841bc4c..71dd71a 100644 --- a/Corpus/Standards/ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_Index.md +++ b/Corpus/Standards/ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_Index.md @@ -6,42 +6,42 @@ | :------ | :---------------------------------------------------------------------------- | :---------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------- | | **3** | **Termen, definities en afgekorte termen** | | | | 3.1 | Termen en definities | [[ISO_27002_2022_NL_3.1_BT Termen en definities \|BT]] | [[ISO_27002_2022_NL_NN 3.1 Termen en definities \|NN]] | -| 3.2 | Afgekorte termen | [[ISO_27002_2022_NL_3.2_BT Afgekorte termen \|BT]] | [[ISO_27002_2022_NL_NN 3.2 Afgekorte termen \|NN]] | +| 3.2 | Afgekorte termen | [BT](ISO_27002_2022_NL_3.2_BT%20Afgekorte%20termen.md) | [[ISO_27002_2022_NL_NN 3.2 Afgekorte termen \|NN]] | | **4** | **Structuur van dit document** | _ | | -| 4.1 | Hoofdstukken | [[ISO_27002_2022_NL_4.1_BT Hoofdstukken \|BT]] | [[ISO_27002_2022_NL_NN 4.1 Hoofdstukken \|NN]] | -| 4.2 | Thema's en attributen | [[ISO_27002_2022_NL_4.2_BT Thema's en attributen \|BT]] | [[ISO_27002_2022_NL_NN 4.2 Thema's en attributen \|NN]] | -| 4.3 | Indeling beheersmaatregel | [[ISO_27002_2022_NL_4.3_BT Indeling beheersmaatregel \|BT]] | [[ISO_27002_2022_NL_NN 4.3 Indeling beheersmaatregel \|NN]] | +| 4.1 | Hoofdstukken | [BT](ISO_27002_2022_NL_4.1_BT%20Hoofdstukken.md) | [[ISO_27002_2022_NL_NN 4.1 Hoofdstukken \|NN]] | +| 4.2 | Thema's en attributen | [BT](ISO_27002_2022_NL_4.2_BT%20Thema's%20en%20attributen.md) | [[ISO_27002_2022_NL_NN 4.2 Thema's en attributen \|NN]] | +| 4.3 | Indeling beheersmaatregel | [BT](ISO_27002_2022_NL_4.3_BT%20Indeling%20beheersmaatregel.md) | [[ISO_27002_2022_NL_NN 4.3 Indeling beheersmaatregel \|NN]] | | **5** | **Organisatorische beheersmaatregelen** | _ | | -| 5.1 | Beleidsregels voor informatiebeveiliging | [[ISO_27002_2022_NL_5.1_BT Beleidsregels voor informatiebeveiliging \|BT]] | [[ISO_27002_2022_NL_NN 5.1 Beleidsregels voor informatiebeveiliging \|NN]] | -| 5.2 | Rollen en verantwoordelijkheden bij informatiebeveiliging | [[ISO_27002_2022_NL_5.2_BT Rollen en verantwoordelijkheden bij informatiebeveiliging \|BT]] | [[ISO_27002_2022_NL_NN 5.2 Rollen en verantwoordelijkheden bij informatiebeveiliging \|NN]] | -| 5.3 | Functiescheiding | [[ISO_27002_2022_NL_5.3_BT Functiescheiding \|BT]] | [[ISO_27002_2022_NL_NN 5.3 Functiescheiding \|NN]] | -| 5.4 | Managementverantwoordelijkheden | [[ISO_27002_2022_NL_5.4_BT Managementverantwoordelijkheden \|BT]] | [[ISO_27002_2022_NL_NN 5.4 Managementverantwoordelijkheden \|NN]] | -| 5.5 | Contact met overheidsinstanties | [[ISO_27002_2022_NL_5.5_BT Contact met overheidsinstanties \|BT]] | [[ISO_27002_2022_NL_NN 5.5 Contact met overheidsinstanties \|NN]] | -| 5.6 | Contact met speciale belangengroepen | [[ISO_27002_2022_NL_5.6_BT Contact met speciale belangengroepen \|BT]] | [[ISO_27002_2022_NL_NN 5.6 Contact met speciale belangengroepen \|NN]] | -| 5.7 | Informatie en analyses over dreigingen | [[ISO_27002_2022_NL_5.7_BT Informatie en analyses over dreigingen \|BT]] | [[ISO_27002_2022_NL_NN 5.7 Informatie en analyses over dreigingen \|NN]] | -| 5.8 | Informatiebeveiliging in projectmanagement | [[ISO_27002_2022_NL_5.8_BT Informatiebeveiliging in projectmanagement \|BT]] | [[ISO_27002_2022_NL_NN 5.8 Informatiebeveiliging in projectmanagement \|NN]] | -| 5.9 | Inventarisatie van informatie en andere gerelateerde bedrijfsmiddelen | [[ISO_27002_2022_NL_5.9_BT Inventarisatie van informatie en andere gerelateerde bedrijfsmiddelen \|BT]] | [[ISO_27002_2022_NL_NN 5.9 Inventarisatie van informatie en andere gerelateerde bedrijfsmiddelen \|NN]] | -| 5.10 | Aanvaardbaar gebruik van informatie en andere gerelateerde bedrijfsmiddelen | [[ISO_27002_2022_NL_5.10_BT Aanvaardbaar gebruik van informatie en andere gerelateerde bedrijfsmiddelen \|BT]] | [[ISO_27002_2022_NL_NN 5.10 Aanvaardbaar gebruik van informatie en andere gerelateerde bedrijfsmiddelen \|NN]] | -| 5.11 | Retourneren van bedrijfsmiddelen | [[ISO_27002_2022_NL_5.11_BT Retourneren van bedrijfsmiddelen \|BT]] | [[ISO_27002_2022_NL_NN 5.11 Retourneren van bedrijfsmiddelen \|NN]] | -| 5.12 | Classificeren van informatie | [[ISO_27002_2022_NL_5.12_BT Classificeren van informatie \|BT]] | [[ISO_27002_2022_NL_NN 5.12 Classificeren van informatie \|NN]] | -| 5.13 | Labelen van informatie | [[ISO_27002_2022_NL_5.13_BT Labelen van informatie \|BT]] | [[ISO_27002_2022_NL_NN 5.13 Labelen van informatie \|NN]] | -| 5.14 | Overdragen van informatie | [[ISO_27002_2022_NL_5.14_BT Overdragen van informatie \|BT]] | [[ISO_27002_2022_NL_NN 5.14 Overdragen van informatie \|NN]] | -| 5.15 | Toegangsbeveiliging | [[ISO_27002_2022_NL_5.15_BT Toegangsbeveiliging \|BT]] | [[ISO_27002_2022_NL_NN 5.15 Toegangsbeveiliging \|NN]] | -| 5.16 | Identiteitsbeheer | [[ISO_27002_2022_NL_5.16_BT Identiteitsbeheer \|BT]] | [[ISO_27002_2022_NL_NN 5.16 Identiteitsbeheer \|NN]] | -| 5.17 | Beheren van authenticatie-informatie | [[ISO_27002_2022_NL_5.17_BT Beheren van authenticatie-informatie \|BT]] | [[ISO_27002_2022_NL_NN 5.17 Beheren van authenticatie-informatie \|NN]] | -| 5.18 | Toegangsrechten | [[ISO_27002_2022_NL_5.18_BT Toegangsrechten \|BT]] | [[ISO_27002_2022_NL_NN 5.18 Toegangsrechten \|NN]] | -| 5.19 | Informatiebeveiliging in leveranciersrelaties | [[ISO_27002_2022_NL_5.19_BT Informatiebeveiliging in leveranciersrelaties \|BT]] | [[ISO_27002_2022_NL_NN 5.19 Informatiebeveiliging in leveranciersrelaties \|NN]] | -| 5.20 | Adresseren van informatiebeveiliging in leveranciersovereenkomsten | [[ISO_27002_2022_NL_5.20_BT Adresseren van informatiebeveiliging in leveranciersovereenkomsten \|BT]] | [[ISO_27002_2022_NL_NN 5.20 Adresseren van informatiebeveiliging in leveranciersovereenkomsten \|NN]] | -| 5.21 | Beheren van informatiebeveiliging in de ICT-keten | [[ISO_27002_2022_NL_5.21_BT Beheren van informatiebeveiliging in de ICT-keten \|BT]] | [[ISO_27002_2022_NL_NN 5.21 Beheren van informatiebeveiliging in de ICT-keten \|NN]] | -| 5.22 | Monitoren, beoordelen en het beheren van wijzigingen van leveranciersdiensten | [[ISO_27002_2022_NL_5.22_BT Monitoren, beoordelen en het beheren van wijzigingen van leveranciersdiensten \|BT]] | [[ISO_27002_2022_NL_NN 5.22 Monitoren, beoordelen en het beheren van wijzigingen van leveranciersdiensten \|NN]] | -| 5.23 | Informatiebeveiliging voor het gebruik van clouddiensten | [[ISO_27002_2022_NL_5.23_BT Informatiebeveiliging voor het gebruik van clouddiensten \|BT]] | [[ISO_27002_2022_NL_NN 5.23 Informatiebeveiliging voor het gebruik van clouddiensten \|NN]] | +| 5.1 | Beleidsregels voor informatiebeveiliging | [BT](ISO_27002_2022_NL_5.1_BT%20Beleidsregels%20voor%20informatiebeveiliging.md) | [[ISO_27002_2022_NL_NN 5.1 Beleidsregels voor informatiebeveiliging \|NN]] | +| 5.2 | Rollen en verantwoordelijkheden bij informatiebeveiliging | [BT](ISO_27002_2022_NL_5.2_BT%20Rollen%20en%20verantwoordelijkheden%20bij%20informatiebeveiliging.md) | [[ISO_27002_2022_NL_NN 5.2 Rollen en verantwoordelijkheden bij informatiebeveiliging \|NN]] | +| 5.3 | Functiescheiding | [BT](ISO_27002_2022_NL_5.3_BT%20Functiescheiding.md) | [[ISO_27002_2022_NL_NN 5.3 Functiescheiding \|NN]] | +| 5.4 | Managementverantwoordelijkheden | [BT](ISO_27002_2022_NL_5.4_BT%20Managementverantwoordelijkheden.md) | [[ISO_27002_2022_NL_NN 5.4 Managementverantwoordelijkheden \|NN]] | +| 5.5 | Contact met overheidsinstanties | [BT](ISO_27002_2022_NL_5.5_BT%20Contact%20met%20overheidsinstanties.md) | [[ISO_27002_2022_NL_NN 5.5 Contact met overheidsinstanties \|NN]] | +| 5.6 | Contact met speciale belangengroepen | [BT](ISO_27002_2022_NL_5.6_BT%20Contact%20met%20speciale%20belangengroepen.md) | [[ISO_27002_2022_NL_NN 5.6 Contact met speciale belangengroepen \|NN]] | +| 5.7 | Informatie en analyses over dreigingen | [BT](ISO_27002_2022_NL_5.7_BT%20Informatie%20en%20analyses%20over%20dreigingen.md) | [[ISO_27002_2022_NL_NN 5.7 Informatie en analyses over dreigingen \|NN]] | +| 5.8 | Informatiebeveiliging in projectmanagement | [BT](ISO_27002_2022_NL_5.8_BT%20Informatiebeveiliging%20in%20projectmanagement.md) | [[ISO_27002_2022_NL_NN 5.8 Informatiebeveiliging in projectmanagement \|NN]] | +| 5.9 | Inventarisatie van informatie en andere gerelateerde bedrijfsmiddelen | [BT](ISO_27002_2022_NL_5.9_BT%20Inventarisatie%20van%20informatie%20en%20andere%20gerelateerde%20bedrijfsmiddelen.md) | [[ISO_27002_2022_NL_NN 5.9 Inventarisatie van informatie en andere gerelateerde bedrijfsmiddelen \|NN]] | +| 5.10 | Aanvaardbaar gebruik van informatie en andere gerelateerde bedrijfsmiddelen | [BT](ISO_27002_2022_NL_5.10_BT%20Aanvaardbaar%20gebruik%20van%20informatie%20en%20andere%20gerelateerde%20bedrijfsmiddelen.md) | [[ISO_27002_2022_NL_NN 5.10 Aanvaardbaar gebruik van informatie en andere gerelateerde bedrijfsmiddelen \|NN]] | +| 5.11 | Retourneren van bedrijfsmiddelen | [BT](ISO_27002_2022_NL_5.11_BT%20Retourneren%20van%20bedrijfsmiddelen.md) | [[ISO_27002_2022_NL_NN 5.11 Retourneren van bedrijfsmiddelen \|NN]] | +| 5.12 | Classificeren van informatie | [BT](ISO_27002_2022_NL_5.12_BT%20Classificeren%20van%20informatie.md) | [[ISO_27002_2022_NL_NN 5.12 Classificeren van informatie \|NN]] | +| 5.13 | Labelen van informatie | [BT](ISO_27002_2022_NL_5.13_BT%20Labelen%20van%20informatie.md) | [[ISO_27002_2022_NL_NN 5.13 Labelen van informatie \|NN]] | +| 5.14 | Overdragen van informatie | [BT](ISO_27002_2022_NL_5.14_BT%20Overdragen%20van%20informatie.md) | [[ISO_27002_2022_NL_NN 5.14 Overdragen van informatie \|NN]] | +| 5.15 | Toegangsbeveiliging | [BT](ISO_27002_2022_NL_5.15_BT%20Toegangsbeveiliging.md) | [[ISO_27002_2022_NL_NN 5.15 Toegangsbeveiliging \|NN]] | +| 5.16 | Identiteitsbeheer | [BT](ISO_27002_2022_NL_5.16_BT%20Identiteitsbeheer.md) | [[ISO_27002_2022_NL_NN 5.16 Identiteitsbeheer \|NN]] | +| 5.17 | Beheren van authenticatie-informatie | [BT](ISO_27002_2022_NL_5.17_BT%20Beheren%20van%20authenticatie-informatie.md) | [[ISO_27002_2022_NL_NN 5.17 Beheren van authenticatie-informatie \|NN]] | +| 5.18 | Toegangsrechten | [BT](ISO_27002_2022_NL_5.18_BT%20Toegangsrechten.md) | [[ISO_27002_2022_NL_NN 5.18 Toegangsrechten \|NN]] | +| 5.19 | Informatiebeveiliging in leveranciersrelaties | [BT](ISO_27002_2022_NL_5.19_BT%20Informatiebeveiliging%20in%20leveranciersrelaties.md) | [[ISO_27002_2022_NL_NN 5.19 Informatiebeveiliging in leveranciersrelaties \|NN]] | +| 5.20 | Adresseren van informatiebeveiliging in leveranciersovereenkomsten | [BT](ISO_27002_2022_NL_5.20_BT%20Adresseren%20van%20informatiebeveiliging%20in%20leveranciersovereenkomsten.md) | [[ISO_27002_2022_NL_NN 5.20 Adresseren van informatiebeveiliging in leveranciersovereenkomsten \|NN]] | +| 5.21 | Beheren van informatiebeveiliging in de ICT-keten | [BT](ISO_27002_2022_NL_5.21_BT%20Beheren%20van%20informatiebeveiliging%20in%20de%20ICT-keten.md) | [[ISO_27002_2022_NL_NN 5.21 Beheren van informatiebeveiliging in de ICT-keten \|NN]] | +| 5.22 | Monitoren, beoordelen en het beheren van wijzigingen van leveranciersdiensten | [BT](ISO_27002_2022_NL_5.22_BT%20Monitoren,%20beoordelen%20en%20het%20beheren%20van%20wijzigingen%20van%20leveranciersdiensten.md) | [[ISO_27002_2022_NL_NN 5.22 Monitoren, beoordelen en het beheren van wijzigingen van leveranciersdiensten \|NN]] | +| 5.23 | Informatiebeveiliging voor het gebruik van clouddiensten | [BT](ISO_27002_2022_NL_5.23_BT%20Informatiebeveiliging%20voor%20het%20gebruik%20van%20clouddiensten.md) | [[ISO_27002_2022_NL_NN 5.23 Informatiebeveiliging voor het gebruik van clouddiensten \|NN]] | | 5.24 | Plannen en voorbereiden van het beheer van informatiebeveiligingsincidenten | [[ISO_27002_2022_NL_5.24_BT Plannen en voorbereiden van het beheer van informatiebeveiligingsincidenten \|BT]] | [[ISO_27002_2022_NL_NN 5.24 Plannen en voorbereiden van het beheer van informatiebeveiligingsincidenten \|NN]] | | 5.25 | Beoordelen van en besluiten over informatiebeveiligingsgebeurtenissen | [[ISO_27002_2022_NL_5.25_BT Beoordelen van en besluiten over informatiebeveiligingsgebeurtenissen \|BT]] | [[ISO_27002_2022_NL_NN 5.25 Beoordelen van en besluiten over informatiebeveiligingsgebeurtenissen \|NN]] | | 5.26 | Reageren op informatiebeveiligingsincidenten | [[ISO_27002_2022_NL_5.26_BT Reageren op informatiebeveiligingsincidenten \|BT]] | [[ISO_27002_2022_NL_NN 5.26 Reageren op informatiebeveiligingsincidenten \|NN]] | | 5.27 | Leren van informatiebeveiligingsincidenten | [[ISO_27002_2022_NL_5.27_BT Leren van informatiebeveiligingsincidenten \|BT]] | [[ISO_27002_2022_NL_NN 5.27 Leren van informatiebeveiligingsincidenten \|NN]] | | 5.28 | Verzamelen van bewijsmateriaal | [[ISO_27002_2022_NL_5.28_BT Verzamelen van bewijsmateriaal \|BT]] | [[ISO_27002_2022_NL_NN 5.28 Verzamelen van bewijsmateriaal \|NN]] | | 5.29 | Informatiebeveiliging tijdens een verstoring | [[ISO_27002_2022_NL_5.29_BT Informatiebeveiliging tijdens een verstoring \|BT]] | [[ISO_27002_2022_NL_NN 5.29 Informatiebeveiliging tijdens een verstoring \|NN]] | -| 5.30 | ICT-gereedheid voor bedrijfscontinuรฏteit | [[ISO_27002_2022_NL_5.30_BT ICT-gereedheid voor bedrijfscontinuรฏteit \|BT]] | [[ISO_27002_2022_NL_NN 5.30 ICT-gereedheid voor bedrijfscontinuรฏteit \|NN]] | +| 5.30 | ICT-gereedheid voor bedrijfscontinuรฏteit | [BT](ISO_27002_2022_NL_5.30_BT%20ICT-gereedheid%20voor%20bedrijfscontinuรฏteit.md) | [[ISO_27002_2022_NL_NN 5.30 ICT-gereedheid voor bedrijfscontinuรฏteit \|NN]] | | 5.31 | Wettelijke, statutaire, regelgevende en contractuele eisen | [[ISO_27002_2022_NL_5.31_BT Wettelijke, statutaire, regelgevende en contractuele eisen \|BT]] | [[ISO_27002_2022_NL_NN 5.31 Wettelijke, statutaire, regelgevende en contractuele eisen \|NN]] | | 5.32 | Intellectuele-eigendomsrechten | [[ISO_27002_2022_NL_5.32_BT Intellectuele-eigendomsrechten \|BT]] | [[ISO_27002_2022_NL_NN 5.32 Intellectuele-eigendomsrechten \|NN]] | | 5.33 | Beschermen van registraties | [[ISO_27002_2022_NL_5.33_BT Beschermen van registraties \|BT]] | [[ISO_27002_2022_NL_NN 5.33 Beschermen van registraties \|NN]] | @@ -100,15 +100,15 @@ | 8.21 | Beveiliging van netwerkdiensten | [[ISO_27002_2022_NL_8.21_BT Beveiliging van netwerkdiensten \|BT]] | [[ISO_27002_2022_NL_NN 8.21 Beveiliging van netwerkdiensten \|NN]] | | 8.22 | Netwerksegmentatie | [[ISO_27002_2022_NL_8.22_BT Netwerksegmentatie \|BT]] | [[ISO_27002_2022_NL_NN 8.22 Netwerksegmentatie \|NN]] | | 8.23 | Toepassen van webfilters | [[ISO_27002_2022_NL_8.23_BT Toepassen van webfilters \|BT]] | [[ISO_27002_2022_NL_NN 8.23 Toepassen van webfilters \|NN]] | -| 8.24 | Gebruik van cryptografie | [[ISO_27002_2022_NL_8.24_BT Gebruik van cryptografie \|BT]] | [[ISO_27002_2022_NL_NN 8.24 Gebruik van cryptografie \|NN]] | +| 8.24 | Gebruik van cryptografie | [BT](ISO_27002_2022_NL_8.24_BT%20Gebruik%20van%20cryptografie.md) | [[ISO_27002_2022_NL_NN 8.24 Gebruik van cryptografie \|NN]] | | 8.25 | Beveiligen tijdens de ontwikkelcyclus | [[ISO_27002_2022_NL_8.25_BT Beveiligen tijdens de ontwikkelcyclus \|BT]] | [[ISO_27002_2022_NL_NN 8.25 Beveiligen tijdens de ontwikkelcyclus \|NN]] | | 8.26 | Toepassingsbeveiligingseisen | [[ISO_27002_2022_NL_8.26_BT Toepassingsbeveiligingseisen \|BT]] | [[ISO_27002_2022_NL_NN 8.26 Toepassingsbeveiligingseisen \|NN]] | | 8.27 | Veilige systeemarchitectuur en technische uitgangspunten | [[ISO_27002_2022_NL_8.27_BT Veilige systeemarchitectuur en technische uitgangspunten \|BT]] | [[ISO_27002_2022_NL_NN 8.27 Veilige systeemarchitectuur en technische uitgangspunten \|NN]] | -| 8.28 | Veilig coderen | [[ISO_27002_2022_NL_8.28_BT Veilig coderen \|BT]] | [[ISO_27002_2022_NL_NN 8.28 Veilig coderen \|NN]] | +| 8.28 | Veilig coderen | [BT](ISO_27002_2022_NL_8.28_BT%20Veilig%20coderen.md) | [[ISO_27002_2022_NL_NN 8.28 Veilig coderen \|NN]] | | 8.29 | Testen van de beveiliging tijdens ontwikkeling en acceptatie | [[ISO_27002_2022_NL_8.29_BT Testen van de beveiliging tijdens ontwikkeling en acceptatie \|BT]] | [[ISO_27002_2022_NL_NN 8.29 Testen van de beveiliging tijdens ontwikkeling en acceptatie \|NN]] | | 8.30 | Uitbestede systeemontwikkeling | [[ISO_27002_2022_NL_8.30_BT Uitbestede systeemontwikkeling \|BT]] | [[ISO_27002_2022_NL_NN 8.30 Uitbestede systeemontwikkeling \|NN]] | | 8.31 | Scheiding van ontwikkel-, test- en productieomgevingen | [[ISO_27002_2022_NL_8.31_BT Scheiding van ontwikkel-, test- en productieomgevingen \|BT]] | [[ISO_27002_2022_NL_NN 8.31 Scheiding van ontwikkel-, test- en productieomgevingen \|NN]] | -| 8.32 | Wijzigingsbeheer | [[ISO_27002_2022_NL_8.32_BT Wijzigingsbeheer \|BT]] | [[ISO_27002_2022_NL_NN 8.32 Wijzigingsbeheer \|NN]] | +| 8.32 | Wijzigingsbeheer | [BT](ISO_27002_2022_NL_8.32_BT%20Wijzigingsbeheer.md) | [[ISO_27002_2022_NL_NN 8.32 Wijzigingsbeheer \|NN]] | | 8.33 | Testgegevens | [[ISO_27002_2022_NL_8.33_BT Testgegevens \|BT]] | [[ISO_27002_2022_NL_NN 8.33 Testgegevens \|NN]] | | 8.34 | Bescherming van informatiesystemen tijdens audits | [[ISO_27002_2022_NL_8.34_BT Bescherming van informatiesystemen tijdens audits \|BT]] | [[ISO_27002_2022_NL_NN 8.34 Bescherming van informatiesystemen tijdens audits \|NN]] | diff --git a/Corpus/Standards/ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_PDF.md b/Corpus/Standards/ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_PDF.md index 94f268e..535ba5a 100644 --- a/Corpus/Standards/ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_PDF.md +++ b/Corpus/Standards/ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_PDF.md @@ -4,5 +4,5 @@ Standard: ISO 27002:2022 NL --- # ISO 27002 2022 NL -![[ISO_IEC 27002_2022_NL.pdf]] +![](../../../../../๐Ÿ“Ž%20Attachments/ISO_IEC%2027002_2022_NL.pdf) diff --git a/Corpus/Standards/ISO_27002_2022_What's_New.md b/Corpus/Standards/ISO_27002_2022_What's_New.md index 0707ea4..1d1093f 100644 --- a/Corpus/Standards/ISO_27002_2022_What's_New.md +++ b/Corpus/Standards/ISO_27002_2022_What's_New.md @@ -8,7 +8,7 @@ ISO 27001:2013 had 114 controls in Annex A, ISO/IEC 27002:2022 introduces 93 con https://ictinstitute.nl/iso270022022-what-is-new/ See also [[ICT Institute's ISO 27002 2022 in plain English]] -Wentz Wu has created a 'control taxonomy' in [[ISO-27002-2022-Controls-categorized.pdf]]: +Wentz Wu has created a 'control taxonomy' in [](../../../๐Ÿ“Ž%20Attachments/ISO-27002-2022-Controls-categorized.pdf): - Control type: Preventive, Detective, and Corrective. - Information security properties: Confidentiality, Integrity and Availability. @@ -39,6 +39,6 @@ The norm categorizes the controls in 4 sections: - technological controls - organizational controls -![[ISO_IEC-27002_2022-Controls_I.jpg]] +![](../../../๐Ÿ“Ž%20Attachments/ISO_IEC-27002_2022-Controls_I.jpg) -![[ISO_IEC-27002_2022-Controls_II.jpg]] \ No newline at end of file +![](../../../๐Ÿ“Ž%20Attachments/ISO_IEC-27002_2022-Controls_II.jpg) \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_00_MoC Index EXT.md b/Corpus/Standards/MoCs/ISO_27001_2022_00_MoC Index EXT.md index 445b5b0..415269c 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_00_MoC Index EXT.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_00_MoC Index EXT.md @@ -15,99 +15,99 @@ | 4.2 | [[ISO_27002_OT_4.2 Themes and attributes \| Themes and attributes ]] | | | 4.3 | [[ISO_27002_OT_4.3 Control layout \| Control layout ]] | | | **5** | **Organizational controls** | | -| 5.1 | [[ISO_27002_2022_5.1_MoC Policies for information security \|Policies for information security ]] | 05.1.1, 05.1.2 | -| 5.2 | [[ISO_27002_2022_5.2_MoC Information security roles and responsibilities \|Information security roles and responsibilities ]] | 06.1.1 | -| 5.3 | [[ISO_27002_2022_5.3_MoC Segregation of duties \|Segregation of duties ]] | 06.1.2 | -| 5.4 | [[ISO_27002_2022_5.4_MoC Management responsibilities \|Management responsibilities ]] | 07.2.1 | -| 5.5 | [[ISO_27002_2022_5.5_MoC Contact with authorities \|Contact with authorities ]] | 06.1.3 | -| 5.6 | [[ISO_27002_2022_5.6_MoC Contact with special interest groups \|Contact with special interest groups ]] | 06.1.4 | -| 5.7 | [[ISO_27002_2022_5.7_MoC Threat intelligence \|Threat intelligence ]] | New | -| 5.8 | [[ISO_27002_2022_5.8_MoC Information security in project management \|Information security in project management ]] | 06.1.5, 14.1.1 | -| 5.9 | [[ISO_27002_2022_5.9_MoC Inventory of information and other associated assets \|Inventory of information and other associated assets ]] | 08.1.1, 08.1.2 | -| 5.10 | [[ISO_27002_2022_5.10_MoC Acceptable use of information and other associated assets \|Acceptable use of information and other associated assets ]] | 08.1.3, 08.2.3 | -| 5.11 | [[ISO_27002_2022_5.11_MoC Return of assets \|Return of assets ]] | 08.1.4 | -| 5.12 | [[ISO_27002_2022_5.12_MoC Classification of information \|Classification of information ]] | 08.2.1 | -| 5.13 | [[ISO_27002_2022_5.13_MoC Labelling of information \|Labelling of information ]] | 08.2.2 | -| 5.14 | [[ISO_27002_2022_5.14_MoC Information transfer \|Information transfer ]] | 13.2.1, 13.2.2, 13.2.3 | -| 5.15 | [[ISO_27002_2022_5.15_MoC Access control \|Access control ]] | 09.1.1, 09.1.2 | -| 5.16 | [[ISO_27002_2022_5.16_MoC Identity management \|Identity management ]] | 09.2.1 | -| 5.17 | [[ISO_27002_2022_5.17_MoC Authentication information \|Authentication information ]] | 09.2.4, 09.3.1, 09.4.3 | -| 5.18 | [[ISO_27002_2022_5.18_MoC Access rights \|Access rights ]] | 09.2.2, 09.2.5, 09.2.6 | -| 5.19 | [[ISO_27002_2022_5.19_MoC Information security in supplier relationships \|Information security in supplier relationships ]] | 15.1.1 | -| 5.20 | [[ISO_27002_2022_5.20_MoC Addressing information security within supplier agreements \|Addressing information security within supplier agreements ]] | 15.1.2 | -| 5.21 | [[ISO_27002_2022_5.21_MoC Managing information security in the ICT supply chain \|Managing information security in the ICT supply chain ]] | 15.1.3 | -| 5.22 | [[ISO_27002_2022_5.22_MoC Monitoring, review and change management of supplier services \|Monitoring, review and change management of supplier services ]] | 15.2.1, 15.2.2 | -| 5.23 | [[ISO_27002_2022_5.23_MoC Information security for use of cloud services \|Information security for use of cloud services ]] | New | -| 5.24 | [[ISO_27002_2022_5.24_MoC Information security incident management planning and preparation \|Information security incident management planning and preparation ]] | 16.1.1 | -| 5.25 | [[ISO_27002_2022_5.25_MoC Assessment and decision on information security events \|Assessment and decision on information security events ]] | 16.1.4 | -| 5.26 | [[ISO_27002_2022_5.26_MoC Response to information security incidents \|Response to information security incidents ]] | 16.1.5 | -| 5.27 | [[ISO_27002_2022_5.27_MoC Learning from information security incidents \|Learning from information security incidents ]] | 16.1.6 | -| 5.28 | [[ISO_27002_2022_5.28_MoC Collection of evidence \|Collection of evidence ]] | 16.1.7 | -| 5.29 | [[ISO_27002_2022_5.29_MoC Information security during disruption \|Information security during disruption ]] | 17.1.1, 17.1.2, 17.1.3 | -| 5.30 | [[ISO_27002_2022_5.30_MoC ICT readiness for business continuity \|ICT readiness for business continuity ]] | New | -| 5.31 | [[ISO_27002_2022_5.31_MoC Legal, statutory, regulatory and contractual requirements \|Legal, statutory, regulatory and contractual requirements ]] | 18.1.1, 18.1.5 | -| 5.32 | [[ISO_27002_2022_5.32_MoC Intellectual property rights \|Intellectual property rights ]] | 18.1.2 | -| 5.33 | [[ISO_27002_2022_5.33_MoC Protection of records \|Protection of records ]] | 18.1.3 | -| 5.34 | [[ISO_27002_2022_5.34_MoC Privacy and protection of PII \|Privacy and protection of PII ]] | 18.1.4 | -| 5.35 | [[ISO_27002_2022_5.35_MoC Independent review of information security \|Independent review of information security ]] | 18.2.1 | -| 5.36 | [[ISO_27002_2022_5.36_MoC Compliance with policies, rules and standards for information security \|Compliance with policies, rules and standards for information security]] | 18.2.2, 18.2.3 | -| 5.37 | [[ISO_27002_2022_5.37_MoC Documented operating procedures \|Documented operating procedures ]] | 12.1.1 | +| 5.1 | [Policies for information security ](../../../../๐Ÿงฑ%20Projects/iso27DIY%20mk%20I/ISO_27002_2022_5.1_MoC%20Policies%20for%20information%20security.md) | 05.1.1, 05.1.2 | +| 5.2 | [Information security roles and responsibilities ](ISO_27002_2022_5.2_MoC%20Information%20security%20roles%20and%20responsibilities.md) | 06.1.1 | +| 5.3 | [Segregation of duties ](ISO_27002_2022_5.3_MoC%20Segregation%20of%20duties.md) | 06.1.2 | +| 5.4 | [Management responsibilities ](ISO_27002_2022_5.4_MoC%20Management%20responsibilities.md) | 07.2.1 | +| 5.5 | [Contact with authorities ](ISO_27002_2022_5.5_MoC%20Contact%20with%20authorities.md) | 06.1.3 | +| 5.6 | [Contact with special interest groups ](ISO_27002_2022_5.6_MoC%20Contact%20with%20special%20interest%20groups.md) | 06.1.4 | +| 5.7 | [Threat intelligence ](ISO_27002_2022_5.7_MoC%20Threat%20intelligence.md) | New | +| 5.8 | [Information security in project management ](ISO_27002_2022_5.8_MoC%20Information%20security%20in%20project%20management.md) | 06.1.5, 14.1.1 | +| 5.9 | [Inventory of information and other associated assets ](../../../../ISO_27002_2022_5.9_MoC%20Inventory%20of%20information%20and%20other%20associated%20assets.md) | 08.1.1, 08.1.2 | +| 5.10 | [Acceptable use of information and other associated assets ](ISO_27002_2022_5.10_MoC%20Acceptable%20use%20of%20information%20and%20other%20associated%20assets.md) | 08.1.3, 08.2.3 | +| 5.11 | [Return of assets ](ISO_27002_2022_5.11_MoC%20Return%20of%20assets.md) | 08.1.4 | +| 5.12 | [Classification of information ](ISO_27002_2022_5.12_MoC%20Classification%20of%20information.md) | 08.2.1 | +| 5.13 | [Labelling of information ](ISO_27002_2022_5.13_MoC%20Labelling%20of%20information.md) | 08.2.2 | +| 5.14 | [Information transfer ](ISO_27002_2022_5.14_MoC%20Information%20transfer.md) | 13.2.1, 13.2.2, 13.2.3 | +| 5.15 | [Access control ](ISO_27002_2022_5.15_MoC%20Access%20control.md) | 09.1.1, 09.1.2 | +| 5.16 | [Identity management ](ISO_27002_2022_5.16_MoC%20Identity%20management.md) | 09.2.1 | +| 5.17 | [Authentication information ](ISO_27002_2022_5.17_MoC%20Authentication%20information.md) | 09.2.4, 09.3.1, 09.4.3 | +| 5.18 | [Access rights ](ISO_27002_2022_5.18_MoC%20Access%20rights.md) | 09.2.2, 09.2.5, 09.2.6 | +| 5.19 | [Information security in supplier relationships ](ISO_27002_2022_5.19_MoC%20Information%20security%20in%20supplier%20relationships.md) | 15.1.1 | +| 5.20 | [Addressing information security within supplier agreements ](ISO_27002_2022_5.20_MoC%20Addressing%20information%20security%20within%20supplier%20agreements.md) | 15.1.2 | +| 5.21 | [Managing information security in the ICT supply chain ](ISO_27002_2022_5.21_MoC%20Managing%20information%20security%20in%20the%20ICT%20supply%20chain.md) | 15.1.3 | +| 5.22 | [Monitoring, review and change management of supplier services ](ISO_27002_2022_5.22_MoC%20Monitoring,%20review%20and%20change%20management%20of%20supplier%20services.md) | 15.2.1, 15.2.2 | +| 5.23 | [Information security for use of cloud services ](ISO_27002_2022_5.23_MoC%20Information%20security%20for%20use%20of%20cloud%20services.md) | New | +| 5.24 | [Information security incident management planning and preparation ](ISO_27002_2022_5.24_MoC%20Information%20security%20incident%20management%20planning%20and%20preparation.md) | 16.1.1 | +| 5.25 | [Assessment and decision on information security events ](ISO_27002_2022_5.25_MoC%20Assessment%20and%20decision%20on%20information%20security%20events.md) | 16.1.4 | +| 5.26 | [Response to information security incidents ](ISO_27002_2022_5.26_MoC%20Response%20to%20information%20security%20incidents.md) | 16.1.5 | +| 5.27 | [Learning from information security incidents ](ISO_27002_2022_5.27_MoC%20Learning%20from%20information%20security%20incidents.md) | 16.1.6 | +| 5.28 | [Collection of evidence ](ISO_27002_2022_5.28_MoC%20Collection%20of%20evidence.md) | 16.1.7 | +| 5.29 | [Information security during disruption ](ISO_27002_2022_5.29_MoC%20Information%20security%20during%20disruption.md) | 17.1.1, 17.1.2, 17.1.3 | +| 5.30 | [ICT readiness for business continuity ](ISO_27002_2022_5.30_MoC%20ICT%20readiness%20for%20business%20continuity.md) | New | +| 5.31 | [Legal, statutory, regulatory and contractual requirements ](ISO_27002_2022_5.31_MoC%20Legal,%20statutory,%20regulatory%20and%20contractual%20requirements.md) | 18.1.1, 18.1.5 | +| 5.32 | [Intellectual property rights ](ISO_27002_2022_5.32_MoC%20Intellectual%20property%20rights.md) | 18.1.2 | +| 5.33 | [Protection of records ](ISO_27002_2022_5.33_MoC%20Protection%20of%20records.md) | 18.1.3 | +| 5.34 | [Privacy and protection of PII ](ISO_27002_2022_5.34_MoC%20Privacy%20and%20protection%20of%20PII.md) | 18.1.4 | +| 5.35 | [Independent review of information security ](ISO_27002_2022_5.35_MoC%20Independent%20review%20of%20information%20security.md) | 18.2.1 | +| 5.36 | [Compliance with policies, rules and standards for information security](ISO_27002_2022_5.36_MoC%20Compliance%20with%20policies,%20rules%20and%20standards%20for%20information%20security.md) | 18.2.2, 18.2.3 | +| 5.37 | [Documented operating procedures ](ISO_27002_2022_5.37_MoC%20Documented%20operating%20procedures.md) | 12.1.1 | | **6** | **People controls** | | -| 6.1 | [[ISO_27002_2022_6.1_MoC Screening \|Screening ]] | 07.1.1 | -| 6.2 | [[ISO_27002_2022_6.2_MoC Terms and conditions of employment \|Terms and conditions of employment ]] | 07.1.2 | -| 6.3 | [[ISO_27002_2022_6.3_MoC Information security awareness, education and training \|Information security awareness, education and training ]] | 07.2.2 | -| 6.4 | [[ISO_27002_2022_6.4_MoC Disciplinary process \|Disciplinary process ]] | 07.2.3 | -| 6.5 | [[ISO_27002_2022_6.5_MoC Responsibilities after termination or change of employment \|Responsibilities after termination or change of employment ]] | 07.3.1 | -| 6.6 | [[ISO_27002_2022_6.6_MoC Confidentiality or non-disclosure agreements \|Confidentiality or non-disclosure agreements ]] | 13.2.4 | -| 6.7 | [[ISO_27002_2022_6.7_MoC Remote working \|Remote working ]] | 06.2.2 | -| 6.8 | [[ISO_27002_2022_6.8_MoC Information security event reporting \|Information security event reporting ]] | 16.1.2, 16.1.3 | +| 6.1 | [Screening ](ISO_27002_2022_6.1_MoC%20Screening.md) | 07.1.1 | +| 6.2 | [Terms and conditions of employment ](ISO_27002_2022_6.2_MoC%20Terms%20and%20conditions%20of%20employment.md) | 07.1.2 | +| 6.3 | [Information security awareness, education and training ](ISO_27002_2022_6.3_MoC%20Information%20security%20awareness,%20education%20and%20training.md) | 07.2.2 | +| 6.4 | [Disciplinary process ](ISO_27002_2022_6.4_MoC%20Disciplinary%20process.md) | 07.2.3 | +| 6.5 | [Responsibilities after termination or change of employment ](ISO_27002_2022_6.5_MoC%20Responsibilities%20after%20termination%20or%20change%20of%20employment.md) | 07.3.1 | +| 6.6 | [Confidentiality or non-disclosure agreements ](ISO_27002_2022_6.6_MoC%20Confidentiality%20or%20non-disclosure%20agreements.md) | 13.2.4 | +| 6.7 | [Remote working ](ISO_27002_2022_6.7_MoC%20Remote%20working.md) | 06.2.2 | +| 6.8 | [Information security event reporting ](ISO_27002_2022_6.8_MoC%20Information%20security%20event%20reporting.md) | 16.1.2, 16.1.3 | | **7** | **Physical controls** | | -| 7.1 | [[ISO_27002_2022_7.1_MoC Physical security perimeters \|Physical security perimeters ]] | 11.1.1 | -| 7.2 | [[ISO_27002_2022_7.2_MoC Physical entry \|Physical entry ]] | 11.1.2, 11.1.6 | -| 7.3 | [[ISO_27002_2022_7.3_MoC Securing offices, rooms and facilities \|Securing offices, rooms and facilities ]] | 11.1.3 | -| 7.4 | [[ISO_27002_2022_7.4_MoC Physical security monitoring \|Physical security monitoring ]] | New | -| 7.5 | [[ISO_27002_2022_7.5_MoC Protecting against physical and environmental threats \|Protecting against physical and environmental threats ]] | 11.1.4 | -| 7.6 | [[ISO_27002_2022_7.6_MoC Working in secure areas \|Working in secure areas ]] | 11.1.5 | -| 7.7 | [[ISO_27002_2022_7.7_MoC Clear desk and clear screen \|Clear desk and clear screen ]] | 11.2.9 | -| 7.8 | [[ISO_27002_2022_7.8_MoC Equipment siting and protection \|Equipment siting and protection ]] | 11.2.1 | -| 7.9 | [[ISO_27002_2022_7.9_MoC Security of assets off-premises \|Security of assets off-premises ]] | 11.2.6 | -| 7.10 | [[ISO_27002_2022_7.10_MoC Storage media \|Storage media ]] | 08.3.1, 08.3.2, 08.3.3, 11.2.5 | -| 7.11 | [[ISO_27002_2022_7.11_MoC Supporting utilities \|Supporting utilities ]] | 11.2.2 | -| 7.12 | [[ISO_27002_2022_7.12_MoC Cabling security \|Cabling security ]] | 11.2.3 | -| 7.13 | [[ISO_27002_2022_7.13_MoC Equipment maintenance \|Equipment maintenance ]] | 11.2.4 | -| 7.14 | [[ISO_27002_2022_7.14_MoC Secure disposal or re-use of equipment \|Secure disposal or re-use of equipment ]] | 11.2.7 | +| 7.1 | [Physical security perimeters ](ISO_27002_2022_7.1_MoC%20Physical%20security%20perimeters.md) | 11.1.1 | +| 7.2 | [Physical entry ](ISO_27002_2022_7.2_MoC%20Physical%20entry.md) | 11.1.2, 11.1.6 | +| 7.3 | [Securing offices, rooms and facilities ](ISO_27002_2022_7.3_MoC%20Securing%20offices,%20rooms%20and%20facilities.md) | 11.1.3 | +| 7.4 | [Physical security monitoring ](ISO_27002_2022_7.4_MoC%20Physical%20security%20monitoring.md) | New | +| 7.5 | [Protecting against physical and environmental threats ](ISO_27002_2022_7.5_MoC%20Protecting%20against%20physical%20and%20environmental%20threats.md) | 11.1.4 | +| 7.6 | [Working in secure areas ](ISO_27002_2022_7.6_MoC%20Working%20in%20secure%20areas.md) | 11.1.5 | +| 7.7 | [Clear desk and clear screen ](ISO_27002_2022_7.7_MoC%20Clear%20desk%20and%20clear%20screen.md) | 11.2.9 | +| 7.8 | [Equipment siting and protection ](ISO_27002_2022_7.8_MoC%20Equipment%20siting%20and%20protection.md) | 11.2.1 | +| 7.9 | [Security of assets off-premises ](ISO_27002_2022_7.9_MoC%20Security%20of%20assets%20off-premises.md) | 11.2.6 | +| 7.10 | [Storage media ](ISO_27002_2022_7.10_MoC%20Storage%20media.md) | 08.3.1, 08.3.2, 08.3.3, 11.2.5 | +| 7.11 | [Supporting utilities ](ISO_27002_2022_7.11_MoC%20Supporting%20utilities.md) | 11.2.2 | +| 7.12 | [Cabling security ](ISO_27002_2022_7.12_MoC%20Cabling%20security.md) | 11.2.3 | +| 7.13 | [Equipment maintenance ](ISO_27002_2022_7.13_MoC%20Equipment%20maintenance.md) | 11.2.4 | +| 7.14 | [Secure disposal or re-use of equipment ](ISO_27002_2022_7.14_MoC%20Secure%20disposal%20or%20re-use%20of%20equipment.md) | 11.2.7 | | **8** | **Technological controls** | | -| 8.1 | [[ISO_27002_2022_8.1_MoC User endpoint devices \|User endpoint devices ]] | 06.2.1, 11.2.8 | -| 8.2 | [[ISO_27002_2022_8.2_MoC Privileged access rights \|Privileged access rights ]] | 09.2.3 | -| 8.3 | [[ISO_27002_2022_8.3_MoC Information access restriction \|Information access restriction ]] | 09.4.1 | -| 8.4 | [[ISO_27002_2022_8.4_MoC Access to source code \|Access to source code ]] | 09.4.5 | -| 8.5 | [[ISO_27002_2022_8.5_MoC Secure authentication \|Secure authentication ]] | 09.4.2 | -| 8.6 | [[ISO_27002_2022_8.6_MoC Capacity management \|Capacity management ]] | 12.1.3 | -| 8.7 | [[ISO_27002_2022_8.7_MoC Protection against malware \|Protection against malware ]] | 12.2.1 | -| 8.8 | [[ISO_27002_2022_8.8_MoC Management of technical vulnerabilities \|Management of technical vulnerabilities ]] | 12.6.1, 18.2.3 | -| 8.9 | [[ISO_27002_2022_8.9_MoC Configuration management \|Configuration management ]] | New | -| 8.10 | [[ISO_27002_2022_8.10_MoC Information deletion \|Information deletion ]] | New | -| 8.11 | [[ISO_27002_2022_8.11_MoC Data masking \|Data masking ]] | New | -| 8.12 | [[ISO_27002_2022_8.12_MoC Data leakage prevention \|Data leakage prevention ]] | New | -| 8.13 | [[ISO_27002_2022_8.13_MoC Information backup \|Information backup ]] | 12.3.1 | -| 8.14 | [[ISO_27002_2022_8.14_MoC Redundancy of information processing facilities \|Redundancy of information processing facilities ]] | 17.2.1 | -| 8.15 | [[ISO_27002_2022_8.15_MoC Logging \|Logging ]] | 12.4.1, 12.4.2, 12.4.3 | -| 8.16 | [[ISO_27002_2022_8.16_MoC Monitoring activities \|Monitoring activities ]] | New | -| 8.17 | [[ISO_27002_2022_8.17_MoC Clock synchronization \|Clock synchronization ]] | 12.4.4 | -| 8.18 | [[ISO_27002_2022_8.18_MoC Use of privileged utility programs \|Use of privileged utility programs ]] | 09.4.4 | -| 8.19 | [[ISO_27002_2022_8.19_MoC Installation of software on operational systems \|Installation of software on operational systems ]] | 12.5.1, 12.6.2 | -| 8.20 | [[ISO_27002_2022_8.20_MoC Networks security \|Networks security ]] | 13.1.1 | -| 8.21 | [[ISO_27002_2022_8.21_MoC Security of network services \|Security of network services ]] | 13.1.2 | -| 8.22 | [[ISO_27002_2022_8.22_MoC Segregation of networks \|Segregation of networks ]] | 13.1.3 | -| 8.23 | [[ISO_27002_2022_8.23_MoC Web filtering \|Web filtering ]] | New | -| 8.24 | [[ISO_27002_2022_8.24_MoC Use of cryptography \|Use of cryptography ]] | 10.1.1, 10.1.2 | -| 8.25 | [[ISO_27002_2022_8.25_MoC Secure development life cycle \|Secure development life cycle ]] | 14.2.1 | -| 8.26 | [[ISO_27002_2022_8.26_MoC Application security requirements \|Application security requirements ]] | 14.1.2, 14.1.3 | -| 8.27 | [[ISO_27002_2022_8.27_MoC Secure system architecture and engineering principles \|Secure system architecture and engineering principles ]] | 14.2.5 | -| 8.28 | [[ISO_27002_2022_8.28_MoC Secure coding \|Secure coding ]] | New | -| 8.29 | [[ISO_27002_2022_8.29_MoC Security testing in development and acceptance \|Security testing in development and acceptance ]] | 14.2.8, 14.2.9 | -| 8.30 | [[ISO_27002_2022_8.30_MoC Outsourced development \|Outsourced development ]] | 14.2.7 | -| 8.31 | [[ISO_27002_2022_8.31_MoC Separation of development, test and production environments \|Separation of development, test and production environments ]] | 12.1.4, 14.2.6 | -| 8.32 | [[ISO_27002_2022_8.32_MoC Change management \|Change management ]] | 12.1.2, 14.2.2, 14.2.3, 14.2.4 | -| 8.33 | [[ISO_27002_2022_8.33_MoC Test information \|Test information ]] | 14.3.1 | -| 8.34 | [[ISO_27002_2022_8.34_MoC Protection of information systems during audit testing \|Protection of information systems during audit testing ]] | 12.7.1 | +| 8.1 | [User endpoint devices ](ISO_27002_2022_8.1_MoC%20User%20endpoint%20devices.md) | 06.2.1, 11.2.8 | +| 8.2 | [Privileged access rights ](ISO_27002_2022_8.2_MoC%20Privileged%20access%20rights.md) | 09.2.3 | +| 8.3 | [Information access restriction ](ISO_27002_2022_8.3_MoC%20Information%20access%20restriction.md) | 09.4.1 | +| 8.4 | [Access to source code ](ISO_27002_2022_8.4_MoC%20Access%20to%20source%20code.md) | 09.4.5 | +| 8.5 | [Secure authentication ](ISO_27002_2022_8.5_MoC%20Secure%20authentication.md) | 09.4.2 | +| 8.6 | [Capacity management ](ISO_27002_2022_8.6_MoC%20Capacity%20management.md) | 12.1.3 | +| 8.7 | [Protection against malware ](ISO_27002_2022_8.7_MoC%20Protection%20against%20malware.md) | 12.2.1 | +| 8.8 | [Management of technical vulnerabilities ](ISO_27002_2022_8.8_MoC%20Management%20of%20technical%20vulnerabilities.md) | 12.6.1, 18.2.3 | +| 8.9 | [Configuration management ](ISO_27002_2022_8.9_MoC%20Configuration%20management.md) | New | +| 8.10 | [Information deletion ](ISO_27002_2022_8.10_MoC%20Information%20deletion.md) | New | +| 8.11 | [Data masking ](ISO_27002_2022_8.11_MoC%20Data%20masking.md) | New | +| 8.12 | [Data leakage prevention ](ISO_27002_2022_8.12_MoC%20Data%20leakage%20prevention.md) | New | +| 8.13 | [Information backup ](ISO_27002_2022_8.13_MoC%20Information%20backup.md) | 12.3.1 | +| 8.14 | [Redundancy of information processing facilities ](ISO_27002_2022_8.14_MoC%20Redundancy%20of%20information%20processing%20facilities.md) | 17.2.1 | +| 8.15 | [Logging ](ISO_27002_2022_8.15_MoC%20Logging.md) | 12.4.1, 12.4.2, 12.4.3 | +| 8.16 | [Monitoring activities ](ISO_27002_2022_8.16_MoC%20Monitoring%20activities.md) | New | +| 8.17 | [Clock synchronization ](ISO_27002_2022_8.17_MoC%20Clock%20synchronization.md) | 12.4.4 | +| 8.18 | [Use of privileged utility programs ](ISO_27002_2022_8.18_MoC%20Use%20of%20privileged%20utility%20programs.md) | 09.4.4 | +| 8.19 | [Installation of software on operational systems ](ISO_27002_2022_8.19_MoC%20Installation%20of%20software%20on%20operational%20systems.md) | 12.5.1, 12.6.2 | +| 8.20 | [Networks security ](ISO_27002_2022_8.20_MoC%20Networks%20security.md) | 13.1.1 | +| 8.21 | [Security of network services ](ISO_27002_2022_8.21_MoC%20Security%20of%20network%20services.md) | 13.1.2 | +| 8.22 | [Segregation of networks ](ISO_27002_2022_8.22_MoC%20Segregation%20of%20networks.md) | 13.1.3 | +| 8.23 | [Web filtering ](ISO_27002_2022_8.23_MoC%20Web%20filtering.md) | New | +| 8.24 | [Use of cryptography ](ISO_27002_2022_8.24_MoC%20Use%20of%20cryptography.md) | 10.1.1, 10.1.2 | +| 8.25 | [Secure development life cycle ](ISO_27002_2022_8.25_MoC%20Secure%20development%20life%20cycle.md) | 14.2.1 | +| 8.26 | [Application security requirements ](ISO_27002_2022_8.26_MoC%20Application%20security%20requirements.md) | 14.1.2, 14.1.3 | +| 8.27 | [Secure system architecture and engineering principles ](ISO_27002_2022_8.27_MoC%20Secure%20system%20architecture%20and%20engineering%20principles.md) | 14.2.5 | +| 8.28 | [Secure coding ](ISO_27002_2022_8.28_MoC%20Secure%20coding.md) | New | +| 8.29 | [Security testing in development and acceptance ](ISO_27002_2022_8.29_MoC%20Security%20testing%20in%20development%20and%20acceptance.md) | 14.2.8, 14.2.9 | +| 8.30 | [Outsourced development ](ISO_27002_2022_8.30_MoC%20Outsourced%20development.md) | 14.2.7 | +| 8.31 | [Separation of development, test and production environments ](ISO_27002_2022_8.31_MoC%20Separation%20of%20development,%20test%20and%20production%20environments.md) | 12.1.4, 14.2.6 | +| 8.32 | [Change management ](ISO_27002_2022_8.32_MoC%20Change%20management.md) | 12.1.2, 14.2.2, 14.2.3, 14.2.4 | +| 8.33 | [Test information ](ISO_27002_2022_8.33_MoC%20Test%20information.md) | 14.3.1 | +| 8.34 | [Protection of information systems during audit testing ](ISO_27002_2022_8.34_MoC%20Protection%20of%20information%20systems%20during%20audit%20testing.md) | 12.7.1 | diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_00_MoC Index.md b/Corpus/Standards/MoCs/ISO_27001_2022_00_MoC Index.md index d4c3fe5..29e5cfb 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_00_MoC Index.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_00_MoC Index.md @@ -3,50 +3,50 @@ | Clause | Title | | ---------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| **F** | **[[ISO_27001_OT F Foreword\|Foreword]]** | -| **0** | **[[ISO_27001_2022_OT 0 Introduction\|Introduction]]** | -| **1** | **[[ISO_27001_2022_OT 1 Scope\|Scope]]** | -| **2** | **[[ISO_27001_2022_OT 2 Normative references\|Normative references]]** | -| **3** | **[[ISO_27001_OT Terms and definitions\|Terms and definitions]]** | -| **4** | **[[ISO_27001_2022_4_MoC Context of the organization\|Context of the organization]]** | -| 4.1 | [[ISO_27001_2022_4.1_MoC Understanding the organization and its context \|Understanding the organization and its context ]] | -| 4.2 | [[ISO_27001_2022_4.2_MoC Understanding the needs and expectations of interested parties \|Understanding the needs and expectations of interested parties ]] | -| 4.3 | [[ISO_27001_2022_4.3_MoC Determining the scope of the information security management system \|Determining the scope of the information security management system ]] | -| 4.4 | [[ISO_27001_2022_4.4_MoC Information security management system \|Information security management system ]] | -| **5** | **[[ISO_27001_2022_5_MoC Leadership\|Leadership]]** | -| 5.1 | [[ISO_27001_2022_5.1_MoC Leadership and commitment \|Leadership and commitment ]] | -| 5.2 | [[ISO_27001_2022_5.2_MoC Policy \|Policy ]] | -| 5.3 | [[ISO_27001_2022_5.3_MoC Organizational roles, responsibilities and authorities \|Organizational roles, responsibilities and authorities ]] | -| **6** | **[[ISO_27001_2022_6_MoC Planning\|Planning]]** | -| 6.1 | [[ISO_27001_2022_6.1_MoC Actions to address risks and opportunities \|Actions to address risks and opportunities ]] | -| 6.1.1 | [[ISO_27001_2022_6.1.1_MoC General\|General ]] | -| 6.1.2 | [[ISO_27001_2022_6.1.2_MoC Information security risk assessment\|Information security risk assessment ]] | -| 6.1.3 | [[ISO_27001_2022_6.1.3_MoC Information security risk treatment\|Information security risk treatment ]] | -| 6.2 | [[ISO_27001_2022_6.2_MoC Information security objectives and planning to achieve them \|Information security objectives and planning to achieve them ]] | -| 6.3 | [[ISO_27001_2022_6.3_MoC Planning of changes \|Planning of changes ]] | -| **7** | **[[ISO_27001_2022_7_MoC Support\|Support]]** | -| 7.1 | [[ISO_27001_2022_7.1_MoC Resources \| Resources ]] | -| 7.2 | [[ISO_27001_2022_7.2_MoC Competence \| Competence ]] | -| 7.3 | [[ISO_27001_2022_7.3_MoC Awareness \| Awareness ]] | -| 7.4 | [[ISO_27001_2022_7.4_MoC Communication \| Communication ]] | -| 7.5 | [[ISO_27001_2022_7.5_MoC Documented information \| Documented information ]] | +| **F** | **[Foreword](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT%20F%20Foreword.md)** | +| **0** | **[Introduction](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT%200%20Introduction.md)** | +| **1** | **[Scope](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT%201%20Scope.md)** | +| **2** | **[Normative references](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT%202%20Normative%20references.md)** | +| **3** | **[Terms and definitions](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT%20Terms%20and%20definitions.md)** | +| **4** | **[Context of the organization](ISO_27001_2022_4_MoC%20Context%20of%20the%20organization.md)** | +| 4.1 | [Understanding the organization and its context ](ISO_27001_2022_4.1_MoC%20Understanding%20the%20organization%20and%20its%20context.md) | +| 4.2 | [Understanding the needs and expectations of interested parties ](ISO_27001_2022_4.2_MoC%20Understanding%20the%20needs%20and%20expectations%20of%20interested%20parties.md) | +| 4.3 | [Determining the scope of the information security management system ](ISO_27001_2022_4.3_MoC%20Determining%20the%20scope%20of%20the%20information%20security%20management%20system.md) | +| 4.4 | [Information security management system ](ISO_27001_2022_4.4_MoC%20Information%20security%20management%20system.md) | +| **5** | **[Leadership](ISO_27001_2022_5_MoC%20Leadership.md)** | +| 5.1 | [Leadership and commitment ](ISO_27001_2022_5.1_MoC%20Leadership%20and%20commitment.md) | +| 5.2 | [Policy ](ISO_27001_2022_5.2_MoC%20Policy.md) | +| 5.3 | [Organizational roles, responsibilities and authorities ](ISO_27001_2022_5.3_MoC%20Organizational%20roles,%20responsibilities%20and%20authorities.md) | +| **6** | **[Planning](ISO_27001_2022_6_MoC%20Planning.md)** | +| 6.1 | [Actions to address risks and opportunities ](ISO_27001_2022_6.1_MoC%20Actions%20to%20address%20risks%20and%20opportunities.md) | +| 6.1.1 | [General ](ISO_27001_2022_6.1.1_MoC%20General.md) | +| 6.1.2 | [Information security risk assessment ](ISO_27001_2022_6.1.2_MoC%20Information%20security%20risk%20assessment.md) | +| 6.1.3 | [Information security risk treatment ](ISO_27001_2022_6.1.3_MoC%20Information%20security%20risk%20treatment.md) | +| 6.2 | [Information security objectives and planning to achieve them ](ISO_27001_2022_6.2_MoC%20Information%20security%20objectives%20and%20planning%20to%20achieve%20them.md) | +| 6.3 | [Planning of changes ](ISO_27001_2022_6.3_MoC%20Planning%20of%20changes.md) | +| **7** | **[Support](ISO_27001_2022_7_MoC%20Support.md)** | +| 7.1 | [ Resources ](ISO_27001_2022_7.1_MoC%20Resources.md) | +| 7.2 | [ Competence ](ISO_27001_2022_7.2_MoC%20Competence.md) | +| 7.3 | [ Awareness ](ISO_27001_2022_7.3_MoC%20Awareness.md) | +| 7.4 | [ Communication ](ISO_27001_2022_7.4_MoC%20Communication.md) | +| 7.5 | [ Documented information ](ISO_27001_2022_7.5_MoC%20Documented%20information.md) | | 7.5.1 | General โ†‘ | | 7.5.2 | Creating and updating โ†‘ | | 7.5.3 | Control of documented information โ†‘ | -| **8** | **[[ISO_27001_2022_8_MoC Operation\|Operation]]** | -| 8.1 | [[ISO_27001_2022_8.1_MoC Operational planning and control \|Operational planning and control ]] | -| 8.2 | [[ISO_27001_2022_8.2_MoC Information security risk assessment \|Information security risk assessment ]] | -| 8.3 | [[ISO_27001_2022_8.3_MoC Information security risk treatment \|Information security risk treatment ]] | -| **9** | **[[ISO_27001_2022_9_MoC Performance evaluation\|Performance evaluation]]** | -| 9.1 | [[ISO_27001_2022_9.1_MoC Monitoring, measurement, analysis and evaluation \|Monitoring, measurement, analysis and evaluation ]] | -| 9.2 | [[ISO_27001_2022_9.2_MoC Internal audit \|Internal audit ]] | +| **8** | **[Operation](ISO_27001_2022_8_MoC%20Operation.md)** | +| 8.1 | [Operational planning and control ](ISO_27001_2022_8.1_MoC%20Operational%20planning%20and%20control.md) | +| 8.2 | [Information security risk assessment ](ISO_27001_2022_8.2_MoC%20Information%20security%20risk%20assessment.md) | +| 8.3 | [Information security risk treatment ](ISO_27001_2022_8.3_MoC%20Information%20security%20risk%20treatment.md) | +| **9** | **[Performance evaluation](ISO_27001_2022_9_MoC%20Performance%20evaluation.md)** | +| 9.1 | [Monitoring, measurement, analysis and evaluation ](ISO_27001_2022_9.1_MoC%20Monitoring,%20measurement,%20analysis%20and%20evaluation.md) | +| 9.2 | [Internal audit ](ISO_27001_2022_9.2_MoC%20Internal%20audit.md) | | 9.2.1 | General โ†‘ | | 9.2.2 | Internal audit programme โ†‘ | -| 9.3 | [[ISO_27001_2022_9.3_MoC Management review \|Management review ]] | +| 9.3 | [Management review ](ISO_27001_2022_9.3_MoC%20Management%20review.md) | | 9.3.1 | General โ†‘ | | 9.3.2 | Management review inputs โ†‘ | | 9.3.3 | Management review results โ†‘ | -| **10** | **[[ISO_27001_2022_10_MoC Improvement\|Improvement]]** | -| 10.1 | [[ISO_27001_2022_10.1_MoC Continual improvement \|Continual improvement ]] | -| 10.2 | [[ISO_27001_2022_10.2_MoC Nonconformity and corrective action \|Nonconformity and corrective action ]] | -| **[[ISO_27001_2022_00_MoC Index EXT\|Annex A]]** | **Information security controls reference** | +| **10** | **[Improvement](ISO_27001_2022_10_MoC%20Improvement.md)** | +| 10.1 | [Continual improvement ](ISO_27001_2022_10.1_MoC%20Continual%20improvement.md) | +| 10.2 | [Nonconformity and corrective action ](ISO_27001_2022_10.2_MoC%20Nonconformity%20and%20corrective%20action.md) | +| **[Annex A](ISO_27001_2022_00_MoC%20Index%20EXT.md)** | **Information security controls reference** | diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_10.1_MoC Continual improvement.md b/Corpus/Standards/MoCs/ISO_27001_2022_10.1_MoC Continual improvement.md index eadbba7..0de0fb9 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_10.1_MoC Continual improvement.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_10.1_MoC Continual improvement.md @@ -1,3 +1,3 @@ -[[ISO_27001_OT 10.1 Continual improvement\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT%2010.1%20Continual%20improvement.md) -[[ISO_27001_PE 10.1 Continual improvement\|Plain English]] +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27001-2022-EN/ISO_27001_PE%2010.1%20Continual%20improvement.md) diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_10.2_MoC Nonconformity and corrective action.md b/Corpus/Standards/MoCs/ISO_27001_2022_10.2_MoC Nonconformity and corrective action.md index 705ecdc..f38865e 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_10.2_MoC Nonconformity and corrective action.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_10.2_MoC Nonconformity and corrective action.md @@ -1,3 +1,3 @@ -[[ISO_27001_OT 10.2 Nonconformity and corrective action\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT%2010.2%20Nonconformity%20and%20corrective%20action.md) [[ISO_27001_PE 10.2 Nonconformity and corrective action\|Plain English]] diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_10_MoC Improvement.md b/Corpus/Standards/MoCs/ISO_27001_2022_10_MoC Improvement.md index 7b82459..e6ee805 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_10_MoC Improvement.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_10_MoC Improvement.md @@ -1,6 +1,6 @@ # Chapter 10: Improvement -| **10** | **[[ISO_27001_2022_10_MoC Improvement\|Improvement]]** | +| **10** | **[Improvement](ISO_27001_2022_10_MoC%20Improvement.md)** | | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| 10.1 | [[ISO_27001_2022_10.1_MoC Continual improvement \|Continual improvement ]] | -| 10.2 | [[ISO_27001_2022_10.2_MoC Nonconformity and corrective action \|Nonconformity and corrective action ]] | +| 10.1 | [Continual improvement ](ISO_27001_2022_10.1_MoC%20Continual%20improvement.md) | +| 10.2 | [Nonconformity and corrective action ](ISO_27001_2022_10.2_MoC%20Nonconformity%20and%20corrective%20action.md) | diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_4.1_MoC Understanding the organization and its context.md b/Corpus/Standards/MoCs/ISO_27001_2022_4.1_MoC Understanding the organization and its context.md index 1a501da..356acd2 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_4.1_MoC Understanding the organization and its context.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_4.1_MoC Understanding the organization and its context.md @@ -1,9 +1,9 @@ # About C4.1: Understanding the organization and its context From ISO 27001:2022 -[[ISO_27001_2022_OT 4.1 Understanding the organization and its context\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT%204.1%20Understanding%20the%20organization%20and%20its%20context.md) -[[ISO_27001_2022_PE 4.1 Understanding the organization and its context\|Plain English]] translation +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27001-2022-EN/ISO_27001_2022_PE%204.1%20Understanding%20the%20organization%20and%20its%20context.md) translation diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_4.2_MoC Understanding the needs and expectations of interested parties.md b/Corpus/Standards/MoCs/ISO_27001_2022_4.2_MoC Understanding the needs and expectations of interested parties.md index 2b7697c..404bf34 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_4.2_MoC Understanding the needs and expectations of interested parties.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_4.2_MoC Understanding the needs and expectations of interested parties.md @@ -1,8 +1,8 @@ # About C4.2: Understanding the needs and expectations of interested parties -[[ISO_27001_2022_OT 4.2 Understanding the needs and expectations of interested parties\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT%204.2%20Understanding%20the%20needs%20and%20expectations%20of%20interested%20parties.md) [[ISO_27001_PE 4.2 Understanding the needs and expectations of interested parties\|Plain English]] -[[PECB 27001 LA S05 E01a - Context of the organization|PECB Auditor training: Context of the organization]] \ No newline at end of file +[PECB Auditor training: Context of the organization](../../../../๐Ÿ‘ฉ๐Ÿผโ€โš–๏ธ%20Standards%20and%20Regulations/ISO%2027K/PECB%20Lead%20Auditor%20Training%2027001/PECB%2027001%20LA%20S05%20E01a%20-%20Context%20of%20the%20organization.md) \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_4.3_MoC Determining the scope of the information security management system.md b/Corpus/Standards/MoCs/ISO_27001_2022_4.3_MoC Determining the scope of the information security management system.md index 9034cf7..a79e82d 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_4.3_MoC Determining the scope of the information security management system.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_4.3_MoC Determining the scope of the information security management system.md @@ -1,9 +1,9 @@ # About C4.3 Determining the scope of the information security management system -[[ISO_27001_2022_OT 4.3 Determining the scope of the information security management system\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT%204.3%20Determining%20the%20scope%20of%20the%20information%20security%20management%20system.md) [[ISO_27001_PE 4.3 Determining the scope of the information security management system\|Plain English]] -[[About the Statement of Applicability]] +[About the Statement of Applicability](../../../Drafts%20and%20Ideas/ISMS/About%20the%20Statement%20of%20Applicability.md) -[[PECB 27001 LA S05 E01a - Context of the organization|PECB Auditor training: Context of the organization]] \ No newline at end of file +[PECB Auditor training: Context of the organization](../../../../๐Ÿ‘ฉ๐Ÿผโ€โš–๏ธ%20Standards%20and%20Regulations/ISO%2027K/PECB%20Lead%20Auditor%20Training%2027001/PECB%2027001%20LA%20S05%20E01a%20-%20Context%20of%20the%20organization.md) \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_4.4_MoC Information security management system.md b/Corpus/Standards/MoCs/ISO_27001_2022_4.4_MoC Information security management system.md index 87cdef7..1020660 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_4.4_MoC Information security management system.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_4.4_MoC Information security management system.md @@ -1,7 +1,7 @@ # About C4.4: Information security management system -[[ISO_27001_2022_OT 4.4 Information security management system\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT%204.4%20Information%20security%20management%20system.md) [[ISO_27001_PE 4.4 Information security management system\|Plain English]] -[[PECB 27001 LA S05 E01a - Context of the organization|PECB Auditor training: Context of the organization]] \ No newline at end of file +[PECB Auditor training: Context of the organization](../../../../๐Ÿ‘ฉ๐Ÿผโ€โš–๏ธ%20Standards%20and%20Regulations/ISO%2027K/PECB%20Lead%20Auditor%20Training%2027001/PECB%2027001%20LA%20S05%20E01a%20-%20Context%20of%20the%20organization.md) \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_4_MoC Context of the organization.md b/Corpus/Standards/MoCs/ISO_27001_2022_4_MoC Context of the organization.md index cff60ef..92380db 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_4_MoC Context of the organization.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_4_MoC Context of the organization.md @@ -2,7 +2,7 @@ | **4** | **Context of the organization** | | ----- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| 4.1 | [[ISO_27001_2022_4.1_MoC Understanding the organization and its context \|Understanding the organization and its context ]] | -| 4.2 | [[ISO_27001_2022_4.2_MoC Understanding the needs and expectations of interested parties \|Understanding the needs and expectations of interested parties ]] | -| 4.3 | [[ISO_27001_2022_4.3_MoC Determining the scope of the information security management system \|Determining the scope of the information security management system ]] | -| 4.4 | [[ISO_27001_2022_4.4_MoC Information security management system \|Information security management system ]] | +| 4.1 | [Understanding the organization and its context ](ISO_27001_2022_4.1_MoC%20Understanding%20the%20organization%20and%20its%20context.md) | +| 4.2 | [Understanding the needs and expectations of interested parties ](ISO_27001_2022_4.2_MoC%20Understanding%20the%20needs%20and%20expectations%20of%20interested%20parties.md) | +| 4.3 | [Determining the scope of the information security management system ](ISO_27001_2022_4.3_MoC%20Determining%20the%20scope%20of%20the%20information%20security%20management%20system.md) | +| 4.4 | [Information security management system ](ISO_27001_2022_4.4_MoC%20Information%20security%20management%20system.md) | diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_5.1_MoC Leadership and commitment.md b/Corpus/Standards/MoCs/ISO_27001_2022_5.1_MoC Leadership and commitment.md index 4a81bda..39c8daa 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_5.1_MoC Leadership and commitment.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_5.1_MoC Leadership and commitment.md @@ -2,9 +2,9 @@ Describes the responsibilities of 'Top management' with regards to the ISMS. -[[ISO_27001_2022_OT 5.1 Leadership and commitment\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT%205.1%20Leadership%20and%20commitment.md) [[ISO_27001_PE 5.1 Leadership and commitment\|Plain English]] Related: -- [[ISO_27001_2022_9.3_MoC Management review|Clause 9.3]], Management review +- [Clause 9.3](ISO_27001_2022_9.3_MoC%20Management%20review.md), Management review diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_5.2_MoC Policy.md b/Corpus/Standards/MoCs/ISO_27001_2022_5.2_MoC Policy.md index 10224b7..4b340aa 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_5.2_MoC Policy.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_5.2_MoC Policy.md @@ -2,9 +2,9 @@ The information security policy as established by top management -[[ISO_27001_2022_OT 5.2 Policy\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT%205.2%20Policy.md) [[ISO_27001_PE 5.2 Policy\|Plain English]] -[[PECB 27001 LA S05 E01b - Leadership|PECB Auditor training: Leadership]] +[PECB Auditor training: Leadership](../../../../๐Ÿ‘ฉ๐Ÿผโ€โš–๏ธ%20Standards%20and%20Regulations/ISO%2027K/PECB%20Lead%20Auditor%20Training%2027001/PECB%2027001%20LA%20S05%20E01b%20-%20Leadership.md) diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_5.3_MoC Organizational roles, responsibilities and authorities.md b/Corpus/Standards/MoCs/ISO_27001_2022_5.3_MoC Organizational roles, responsibilities and authorities.md index 3e4692e..9b6c2fb 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_5.3_MoC Organizational roles, responsibilities and authorities.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_5.3_MoC Organizational roles, responsibilities and authorities.md @@ -4,11 +4,11 @@ Top management must make sure that responsibilities and authorities for informat Top management specifically needs to assign responsibility and authority for ensuring the ISMS's compliance with the standard, and for reporting[^1] on it's performance (apparently, assigning *other* responsibilities and authorities need *not* be a top management concern). -[[ISO_27001_2022_OT 5.3 Organizational roles, responsibilities and authorities\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_2022_OT%205.3%20Organizational%20roles,%20responsibilities%20and%20authorities.md) [[ISO_27001_PE 5.3 Organizational roles, responsibilities and authorities\|Plain English]] -[[PECB 27001 LA S05 E01b - Leadership|PECB Auditor training: Leadership]] +[PECB Auditor training: Leadership](../../../../๐Ÿ‘ฉ๐Ÿผโ€โš–๏ธ%20Standards%20and%20Regulations/ISO%2027K/PECB%20Lead%20Auditor%20Training%2027001/PECB%2027001%20LA%20S05%20E01b%20-%20Leadership.md) diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_5_MoC Leadership.md b/Corpus/Standards/MoCs/ISO_27001_2022_5_MoC Leadership.md index daae68b..208dcb3 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_5_MoC Leadership.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_5_MoC Leadership.md @@ -1,11 +1,11 @@ # Chapter 5: Leadership -| **5** | **[[ISO_27001_2022_5_MoC Leadership\|Leadership]]** | +| **5** | **[Leadership](ISO_27001_2022_5_MoC%20Leadership.md)** | | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| 5.1 | [[ISO_27001_2022_5.1_MoC Leadership and commitment \|Leadership and commitment ]] | -| 5.2 | [[ISO_27001_2022_5.2_MoC Policy \|Policy ]] | -| 5.3 | [[ISO_27001_2022_5.3_MoC Organizational roles, responsibilities and authorities \|Organizational roles, responsibilities and authorities ]] | +| 5.1 | [Leadership and commitment ](ISO_27001_2022_5.1_MoC%20Leadership%20and%20commitment.md) | +| 5.2 | [Policy ](ISO_27001_2022_5.2_MoC%20Policy.md) | +| 5.3 | [Organizational roles, responsibilities and authorities ](ISO_27001_2022_5.3_MoC%20Organizational%20roles,%20responsibilities%20and%20authorities.md) | -[[PECB 27001 LA S05 E01a - Context of the organization|Context of the organization]] from the PECB Auditor training -[[PECB 27001 LA S05 E01b - Leadership|Leadership]] from the PECB Auditor training +[Context of the organization](../../../../๐Ÿ‘ฉ๐Ÿผโ€โš–๏ธ%20Standards%20and%20Regulations/ISO%2027K/PECB%20Lead%20Auditor%20Training%2027001/PECB%2027001%20LA%20S05%20E01a%20-%20Context%20of%20the%20organization.md) from the PECB Auditor training +[Leadership](../../../../๐Ÿ‘ฉ๐Ÿผโ€โš–๏ธ%20Standards%20and%20Regulations/ISO%2027K/PECB%20Lead%20Auditor%20Training%2027001/PECB%2027001%20LA%20S05%20E01b%20-%20Leadership.md) from the PECB Auditor training diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_6.1.1_MoC General.md b/Corpus/Standards/MoCs/ISO_27001_2022_6.1.1_MoC General.md index 3396b97..5e07fc0 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_6.1.1_MoC General.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_6.1.1_MoC General.md @@ -1,4 +1,4 @@ ### 6.1.1 General -- [[ISO_27001_OT 6.1.1 General\|Original Text]] +- [Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT%206.1.1%20General.md) - [[ISO_27001_PE 6.1.1 General\|Plain English]] diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_6.1.2_MoC Information security risk assessment.md b/Corpus/Standards/MoCs/ISO_27001_2022_6.1.2_MoC Information security risk assessment.md index 348bbcf..b6597db 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_6.1.2_MoC Information security risk assessment.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_6.1.2_MoC Information security risk assessment.md @@ -1,11 +1,11 @@ -# About Clause 6.1.2: I| **6** | **[[ISO_27001_2022_6_MoC Planning\|Planning]]** | +# About Clause 6.1.2: I| **6** | **[Planning](ISO_27001_2022_6_MoC%20Planning.md)** | | ----- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| 6.1 | [[ISO_27001_2022_6.1_MoC Actions to address risks and opportunities \|Actions to address risks and opportunities ]] | -| 6.1.1 | [[ISO_27001_2022_6.1.1_MoC General\|General ]] | -| 6.1.2 | [[ISO_27001_2022_6.1.2_MoC Information security risk assessment\|Information security risk assessment ]] | -| 6.1.3 | [[ISO_27001_2022_6.1.3_MoC Information security risk treatment\|Information security risk treatment ]] | -| 6.2 | [[ISO_27001_2022_6.2_MoC Information security objectives and planning to achieve them \|Information security objectives and planning to achieve them ]] | -| 6.3 | [[ISO_27001_2022_6.3_MoC Planning of changes \|Planning of changes ]] |rity investments will deliver the most value. This is in line with the ISO 31000 standard for Risk Management #research title? , which recommends categorizing risks based on your organizationโ€™s context and objectives. +| 6.1 | [Actions to address risks and opportunities ](ISO_27001_2022_6.1_MoC%20Actions%20to%20address%20risks%20and%20opportunities.md) | +| 6.1.1 | [General ](ISO_27001_2022_6.1.1_MoC%20General.md) | +| 6.1.2 | [Information security risk assessment ](ISO_27001_2022_6.1.2_MoC%20Information%20security%20risk%20assessment.md) | +| 6.1.3 | [Information security risk treatment ](ISO_27001_2022_6.1.3_MoC%20Information%20security%20risk%20treatment.md) | +| 6.2 | [Information security objectives and planning to achieve them ](ISO_27001_2022_6.2_MoC%20Information%20security%20objectives%20and%20planning%20to%20achieve%20them.md) | +| 6.3 | [Planning of changes ](ISO_27001_2022_6.3_MoC%20Planning%20of%20changes.md) |rity investments will deliver the most value. This is in line with the ISO 31000 standard for Risk Management #research title? , which recommends categorizing risks based on your organizationโ€™s context and objectives. Different organizations worry about different kinds of risks, based on their mission, industry, and stakeholder expectations. An engineering firm may worry about their designs being stolen (protection of intellectual property) and construction errors due to incorrect data or calculations (integrity of information). A hospital will worry about continuity (availability of information) and patient confidentiality. A social media advertising platform, may care less about compliance with privacy regulations, but place great emphasis on uptime of systems. diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_6.1.3_MoC Information security risk treatment.md b/Corpus/Standards/MoCs/ISO_27001_2022_6.1.3_MoC Information security risk treatment.md index 8a036cc..b984287 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_6.1.3_MoC Information security risk treatment.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_6.1.3_MoC Information security risk treatment.md @@ -1,6 +1,6 @@ # 6.1.3 Information security risk treatment -- [[ISO_27001_OT 6.1.3 Information security risk treatment\|Original Text]] +- [Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT%206.1.3%20Information%20security%20risk%20treatment.md) - [[ISO_27001_PE 6.1.3 Information security risk treatment\|Plain English]] -[[About the Statement of Applicability]] +[About the Statement of Applicability](../../../Drafts%20and%20Ideas/ISMS/About%20the%20Statement%20of%20Applicability.md) diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_6.1_MoC Actions to address risks and opportunities.md b/Corpus/Standards/MoCs/ISO_27001_2022_6.1_MoC Actions to address risks and opportunities.md index 3c64afe..80f158a 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_6.1_MoC Actions to address risks and opportunities.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_6.1_MoC Actions to address risks and opportunities.md @@ -1,7 +1,7 @@ ## 6.1 Actions to address risks and opportunities -- [[ISO_27001_2022_6.1.1_MoC General|6.1.1 General]] -- [[ISO_27001_2022_6.1.2_MoC Information security risk assessment|6.1.2 Information security risk assessment]] -- [[ISO_27001_2022_6.1.3_MoC Information security risk treatment|6.1.3 Information security risk treatment]] +- [6.1.1 General](ISO_27001_2022_6.1.1_MoC%20General.md) +- [6.1.2 Information security risk assessment](ISO_27001_2022_6.1.2_MoC%20Information%20security%20risk%20assessment.md) +- [6.1.3 Information security risk treatment](ISO_27001_2022_6.1.3_MoC%20Information%20security%20risk%20treatment.md) diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_6.2_MoC Information security objectives and planning to achieve them.md b/Corpus/Standards/MoCs/ISO_27001_2022_6.2_MoC Information security objectives and planning to achieve them.md index 0788bdc..05289be 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_6.2_MoC Information security objectives and planning to achieve them.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_6.2_MoC Information security objectives and planning to achieve them.md @@ -1,4 +1,4 @@ # About Chapter 6.2: Information security objectives and planning to achieve them -[[ISO_27001_OT 6.2 Information security objectives and planning to achieve them\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT%206.2%20Information%20security%20objectives%20and%20planning%20to%20achieve%20them.md) -[[ISO_27001_PE 6.2 Information security objectives and planning to achieve them\|Plain English]] \ No newline at end of file +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27001-2022-EN/ISO_27001_PE%206.2%20Information%20security%20objectives%20and%20planning%20to%20achieve%20them.md) \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_6.3_MoC Planning of changes.md b/Corpus/Standards/MoCs/ISO_27001_2022_6.3_MoC Planning of changes.md index 384cb63..d880090 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_6.3_MoC Planning of changes.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_6.3_MoC Planning of changes.md @@ -1,3 +1,3 @@ -[[ISO_27001_OT 6.3 Planning of changes\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT%206.3%20Planning%20of%20changes.md) [[ISO_27001_PE 6.3 Planning of changes\|Plain English]] \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_6_MoC Planning.md b/Corpus/Standards/MoCs/ISO_27001_2022_6_MoC Planning.md index 4c1d529..436097a 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_6_MoC Planning.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_6_MoC Planning.md @@ -1,10 +1,10 @@ # Chapter 6: Planning -| **6** | **[[ISO_27001_2022_6_MoC Planning\|Planning]]** | +| **6** | **[Planning](ISO_27001_2022_6_MoC%20Planning.md)** | | ----- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| 6.1 | [[ISO_27001_2022_6.1_MoC Actions to address risks and opportunities \|Actions to address risks and opportunities ]] | -| 6.1.1 | [[ISO_27001_2022_6.1.1_MoC General\|General ]] | -| 6.1.2 | [[ISO_27001_2022_6.1.2_MoC Information security risk assessment\|Information security risk assessment ]] | -| 6.1.3 | [[ISO_27001_2022_6.1.3_MoC Information security risk treatment\|Information security risk treatment ]] | -| 6.2 | [[ISO_27001_2022_6.2_MoC Information security objectives and planning to achieve them \|Information security objectives and planning to achieve them ]] | -| 6.3 | [[ISO_27001_2022_6.3_MoC Planning of changes \|Planning of changes ]] | \ No newline at end of file +| 6.1 | [Actions to address risks and opportunities ](ISO_27001_2022_6.1_MoC%20Actions%20to%20address%20risks%20and%20opportunities.md) | +| 6.1.1 | [General ](ISO_27001_2022_6.1.1_MoC%20General.md) | +| 6.1.2 | [Information security risk assessment ](ISO_27001_2022_6.1.2_MoC%20Information%20security%20risk%20assessment.md) | +| 6.1.3 | [Information security risk treatment ](ISO_27001_2022_6.1.3_MoC%20Information%20security%20risk%20treatment.md) | +| 6.2 | [Information security objectives and planning to achieve them ](ISO_27001_2022_6.2_MoC%20Information%20security%20objectives%20and%20planning%20to%20achieve%20them.md) | +| 6.3 | [Planning of changes ](ISO_27001_2022_6.3_MoC%20Planning%20of%20changes.md) | \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_7.1_MoC Resources.md b/Corpus/Standards/MoCs/ISO_27001_2022_7.1_MoC Resources.md index b15b508..a4b3761 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_7.1_MoC Resources.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_7.1_MoC Resources.md @@ -1,3 +1,3 @@ -[[ISO_27001_OT 7.1 Resources\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT%207.1%20Resources.md) [[ISO_27001_PE 7.1 Resources\|Plain English]] \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_7.2_MoC Competence.md b/Corpus/Standards/MoCs/ISO_27001_2022_7.2_MoC Competence.md index b3cd554..cb342cd 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_7.2_MoC Competence.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_7.2_MoC Competence.md @@ -1,3 +1,3 @@ -[[ISO_27001_OT 7.2 Competence\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT%207.2%20Competence.md) [[ISO_27001_PE 7.2 Competence\|Plain English]] \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_7.3_MoC Awareness.md b/Corpus/Standards/MoCs/ISO_27001_2022_7.3_MoC Awareness.md index f1a3e8a..214afbd 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_7.3_MoC Awareness.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_7.3_MoC Awareness.md @@ -1,3 +1,3 @@ -[[ISO_27001_OT 7.3 Awareness\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT%207.3%20Awareness.md) [[ISO_27001_PE 7.3 Awareness\|Plain English]] \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_7.4_MoC Communication.md b/Corpus/Standards/MoCs/ISO_27001_2022_7.4_MoC Communication.md index e1a493c..4769194 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_7.4_MoC Communication.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_7.4_MoC Communication.md @@ -1,3 +1,3 @@ -[[ISO_27001_OT 7.4 Communication\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT%207.4%20Communication.md) [[ISO_27001_PE 7.4 Communication\|Plain English]] \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_7.5_MoC Documented information.md b/Corpus/Standards/MoCs/ISO_27001_2022_7.5_MoC Documented information.md index 984cdda..4e6a977 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_7.5_MoC Documented information.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_7.5_MoC Documented information.md @@ -1,7 +1,7 @@ -[[ISO_27001_OT 7.5 Documented information\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT%207.5%20Documented%20information.md) [[ISO_27001_PE 7.5 Documented information\|Plain English]] -- [[ISO_27001_2022_7.5.1_MoC General|7.5.1 General]] -- [[ISO_27001_2022_7.5.2_MoC Creating and updating|7.5.2 Creating and updating]] -- [[ISO_27001_2022_7.5.3_MoC Control of documented information|7.5.3 Control of documented information]] +- [7.5.1 General](ISO_27001_2022_7.5.1_MoC%20General.md) +- [7.5.2 Creating and updating](ISO_27001_2022_7.5.2_MoC%20Creating%20and%20updating.md) +- [7.5.3 Control of documented information](ISO_27001_2022_7.5.3_MoC%20Control%20of%20documented%20information.md) diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_7_MoC Support.md b/Corpus/Standards/MoCs/ISO_27001_2022_7_MoC Support.md index 1358b10..ae20640 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_7_MoC Support.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_7_MoC Support.md @@ -1,12 +1,12 @@ # Chapter 7: Support -| **7** | **[[ISO_27001_2022_7_MoC Support\|Support]]** | +| **7** | **[Support](ISO_27001_2022_7_MoC%20Support.md)** | | ----- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| 7.1 | [[ISO_27001_2022_7.1_MoC Resources \| Resources ]] | -| 7.2 | [[ISO_27001_2022_7.2_MoC Competence \| Competence ]] | -| 7.3 | [[ISO_27001_2022_7.3_MoC Awareness \| Awareness ]] | -| 7.4 | [[ISO_27001_2022_7.4_MoC Communication \| Communication ]] | -| 7.5 | [[ISO_27001_2022_7.5_MoC Documented information \| Documented information ]] | +| 7.1 | [ Resources ](ISO_27001_2022_7.1_MoC%20Resources.md) | +| 7.2 | [ Competence ](ISO_27001_2022_7.2_MoC%20Competence.md) | +| 7.3 | [ Awareness ](ISO_27001_2022_7.3_MoC%20Awareness.md) | +| 7.4 | [ Communication ](ISO_27001_2022_7.4_MoC%20Communication.md) | +| 7.5 | [ Documented information ](ISO_27001_2022_7.5_MoC%20Documented%20information.md) | | 7.5.1 | General โ†‘ | | 7.5.2 | Creating and updating โ†‘ | | 7.5.3 | Control of documented information โ†‘ | \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_8.1_MoC Operational planning and control.md b/Corpus/Standards/MoCs/ISO_27001_2022_8.1_MoC Operational planning and control.md index ee1fb4c..a166dc5 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_8.1_MoC Operational planning and control.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_8.1_MoC Operational planning and control.md @@ -1,3 +1,3 @@ -[[ISO_27001_OT 8.1 Operational planning and control\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT%208.1%20Operational%20planning%20and%20control.md) [[ISO_27001_PE 8.1 Operational planning and control\|Plain English]] \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_8.2_MoC Information security risk assessment.md b/Corpus/Standards/MoCs/ISO_27001_2022_8.2_MoC Information security risk assessment.md index b5fc580..50f976c 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_8.2_MoC Information security risk assessment.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_8.2_MoC Information security risk assessment.md @@ -1,6 +1,6 @@ # About Clause 8.2: Information security risk assessment -[[ISO_27001_OT 8.2 Information security risk assessment\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT%208.2%20Information%20security%20risk%20assessment.md) [[ISO_27001_PE 8.2 Information security risk assessment\|Plain English]] \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_8.3_MoC Information security risk treatment.md b/Corpus/Standards/MoCs/ISO_27001_2022_8.3_MoC Information security risk treatment.md index c4fcaf1..aead6b6 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_8.3_MoC Information security risk treatment.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_8.3_MoC Information security risk treatment.md @@ -1,5 +1,5 @@ # About Clause 8.3: Information security risk treatment -[[ISO_27001_OT 8.3 Information security risk treatment\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT%208.3%20Information%20security%20risk%20treatment.md) [[ISO_27001_PE 8.3 Information security risk treatment\|Plain English]] \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_8_MoC Operation.md b/Corpus/Standards/MoCs/ISO_27001_2022_8_MoC Operation.md index 3dbc80e..0121b89 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_8_MoC Operation.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_8_MoC Operation.md @@ -1,7 +1,7 @@ # Chapter 8: Operation -| **8** | **[[ISO_27001_2022_8_MoC Operation\|Operation]]** | +| **8** | **[Operation](ISO_27001_2022_8_MoC%20Operation.md)** | | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| 8.1 | [[ISO_27001_2022_8.1_MoC Operational planning and control \|Operational planning and control ]] | -| 8.2 | [[ISO_27001_2022_8.2_MoC Information security risk assessment \|Information security risk assessment ]] | -| 8.3 | [[ISO_27001_2022_8.3_MoC Information security risk treatment \|Information security risk treatment ]] | +| 8.1 | [Operational planning and control ](ISO_27001_2022_8.1_MoC%20Operational%20planning%20and%20control.md) | +| 8.2 | [Information security risk assessment ](ISO_27001_2022_8.2_MoC%20Information%20security%20risk%20assessment.md) | +| 8.3 | [Information security risk treatment ](ISO_27001_2022_8.3_MoC%20Information%20security%20risk%20treatment.md) | diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_9.1_MoC Monitoring, measurement, analysis and evaluation.md b/Corpus/Standards/MoCs/ISO_27001_2022_9.1_MoC Monitoring, measurement, analysis and evaluation.md index 64d2751..6976ebe 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_9.1_MoC Monitoring, measurement, analysis and evaluation.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_9.1_MoC Monitoring, measurement, analysis and evaluation.md @@ -1,3 +1,3 @@ -[[ISO_27001_OT 9.1 Monitoring, measurement, analysis and evaluation\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT%209.1%20Monitoring,%20measurement,%20analysis%20and%20evaluation.md) [[ISO_27001_PE 9.1 Monitoring, measurement, analysis and evaluation\|Plain English]] \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_9.2_MoC Internal audit.md b/Corpus/Standards/MoCs/ISO_27001_2022_9.2_MoC Internal audit.md index d6bde92..1d38940 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_9.2_MoC Internal audit.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_9.2_MoC Internal audit.md @@ -1,5 +1,5 @@ # About Clause 9.2: Internal audit -[[ISO_27001_OT 9.2 Internal audit\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT%209.2%20Internal%20audit.md) [[ISO_27001_PE 9.2 Internal audit\|Plain English]] diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_9.3_MoC Management review.md b/Corpus/Standards/MoCs/ISO_27001_2022_9.3_MoC Management review.md index fc87a4e..459ec0e 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_9.3_MoC Management review.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_9.3_MoC Management review.md @@ -1,5 +1,5 @@ # 9.3 Management review -[[ISO_27001_OT 9.3 Management review\|Original Text]] +[Original Text](../ISO-27001-OST/ISO27001-EN-2022/ISO_27001_OT%209.3%20Management%20review.md) [[ISO_27001_PE 9.3 Management review\|Plain English]] diff --git a/Corpus/Standards/MoCs/ISO_27001_2022_9_MoC Performance evaluation.md b/Corpus/Standards/MoCs/ISO_27001_2022_9_MoC Performance evaluation.md index 9f83640..7c7e6ca 100644 --- a/Corpus/Standards/MoCs/ISO_27001_2022_9_MoC Performance evaluation.md +++ b/Corpus/Standards/MoCs/ISO_27001_2022_9_MoC Performance evaluation.md @@ -1,12 +1,12 @@ # Chapter 9: Performance evaluation -| **9** | **[[ISO_27001_2022_9_MoC Performance evaluation\|Performance evaluation]]** | +| **9** | **[Performance evaluation](ISO_27001_2022_9_MoC%20Performance%20evaluation.md)** | | ----- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| 9.1 | [[ISO_27001_2022_9.1_MoC Monitoring, measurement, analysis and evaluation \|Monitoring, measurement, analysis and evaluation ]] | -| 9.2 | [[ISO_27001_2022_9.2_MoC Internal audit \|Internal audit ]] | +| 9.1 | [Monitoring, measurement, analysis and evaluation ](ISO_27001_2022_9.1_MoC%20Monitoring,%20measurement,%20analysis%20and%20evaluation.md) | +| 9.2 | [Internal audit ](ISO_27001_2022_9.2_MoC%20Internal%20audit.md) | | 9.2.1 | General โ†‘ | | 9.2.2 | Internal audit programme โ†‘ | -| 9.3 | [[ISO_27001_2022_9.3_MoC Management review \|Management review ]] | +| 9.3 | [Management review ](ISO_27001_2022_9.3_MoC%20Management%20review.md) | | 9.3.1 | General โ†‘ | | 9.3.2 | Management review inputs โ†‘ | | 9.3.3 | Management review results โ†‘ | \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.10_MoC Acceptable use of information and other associated assets.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.10_MoC Acceptable use of information and other associated assets.md index 4f5d685..8154687 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.10_MoC Acceptable use of information and other associated assets.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.10_MoC Acceptable use of information and other associated assets.md @@ -1,5 +1,5 @@ -[[ISO_27002_2022_5.10_OT Acceptable use of information and other associated assets \|Original Text]] -[[ISO_27002_2022_5.10_PE Acceptable use of information and other associated assets \|Plain English]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.10_OT%20Acceptable%20use%20of%20information%20and%20other%20associated%20assets.md) +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_5.10_PE%20Acceptable%20use%20of%20information%20and%20other%20associated%20assets.md) ISO 27002:2013: 08.1.3, 08.2.3 -[[ISO_27002_2022_NL_5.10_BT Aanvaardbaar gebruik van informatie en andere gerelateerde bedrijfsmiddelen \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.10_BT%20Aanvaardbaar%20gebruik%20van%20informatie%20en%20andere%20gerelateerde%20bedrijfsmiddelen.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.11_MoC Return of assets.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.11_MoC Return of assets.md index d035712..a5cc771 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.11_MoC Return of assets.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.11_MoC Return of assets.md @@ -1,5 +1,5 @@ -[[ISO_27002_2022_5.11_OT Return of assets \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.11_OT%20Return%20of%20assets.md) [[ISO_27002_2022_5.11_PE Return of assets \|Plain English]] ISO 27002:2013: 08.1.4 -[[ISO_27002_2022_NL_5.11_BT Retourneren van bedrijfsmiddelen \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.11_BT%20Retourneren%20van%20bedrijfsmiddelen.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.12_MoC Classification of information.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.12_MoC Classification of information.md index 4750c9b..db455f6 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.12_MoC Classification of information.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.12_MoC Classification of information.md @@ -1,5 +1,5 @@ -[[ISO_27002_2022_5.12_OT Classification of information \|Original Text]] -[[ISO_27002_2022_5.12_PE Classification of information \|Plain English]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.12_OT%20Classification%20of%20information.md) +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_5.12_PE%20Classification%20of%20information.md) ISO 27002:2013: 08.2.1 -[[ISO_27002_2022_NL_5.12_BT Classificeren van informatie \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.12_BT%20Classificeren%20van%20informatie.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.13_MoC Labelling of information.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.13_MoC Labelling of information.md index bd0ef9c..fc46aaf 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.13_MoC Labelling of information.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.13_MoC Labelling of information.md @@ -1,5 +1,5 @@ -[[ISO_27002_2022_5.13_OT Labelling of information \|Original Text]] -[[ISO_27002_2022_5.13_PE Labelling of information \|Plain English]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.13_OT%20Labelling%20of%20information.md) +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_5.13_PE%20Labelling%20of%20information.md) ISO 27002:2013: 08.2.2 -[[ISO_27002_2022_NL_5.13_BT Labelen van informatie \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.13_BT%20Labelen%20van%20informatie.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.14_MoC Information transfer.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.14_MoC Information transfer.md index 3f138b2..26ab5b2 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.14_MoC Information transfer.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.14_MoC Information transfer.md @@ -1,5 +1,5 @@ -[[ISO_27002_2022_5.14_OT Information transfer \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.14_OT%20Information%20transfer.md) [[ISO_27002_2022_5.14_PE Information transfer \|Plain English]] ISO 27002:2013: 13.2.1, 13.2.2, 13.2.3 -[[ISO_27002_2022_NL_5.14_BT Overdragen van informatie \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.14_BT%20Overdragen%20van%20informatie.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.15_MoC Access control.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.15_MoC Access control.md index 319ad8e..40ec1ae 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.15_MoC Access control.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.15_MoC Access control.md @@ -2,6 +2,6 @@ Foundational rules and principles to control access to information assets, in line with business and information security requirements. -[[ISO_27002_2022_5.15_OT Access control \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.15_OT%20Access%20control.md) [[ISO_27002_2022_5.15_PE Access control \|Plain English]] ISO 27002:2013: 09.1.1, 09.1.2 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.16_MoC Identity management.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.16_MoC Identity management.md index 76eba10..bb2ad77 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.16_MoC Identity management.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.16_MoC Identity management.md @@ -2,8 +2,8 @@ Identity life cycle management. -[[ISO_27002_2022_5.16_OT Identity management \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.16_OT%20Identity%20management.md) [[ISO_27002_2022_5.16_PE Identity management \|Plain English]] ISO 27002:2013: 09.2.1 -[[ISO_27002_2022_NL_5.16_BT Identiteitsbeheer \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.16_BT%20Identiteitsbeheer.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.17_MoC Authentication information.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.17_MoC Authentication information.md index dbeb373..8816a6b 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.17_MoC Authentication information.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.17_MoC Authentication information.md @@ -2,21 +2,21 @@ Managing authentication information, including advising personnel on how to handle authentication information. -[[ISO_27002_2022_5.17_OT Authentication information \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.17_OT%20Authentication%20information.md) [[ISO_27002_2022_5.17_PE Authentication information \|Plain English]] ISO 27002:2013: 09.2.4, 09.3.1, 09.4.3 -[[ISO_27002_2022_NL_5.17_BT Beheren van authenticatie-informatie \|Brontekst]] -[[ISO_27002_2022_NL_5.17_NN Beheren van authenticatie-informatie \|Normaal Nederlands]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.17_BT%20Beheren%20van%20authenticatie-informatie.md) +[Normaal Nederlands](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.17_NN%20Beheren%20van%20authenticatie-informatie.md) -[[Sterke wachtwoorden in 2024]] +[Sterke wachtwoorden in 2024](../../../../๐ŸŽ‡%20Sparks/Sterke%20wachtwoorden%20in%202024.md) **NCSC over authenticeren** - [Authenticatie als onderdeel van Digitale Weerbaarheid](https://www.ncsc.nl/wat-kun-je-zelf-doen/weerbaarheid/beschermen/authenticatie) -- [[NCSC Infosheet Volwassen Authenticeren]] -- [[NCSC_Factsheet_Volwassen_Authenticeren]] -- [[NCSC Factsheet Gebruik Tweefactorauthenticatie]] +- [NCSC Infosheet Volwassen Authenticeren](../../../../๐Ÿ‘ฉ๐Ÿผโ€โš–๏ธ%20Standards%20and%20Regulations/NCSC/NCSC%20Infosheet%20Volwassen%20Authenticeren.md) +- [NCSC_Factsheet_Volwassen_Authenticeren](../../../../๐Ÿ‘ฉ๐Ÿผโ€โš–๏ธ%20Standards%20and%20Regulations/NCSC/NCSC_Factsheet_Volwassen_Authenticeren.md) +- [NCSC Factsheet Gebruik Tweefactorauthenticatie](../../../../๐Ÿ‘ฉ๐Ÿผโ€โš–๏ธ%20Standards%20and%20Regulations/NCSC/NCSC%20Factsheet%20Gebruik%20Tweefactorauthenticatie.md) - [Choosing the right type](https://www.ncsc.gov.uk/guidance/authentication-methods-choosing-the-right-type) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.18_MoC Access rights.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.18_MoC Access rights.md index a84e486..ad7b71f 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.18_MoC Access rights.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.18_MoC Access rights.md @@ -1,9 +1,9 @@ # About Control 5.18: Access rights -Access rights management procedures (provisioning, review, modification and removal) in line with business rules for access control (from [[ISO_27002_2022_5.15_MoC Access control|A5.15]]). +Access rights management procedures (provisioning, review, modification and removal) in line with business rules for access control (from [A5.15](ISO_27002_2022_5.15_MoC%20Access%20control.md)). -[[ISO_27002_2022_5.18_OT Access rights \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.18_OT%20Access%20rights.md) [[ISO_27002_2022_5.18_PE Access rights \|Plain English]] ISO 27002:2013: 09.2.2, 09.2.5, 09.2.6 -[[ISO_27002_2022_NL_5.18_BT Toegangsrechten \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.18_BT%20Toegangsrechten.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.19_MoC Information security in supplier relationships.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.19_MoC Information security in supplier relationships.md index 0adf6d9..b33edf1 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.19_MoC Information security in supplier relationships.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.19_MoC Information security in supplier relationships.md @@ -1,5 +1,5 @@ -[[ISO_27002_2022_5.19_OT Information security in supplier relationships \|Original Text]] -[[ISO_27002_2022_5.19_PE Information security in supplier relationships \|Plain English]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.19_OT%20Information%20security%20in%20supplier%20relationships.md) +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_5.19_PE%20Information%20security%20in%20supplier%20relationships.md) ISO 27002:2013: 15.1.1 -[[ISO_27002_2022_NL_5.19_BT Informatiebeveiliging in leveranciersrelaties \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.19_BT%20Informatiebeveiliging%20in%20leveranciersrelaties.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.20_MoC Addressing information security within supplier agreements.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.20_MoC Addressing information security within supplier agreements.md index 57eabcd..d0051d8 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.20_MoC Addressing information security within supplier agreements.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.20_MoC Addressing information security within supplier agreements.md @@ -1,5 +1,5 @@ -[[ISO_27002_2022_5.20_OT Addressing information security within supplier agreements \|Original Text]] -[[ISO_27002_2022_5.20_PE Addressing information security within supplier agreements \|Plain English]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.20_OT%20Addressing%20information%20security%20within%20supplier%20agreements.md) +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_5.20_PE%20Addressing%20information%20security%20within%20supplier%20agreements.md) ISO 27002:2013: 15.1.2 -[[ISO_27002_2022_NL_5.20_BT Adresseren van informatiebeveiliging in leveranciersovereenkomsten \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.20_BT%20Adresseren%20van%20informatiebeveiliging%20in%20leveranciersovereenkomsten.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.21_MoC Managing information security in the ICT supply chain.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.21_MoC Managing information security in the ICT supply chain.md index 1114e47..58af0df 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.21_MoC Managing information security in the ICT supply chain.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.21_MoC Managing information security in the ICT supply chain.md @@ -1,5 +1,5 @@ -[[ISO_27002_2022_5.21_OT Managing information security in the ICT supply chain \|Original Text]] -[[ISO_27002_2022_5.21_PE Managing information security in the ICT supply chain \|Plain English]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.21_OT%20Managing%20information%20security%20in%20the%20ICT%20supply%20chain.md) +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_5.21_PE%20Managing%20information%20security%20in%20the%20ICT%20supply%20chain.md) ISO 27002:2013: 15.1.3 -[[ISO_27002_2022_NL_5.21_BT Beheren van informatiebeveiliging in de ICT-keten \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.21_BT%20Beheren%20van%20informatiebeveiliging%20in%20de%20ICT-keten.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.22_MoC Monitoring, review and change management of supplier services.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.22_MoC Monitoring, review and change management of supplier services.md index 9531f58..9853921 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.22_MoC Monitoring, review and change management of supplier services.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.22_MoC Monitoring, review and change management of supplier services.md @@ -1,5 +1,5 @@ -[[ISO_27002_2022_5.22_OT Monitoring, review and change management of supplier services \|Original Text]] -[[ISO_27002_2022_5.22_PE Monitoring, review and change management of supplier services \|Plain English]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.22_OT%20Monitoring,%20review%20and%20change%20management%20of%20supplier%20services.md) +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_5.22_PE%20Monitoring,%20review%20and%20change%20management%20of%20supplier%20services.md) ISO 27002:2013: 15.2.1, 15.2.2 -[[ISO_27002_2022_NL_5.22_BT Monitoren, beoordelen en het beheren van wijzigingen van leveranciersdiensten \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.22_BT%20Monitoren,%20beoordelen%20en%20het%20beheren%20van%20wijzigingen%20van%20leveranciersdiensten.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.23_MoC Information security for use of cloud services.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.23_MoC Information security for use of cloud services.md index fb02bc9..8fd6937 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.23_MoC Information security for use of cloud services.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.23_MoC Information security for use of cloud services.md @@ -1,5 +1,5 @@ -[[ISO_27002_2022_5.23_OT Information security for use of cloud services \|Original Text]] -[[ISO_27002_2022_5.23_PE Information security for use of cloud services \|Plain English]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.23_OT%20Information%20security%20for%20use%20of%20cloud%20services.md) +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_5.23_PE%20Information%20security%20for%20use%20of%20cloud%20services.md) ISO 27002:2013: n/a -[[ISO_27002_2022_NL_5.23_BT Informatiebeveiliging voor het gebruik van clouddiensten \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.23_BT%20Informatiebeveiliging%20voor%20het%20gebruik%20van%20clouddiensten.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.24_MoC Information security incident management planning and preparation.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.24_MoC Information security incident management planning and preparation.md index a3c2723..3c73fa8 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.24_MoC Information security incident management planning and preparation.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.24_MoC Information security incident management planning and preparation.md @@ -1,5 +1,5 @@ # About Control 5.24: Information security incident management planning and preparation -[[ISO_27002_2022_5.24_OT Information security incident management planning and preparation \|Original Text]] -[[ISO_27002_2022_5.24_PE Information security incident management planning and preparation \|Plain English]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.24_OT%20Information%20security%20incident%20management%20planning%20and%20preparation.md) +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_5.24_PE%20Information%20security%20incident%20management%20planning%20and%20preparation.md) ISO 27002:2013: 16.1.1 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.25_MoC Assessment and decision on information security events.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.25_MoC Assessment and decision on information security events.md index a5219c0..a729717 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.25_MoC Assessment and decision on information security events.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.25_MoC Assessment and decision on information security events.md @@ -1,5 +1,5 @@ # About Control 5.25: Assessment and decision on information security events -[[ISO_27002_2022_5.25_OT Assessment and decision on information security events |Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.25_OT%20Assessment%20and%20decision%20on%20information%20security%20events.md) [[ISO_27002_2022_5.25_PE Assessment and decision on information security events \|Plain English]] ISO 27002:2013: 16.1.4 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.26_MoC Response to information security incidents.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.26_MoC Response to information security incidents.md index f72cd0b..31aa918 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.26_MoC Response to information security incidents.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.26_MoC Response to information security incidents.md @@ -1,5 +1,5 @@ # About Control 5.26: Response to information security incidents -[[ISO_27002_2022_5.26_OT Response to information security incidents \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.26_OT%20Response%20to%20information%20security%20incidents.md) [[ISO_27002_2022_5.26_PE Response to information security incidents \|Plain English]] ISO 27002:2013: 16.1.5 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.27_MoC Learning from information security incidents.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.27_MoC Learning from information security incidents.md index b38faa6..2a5fd31 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.27_MoC Learning from information security incidents.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.27_MoC Learning from information security incidents.md @@ -1,5 +1,5 @@ # About Control 5.27: Learning from information security incidents -[[ISO_27002_2022_5.27_OT Learning from information security incidents \|Original Text]] -[[ISO_27002_2022_5.27_PE Learning from information security incidents \|Plain English]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.27_OT%20Learning%20from%20information%20security%20incidents.md) +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_5.27_PE%20Learning%20from%20information%20security%20incidents.md) ISO 27002:2013: 16.1.6 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.28_MoC Collection of evidence.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.28_MoC Collection of evidence.md index c1fef48..cf69d41 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.28_MoC Collection of evidence.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.28_MoC Collection of evidence.md @@ -1,6 +1,6 @@ # About Control 5.28: Collection of evidence -[[ISO_27002_2022_5.28_OT Collection of evidence \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.28_OT%20Collection%20of%20evidence.md) [[ISO_27002_2022_5.28_PE Collection of evidence \|Plain English]] ISO 27002:2013: 16.1.7 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.29_MoC Information security during disruption.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.29_MoC Information security during disruption.md index cdd2c93..a1556f8 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.29_MoC Information security during disruption.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.29_MoC Information security during disruption.md @@ -1,8 +1,8 @@ # About Control 5.29: Information security during disruption -[[ISO_27002_2022_5.29_OT Information security during disruption \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.29_OT%20Information%20security%20during%20disruption.md) [[ISO_27002_2022_5.29_PE Information security during disruption \|Plain English]] ISO 27002:2013: 17.1.1, 17.1.2, 17.1.3 -[[Business Impact Analysis (BIA)]] +[Business Impact Analysis (BIA)](../../../../๐ŸŽ‡%20Sparks/Business%20Impact%20Analysis%20(BIA).md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.2_MoC Information security roles and responsibilities.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.2_MoC Information security roles and responsibilities.md index 8342bb6..bd41f93 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.2_MoC Information security roles and responsibilities.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.2_MoC Information security roles and responsibilities.md @@ -1,5 +1,5 @@ -[[ISO_27002_2022_5.2_OT Information security roles and responsibilities \|Original Text]] -[[ISO_27002_2022_5.2_PE Information security roles and responsibilities \|Plain English]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.2_OT%20Information%20security%20roles%20and%20responsibilities.md) +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_5.2_PE%20Information%20security%20roles%20and%20responsibilities.md) ISO 27002:2013: 06.1.1 -[[ISO_27002_2022_NL_5.2_BT Rollen en verantwoordelijkheden bij informatiebeveiliging \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.2_BT%20Rollen%20en%20verantwoordelijkheden%20bij%20informatiebeveiliging.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.30_MoC ICT readiness for business continuity.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.30_MoC ICT readiness for business continuity.md index 3173e51..c330d09 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.30_MoC ICT readiness for business continuity.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.30_MoC ICT readiness for business continuity.md @@ -1,12 +1,12 @@ -[[ISO_27002_2022_5.30_OT ICT readiness for business continuity \|Original Text]] -[[ISO_27002_2022_5.30_PE ICT readiness for business continuity \|Plain English]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.30_OT%20ICT%20readiness%20for%20business%20continuity.md) +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_5.30_PE%20ICT%20readiness%20for%20business%20continuity.md) ISO 27002:2013: n/a -[[ISO_27002_2022_NL_5.30_BT ICT-gereedheid voor bedrijfscontinuiฬˆteit \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.30_BT%20ICT-gereedheid%20voor%20bedrijfscontinuรฏteit.md) See also: -- [[BCP_Bedrijfscontinuรฏteitsplanning]] -- [[Business Impact Analysis (BIA)]] -- [[Disaster Recovery Planning]] +- [BCP_Bedrijfscontinuรฏteitsplanning](../../../../๐Ÿ“š๏ธ%20Literature%20notes/BCP_Bedrijfscontinuรฏteitsplanning.md) +- [Business Impact Analysis (BIA)](../../../../๐ŸŽ‡%20Sparks/Business%20Impact%20Analysis%20(BIA).md) +- [Disaster Recovery Planning](../../../../๐ŸŽ‡%20Sparks/Disaster%20Recovery%20Planning.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.31_MoC Legal, statutory, regulatory and contractual requirements.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.31_MoC Legal, statutory, regulatory and contractual requirements.md index 98d4d90..2e4a92f 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.31_MoC Legal, statutory, regulatory and contractual requirements.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.31_MoC Legal, statutory, regulatory and contractual requirements.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_5.31_OT Legal, statutory, regulatory and contractual requirements \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.31_OT%20Legal,%20statutory,%20regulatory%20and%20contractual%20requirements.md) [[ISO_27002_2022_5.31_PE Legal, statutory, regulatory and contractual requirements \|Plain English]] ISO 27002:2013: 18.1.1, 18.1.5 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.32_MoC Intellectual property rights.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.32_MoC Intellectual property rights.md index 03993d7..db64ed2 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.32_MoC Intellectual property rights.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.32_MoC Intellectual property rights.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_5.32_OT Intellectual property rights \|Original Text]] -[[ISO_27002_2022_5.32_PE Intellectual property rights \|Plain English]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.32_OT%20Intellectual%20property%20rights.md) +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_5.32_PE%20Intellectual%20property%20rights.md) ISO 27002:2013: 18.1.2 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.33_MoC Protection of records.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.33_MoC Protection of records.md index 3d59d27..ce5ed20 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.33_MoC Protection of records.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.33_MoC Protection of records.md @@ -4,6 +4,6 @@ This Control is about the **control, purpose, and guidance for managing and prot I would say: record keeping procedures, in line with legal and other requirements. -[[ISO_27002_2022_5.33_OT Protection of records \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.33_OT%20Protection%20of%20records.md) [[ISO_27002_2022_5.33_PE Protection of records \|Plain English]] ISO 27002:2013: 18.1.3 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.34_MoC Privacy and protection of PII.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.34_MoC Privacy and protection of PII.md index f6ee070..f1767b8 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.34_MoC Privacy and protection of PII.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.34_MoC Privacy and protection of PII.md @@ -1,4 +1,4 @@ -[[ISO_27002_2022_5.34_OT Privacy and protection of PII \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.34_OT%20Privacy%20and%20protection%20of%20PII.md) [[ISO_27002_2022_5.34_PE Privacy and protection of PII \|Plain English]] ISO 27002:2013: 18.1.4 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.35_MoC Independent review of information security.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.35_MoC Independent review of information security.md index b24815f..e993e29 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.35_MoC Independent review of information security.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.35_MoC Independent review of information security.md @@ -1,6 +1,6 @@ # About Control 5.35: Independent review of information security -[[ISO_27002_2022_5.35_OT Independent review of information security \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.35_OT%20Independent%20review%20of%20information%20security.md) [[ISO_27002_2022_5.35_PE Independent review of information security \|Plain English]] ISO 27002:2013: 18.2.1 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.36_MoC Compliance with policies, rules and standards for information security.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.36_MoC Compliance with policies, rules and standards for information security.md index 8dacff1..e178a67 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.36_MoC Compliance with policies, rules and standards for information security.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.36_MoC Compliance with policies, rules and standards for information security.md @@ -1,5 +1,5 @@ # About Control 5.36: Compliance with policies, rules and standards for information security -[[ISO_27002_2022_5.36_OT Compliance with policies, rules and standards for information security \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.36_OT%20Compliance%20with%20policies,%20rules%20and%20standards%20for%20information%20security.md) [[ISO_27002_2022_5.36_PE Compliance with policies, rules and standards for information security \|Plain English]] ISO 27002:2013: 18.2.2, 18.2.3 \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.37_MoC Documented operating procedures.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.37_MoC Documented operating procedures.md index 51170bd..2b6b690 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.37_MoC Documented operating procedures.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.37_MoC Documented operating procedures.md @@ -1,4 +1,4 @@ -[[ISO_27002_2022_5.37_OT Documented operating procedures \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.37_OT%20Documented%20operating%20procedures.md) ย  [[ISO_27002_2022_5.37_PE Documented operating procedures \|Plain English]] ISO 27002:2013: 12.1.1 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.3_MoC Segregation of duties.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.3_MoC Segregation of duties.md index 858050e..462d513 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.3_MoC Segregation of duties.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.3_MoC Segregation of duties.md @@ -1,7 +1,7 @@ # About Control 5.3: Segregation of duties -[[ISO_27002_2022_5.3_OT Segregation of duties \|Original Text]] -[[ISO_27002_2022_5.3_PE Segregation of duties \|Plain English]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.3_OT%20Segregation%20of%20duties.md) +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_5.3_PE%20Segregation%20of%20duties.md) ISO 27002:2013: 06.1.2 -[[ISO_27002_2022_NL_5.3_BT Functiescheiding \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.3_BT%20Functiescheiding.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.4_MoC Management responsibilities.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.4_MoC Management responsibilities.md index ee5cc33..e9d38fa 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.4_MoC Management responsibilities.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.4_MoC Management responsibilities.md @@ -1,7 +1,7 @@ # About Control 5.4: Management responsibilities -[[ISO_27002_2022_5.4_OT Management responsibilities \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.4_OT%20Management%20responsibilities.md) [[ISO_27002_2022_5.4_PE Management responsibilities \|Plain English]] ISO 27002:2013: 07.2.1 -[[ISO_27002_2022_NL_5.4_BT Managementverantwoordelijkheden \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.4_BT%20Managementverantwoordelijkheden.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.5_MoC Contact with authorities.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.5_MoC Contact with authorities.md index e183cf8..681a464 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.5_MoC Contact with authorities.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.5_MoC Contact with authorities.md @@ -1,7 +1,7 @@ # About Control 5.5: Contact with authorities -[[ISO_27002_2022_5.5_OT Contact with authorities \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.5_OT%20Contact%20with%20authorities.md) [[ISO_27002_2022_5.5_PE Contact with authorities \|Plain English]] ISO 27002:2013: 06.1.3 -[[ISO_27002_2022_NL_5.5_BT Contact met overheidsinstanties \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.5_BT%20Contact%20met%20overheidsinstanties.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.6_MoC Contact with special interest groups.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.6_MoC Contact with special interest groups.md index 1138991..5eca0b9 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.6_MoC Contact with special interest groups.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.6_MoC Contact with special interest groups.md @@ -1,7 +1,7 @@ # About Control 5.6: Contact with special interest groups -[[ISO_27002_2022_5.6_OT Contact with special interest groups \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.6_OT%20Contact%20with%20special%20interest%20groups.md) [[ISO_27002_2022_5.6_PE Contact with special interest groups \|Plain English]] ISO 27002:2013: 6.1.4 -[[ISO_27002_2022_NL_5.6_BT Contact met speciale belangengroepen \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.6_BT%20Contact%20met%20speciale%20belangengroepen.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.7_MoC Threat intelligence.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.7_MoC Threat intelligence.md index 9e9ac2b..74df1e1 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.7_MoC Threat intelligence.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.7_MoC Threat intelligence.md @@ -1,8 +1,8 @@ # About control 5.7: Threat intelligence -[[ISO_27002_2022_5.7_OT Threat intelligence \|Original Text]] -[[ISO_27002_2022_5.7_PE Threat intelligence \|Plain English]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.7_OT%20Threat%20intelligence.md) +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_5.7_PE%20Threat%20intelligence.md) ISO 27002:2013: n/a -[[ISO_27002_2022_NL_5.7_BT Informatie en analyses over dreigingen \|NL Brontekst]] +[NL Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.7_BT%20Informatie%20en%20analyses%20over%20dreigingen.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.8_MoC Information security in project management.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.8_MoC Information security in project management.md index d5ad925..6f2b0a1 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.8_MoC Information security in project management.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.8_MoC Information security in project management.md @@ -1,5 +1,5 @@ -[[ISO_27002_2022_5.8_OT Information security in project management \|Original Text]] -[[ISO_27002_2022_5.8_PE Information security in project management \|Plain English]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.8_OT%20Information%20security%20in%20project%20management.md) +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_5.8_PE%20Information%20security%20in%20project%20management.md) ISO 27002:2013: 06.1.5, 14.1.1 -[[ISO_27002_2022_NL_5.8_BT Informatiebeveiliging in projectmanagement \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.8_BT%20Informatiebeveiliging%20in%20projectmanagement.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_5.9_MoC Inventory of information and other associated assets.md b/Corpus/Standards/MoCs/ISO_27002_2022_5.9_MoC Inventory of information and other associated assets.md index cc23306..2326b6c 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_5.9_MoC Inventory of information and other associated assets.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_5.9_MoC Inventory of information and other associated assets.md @@ -1,10 +1,10 @@ # Control 5.9 Inventory of information and other associated assets -[[ISO_27002_2022_5.9_OT Inventory of information and other associated assets \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.9_OT%20Inventory%20of%20information%20and%20other%20associated%20assets.md) [[ISO_27002_2022_5.9_PE Inventory of information and other associated assets \|Plain English]] ISO 27002:2013: 08.1.1, 08.1.2 -[[ISO_27002_2022_NL_5.9_BT Inventarisatie van informatie en andere gerelateerde bedrijfsmiddelen \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_5.9_BT%20Inventarisatie%20van%20informatie%20en%20andere%20gerelateerde%20bedrijfsmiddelen.md) -The inventory serves as input for the [[Business Impact Analysis (BIA)]] -[[ISO_27001_2022_00_MoC Index EXT]] +The inventory serves as input for the [Business Impact Analysis (BIA)](../../../../๐ŸŽ‡%20Sparks/Business%20Impact%20Analysis%20(BIA).md) +[ISO_27001_2022_00_MoC Index EXT](ISO_27001_2022_00_MoC%20Index%20EXT.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_6.1_MoC Screening.md b/Corpus/Standards/MoCs/ISO_27002_2022_6.1_MoC Screening.md index 1940a06..3d731ff 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_6.1_MoC Screening.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_6.1_MoC Screening.md @@ -1,4 +1,4 @@ -[[ISO_27002_2022_6.1_OT Screening \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_6.1_OT%20Screening.md) ย  [[ISO_27002_2022_6.1_PE Screening \|Plain English]] ISO 27002:2013: 07.1.1 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_6.2_MoC Terms and conditions of employment.md b/Corpus/Standards/MoCs/ISO_27002_2022_6.2_MoC Terms and conditions of employment.md index 61de944..48b53f7 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_6.2_MoC Terms and conditions of employment.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_6.2_MoC Terms and conditions of employment.md @@ -1,4 +1,4 @@ -[[ISO_27002_2022_6.2_OT Terms and conditions of employment \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_6.2_OT%20Terms%20and%20conditions%20of%20employment.md) ย  [[ISO_27002_2022_6.2_PE Terms and conditions of employment \|Plain English]] ISO 27002:2013: 07.1.2 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_6.3_MoC Information security awareness, education and training.md b/Corpus/Standards/MoCs/ISO_27002_2022_6.3_MoC Information security awareness, education and training.md index a6b6065..9746459 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_6.3_MoC Information security awareness, education and training.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_6.3_MoC Information security awareness, education and training.md @@ -1,4 +1,4 @@ -[[ISO_27002_2022_6.3_OT Information security awareness, education and training \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_6.3_OT%20Information%20security%20awareness,%20education%20and%20training.md) ย  [[ISO_27002_2022_6.3_PE Information security awareness, education and training \|Plain English]] ISO 27002:2013: 07.2.2 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_6.4_MoC Disciplinary process.md b/Corpus/Standards/MoCs/ISO_27002_2022_6.4_MoC Disciplinary process.md index ed620f2..a71d007 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_6.4_MoC Disciplinary process.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_6.4_MoC Disciplinary process.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_6.4_OT Disciplinary process \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_6.4_OT%20Disciplinary%20process.md) [[ISO_27002_2022_6.4_PE Disciplinary process \|Plain English]] ISO 27002:2013: 07.2.3 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_6.5_MoC Responsibilities after termination or change of employment.md b/Corpus/Standards/MoCs/ISO_27002_2022_6.5_MoC Responsibilities after termination or change of employment.md index b8ebef2..4ed686d 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_6.5_MoC Responsibilities after termination or change of employment.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_6.5_MoC Responsibilities after termination or change of employment.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_6.5_OT Responsibilities after termination or change of employment \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_6.5_OT%20Responsibilities%20after%20termination%20or%20change%20of%20employment.md) [[ISO_27002_2022_6.5_PE Responsibilities after termination or change of employment \|Plain English]] ISO 27002:2013: 07.3.1 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_6.6_MoC Confidentiality or non-disclosure agreements.md b/Corpus/Standards/MoCs/ISO_27002_2022_6.6_MoC Confidentiality or non-disclosure agreements.md index 901e44d..e4767eb 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_6.6_MoC Confidentiality or non-disclosure agreements.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_6.6_MoC Confidentiality or non-disclosure agreements.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_6.6_OT Confidentiality or non-disclosure agreements \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_6.6_OT%20Confidentiality%20or%20non-disclosure%20agreements.md) [[ISO_27002_2022_6.6_PE Confidentiality or non-disclosure agreements \|Plain English]] ISO 27002:2013: 13.2.4 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_6.7_MoC Remote working.md b/Corpus/Standards/MoCs/ISO_27002_2022_6.7_MoC Remote working.md index 0089ac0..d2573f6 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_6.7_MoC Remote working.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_6.7_MoC Remote working.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_6.7_OT Remote working \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_6.7_OT%20Remote%20working.md) [[ISO_27002_2022_6.7_PE Remote working \|Plain English]] ISO 27002:2013: 06.2.2 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_6.8_MoC Information security event reporting.md b/Corpus/Standards/MoCs/ISO_27002_2022_6.8_MoC Information security event reporting.md index 7cfeee2..bc07acb 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_6.8_MoC Information security event reporting.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_6.8_MoC Information security event reporting.md @@ -1,4 +1,4 @@ -[[ISO_27002_2022_6.8_OT Information security event reporting \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_6.8_OT%20Information%20security%20event%20reporting.md) ย  [[ISO_27002_2022_6.8_PE Information security event reporting \|Plain English]] ISO 27002:2013: 16.1.2, 16.1.3 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_7.10_MoC Storage media.md b/Corpus/Standards/MoCs/ISO_27002_2022_7.10_MoC Storage media.md index bf20b5c..e6adf8e 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_7.10_MoC Storage media.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_7.10_MoC Storage media.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_7.10_OT Storage media \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_7.10_OT%20Storage%20media.md) [[ISO_27002_2022_7.10_PE Storage media \|Plain English]] ISO 27002:2013: 08.3.1, 08.3.2, 08.3.3, 11.2.5 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_7.11_MoC Supporting utilities.md b/Corpus/Standards/MoCs/ISO_27002_2022_7.11_MoC Supporting utilities.md index c6f3da1..22319e3 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_7.11_MoC Supporting utilities.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_7.11_MoC Supporting utilities.md @@ -2,6 +2,6 @@ Protecting information processing facilities from power failures and other utilities disruptions. -[[ISO_27002_2022_7.11_OT Supporting utilities \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_7.11_OT%20Supporting%20utilities.md) [[ISO_27002_2022_7.11_PE Supporting utilities \|Plain English]] ISO 27002:2013: 11.2.2 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_7.12_MoC Cabling security.md b/Corpus/Standards/MoCs/ISO_27002_2022_7.12_MoC Cabling security.md index 45641d9..5487ada 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_7.12_MoC Cabling security.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_7.12_MoC Cabling security.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_7.12_OT Cabling security \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_7.12_OT%20Cabling%20security.md) [[ISO_27002_2022_7.12_PE Cabling security \|Plain English]] ISO 27002:2013: 11.2.3 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_7.13_MoC Equipment maintenance.md b/Corpus/Standards/MoCs/ISO_27002_2022_7.13_MoC Equipment maintenance.md index 11604dd..97c3158 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_7.13_MoC Equipment maintenance.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_7.13_MoC Equipment maintenance.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_7.13_OT Equipment maintenance \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_7.13_OT%20Equipment%20maintenance.md) [[ISO_27002_2022_7.13_PE Equipment maintenance \|Plain English]] ISO 27002:2013: 11.2.4 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_7.14_MoC Secure disposal or re-use of equipment.md b/Corpus/Standards/MoCs/ISO_27002_2022_7.14_MoC Secure disposal or re-use of equipment.md index d10a862..234c557 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_7.14_MoC Secure disposal or re-use of equipment.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_7.14_MoC Secure disposal or re-use of equipment.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_7.14_OT Secure disposal or re-use of equipment \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_7.14_OT%20Secure%20disposal%20or%20re-use%20of%20equipment.md) [[ISO_27002_2022_7.14_PE Secure disposal or re-use of equipment \|Plain English]] ISO 27002:2013: 11.2.7 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_7.1_MoC Physical security perimeters.md b/Corpus/Standards/MoCs/ISO_27002_2022_7.1_MoC Physical security perimeters.md index fb0699b..71c8ab3 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_7.1_MoC Physical security perimeters.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_7.1_MoC Physical security perimeters.md @@ -1,7 +1,7 @@ # About control 7.1: Physical security perimeters -[[ISO_27002_2022_7.1_OT Physical security perimeters \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_7.1_OT%20Physical%20security%20perimeters.md) [[ISO_27002_2022_7.1_PE Physical security perimeters \|Plain English]] ISO 27002:2013: 11.1.1 -[[Physical security in ISO 27001]] \ No newline at end of file +[Physical security in ISO 27001](../../../../๐Ÿ‘ฉ๐Ÿผโ€โš–๏ธ%20Standards%20and%20Regulations/ISO%2027K/Physical%20security%20in%20ISO%2027001.md) \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_7.2_MoC Physical entry.md b/Corpus/Standards/MoCs/ISO_27002_2022_7.2_MoC Physical entry.md index d0484be..d607321 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_7.2_MoC Physical entry.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_7.2_MoC Physical entry.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_7.2_OT Physical entry \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_7.2_OT%20Physical%20entry.md) [[ISO_27002_2022_7.2_PE Physical entry \|Plain English]] ISO 27002:2013: 11.1.2, 11.1.6 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_7.3_MoC Securing offices, rooms and facilities.md b/Corpus/Standards/MoCs/ISO_27002_2022_7.3_MoC Securing offices, rooms and facilities.md index a40bb33..59fe559 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_7.3_MoC Securing offices, rooms and facilities.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_7.3_MoC Securing offices, rooms and facilities.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_7.3_OT Securing offices, rooms and facilities \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_7.3_OT%20Securing%20offices,%20rooms%20and%20facilities.md) [[ISO_27002_2022_7.3_PE Securing offices, rooms and facilities \|Plain English]] ISO 27002:2013: 11.1.3 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_7.4_MoC Physical security monitoring.md b/Corpus/Standards/MoCs/ISO_27002_2022_7.4_MoC Physical security monitoring.md index ed098a1..8224301 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_7.4_MoC Physical security monitoring.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_7.4_MoC Physical security monitoring.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_7.4_OT Physical security monitoring \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_7.4_OT%20Physical%20security%20monitoring.md) [[ISO_27002_2022_7.4_PE Physical security monitoring \|Plain English]] ISO 27002:2013: n/a diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_7.5_MoC Protecting against physical and environmental threats.md b/Corpus/Standards/MoCs/ISO_27002_2022_7.5_MoC Protecting against physical and environmental threats.md index 16d076f..7d5da65 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_7.5_MoC Protecting against physical and environmental threats.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_7.5_MoC Protecting against physical and environmental threats.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_7.5_OT Protecting against physical and environmental threats \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_7.5_OT%20Protecting%20against%20physical%20and%20environmental%20threats.md) [[ISO_27002_2022_7.5_PE Protecting against physical and environmental threats \|Plain English]] ISO 27002:2013: 11.1.4 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_7.6_MoC Working in secure areas.md b/Corpus/Standards/MoCs/ISO_27002_2022_7.6_MoC Working in secure areas.md index 2c66b54..2ba11fd 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_7.6_MoC Working in secure areas.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_7.6_MoC Working in secure areas.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_7.6_OT Working in secure areas \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_7.6_OT%20Working%20in%20secure%20areas.md) [[ISO_27002_2022_7.6_PE Working in secure areas \|Plain English]] ISO 27002:2013: 11.1.5 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_7.7_MoC Clear desk and clear screen.md b/Corpus/Standards/MoCs/ISO_27002_2022_7.7_MoC Clear desk and clear screen.md index 1500b89..e5b2414 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_7.7_MoC Clear desk and clear screen.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_7.7_MoC Clear desk and clear screen.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_7.7_OT Clear desk and clear screen \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_7.7_OT%20Clear%20desk%20and%20clear%20screen.md) [[ISO_27002_2022_7.7_PE Clear desk and clear screen \|Plain English]] ISO 27002:2013: 11.2.9 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_7.8_MoC Equipment siting and protection.md b/Corpus/Standards/MoCs/ISO_27002_2022_7.8_MoC Equipment siting and protection.md index 92eb79a..38bf174 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_7.8_MoC Equipment siting and protection.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_7.8_MoC Equipment siting and protection.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_7.8_OT Equipment siting and protection \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_7.8_OT%20Equipment%20siting%20and%20protection.md) [[ISO_27002_2022_7.8_PE Equipment siting and protection \|Plain English]] ISO 27002:2013: 11.2.1 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_7.9_MoC Security of assets off-premises.md b/Corpus/Standards/MoCs/ISO_27002_2022_7.9_MoC Security of assets off-premises.md index 783ce7b..9edde53 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_7.9_MoC Security of assets off-premises.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_7.9_MoC Security of assets off-premises.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_7.9_OT Security of assets off-premises \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_7.9_OT%20Security%20of%20assets%20off-premises.md) [[ISO_27002_2022_7.9_PE Security of assets off-premises \|Plain English]] ISO 27002:2013: 11.2.6 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.10_MoC Information deletion.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.10_MoC Information deletion.md index 9839056..03dab9c 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.10_MoC Information deletion.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.10_MoC Information deletion.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_8.10_OT Information deletion \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.10_OT%20Information%20deletion.md) [[ISO_27002_2022_8.10_PE Information deletion \|Plain English]] ISO 27002:2013: n/a diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.11_MoC Data masking.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.11_MoC Data masking.md index b1597fb..9facc4e 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.11_MoC Data masking.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.11_MoC Data masking.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_8.11_OT Data masking \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.11_OT%20Data%20masking.md) [[ISO_27002_2022_8.11_PE Data masking \|Plain English]] ISO 27002:2013: n/a diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.12_MoC Data leakage prevention.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.12_MoC Data leakage prevention.md index b5633ef..f572d49 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.12_MoC Data leakage prevention.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.12_MoC Data leakage prevention.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_8.12_OT Data leakage prevention \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.12_OT%20Data%20leakage%20prevention.md) [[ISO_27002_2022_8.12_PE Data leakage prevention \|Plain English]] ISO 27002:2013: n/a diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.13_MoC Information backup.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.13_MoC Information backup.md index 6e9ee86..9ed68a8 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.13_MoC Information backup.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.13_MoC Information backup.md @@ -1,4 +1,4 @@ -[[ISO_27002_2022_8.13_OT Information backup \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.13_OT%20Information%20backup.md) ย  [[ISO_27002_2022_8.13_PE Information backup \|Plain English]] ISO 27002:2013: 12.3.1 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.14_MoC Redundancy of information processing facilities.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.14_MoC Redundancy of information processing facilities.md index ecce640..8654a26 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.14_MoC Redundancy of information processing facilities.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.14_MoC Redundancy of information processing facilities.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_8.14_OT Redundancy of information processing facilities \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.14_OT%20Redundancy%20of%20information%20processing%20facilities.md) [[ISO_27002_2022_8.14_PE Redundancy of information processing facilities \|Plain English]] ISO 27002:2013: 17.2.1 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.15_MoC Logging.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.15_MoC Logging.md index eaa0bf5..a9573e2 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.15_MoC Logging.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.15_MoC Logging.md @@ -1,7 +1,7 @@ -[[ISO_27002_2022_8.15_OT Logging\|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.15_OT%20Logging.md) [[ISO_27002_2022_8.15_PE Logging\|Plain English]] ISO 27002:2013: -- [[ISO 27001 A 12.4.1 Event logging\|12.4.1]] -- [[ISO 27001 A 12.4.2 Protection of log information\|12.4.2]] -- [[ISO 27001 A 12.4.3 Administrator and operator logs\|12.4.3]] \ No newline at end of file +- [12.4.1](../../../../๐Ÿ‘ฉ๐Ÿผโ€โš–๏ธ%20Standards%20and%20Regulations/ISO%2027K/ISO%2027001%202013/ISO%2027001%20A%2012.4.1%20Event%20logging.md) +- [12.4.2](../../../../๐Ÿ‘ฉ๐Ÿผโ€โš–๏ธ%20Standards%20and%20Regulations/ISO%2027K/ISO%2027001%202013/ISO%2027001%20A%2012.4.2%20Protection%20of%20log%20information.md) +- [12.4.3](../../../../๐Ÿ‘ฉ๐Ÿผโ€โš–๏ธ%20Standards%20and%20Regulations/ISO%2027K/ISO%2027001%202013/ISO%2027001%20A%2012.4.3%20Administrator%20and%20operator%20logs.md) \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.16_MoC Monitoring activities.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.16_MoC Monitoring activities.md index b5e4a1c..3930355 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.16_MoC Monitoring activities.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.16_MoC Monitoring activities.md @@ -1,4 +1,4 @@ -[[ISO_27002_2022_8.16_OT Monitoring activities \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.16_OT%20Monitoring%20activities.md) ย  [[ISO_27002_2022_8.16_PE Monitoring activities \|Plain English]] ISO 27002:2013: n/a diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.17_MoC Clock synchronization.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.17_MoC Clock synchronization.md index 5e3369b..78f83a5 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.17_MoC Clock synchronization.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.17_MoC Clock synchronization.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_8.17_OT Clock synchronization \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.17_OT%20Clock%20synchronization.md) [[ISO_27002_2022_8.17_PE Clock synchronization \|Plain English]] ISO 27002:2013: 12.4.4 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.18_MoC Use of privileged utility programs.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.18_MoC Use of privileged utility programs.md index 1d82c47..574a0b6 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.18_MoC Use of privileged utility programs.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.18_MoC Use of privileged utility programs.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_8.18_OT Use of privileged utility programs \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.18_OT%20Use%20of%20privileged%20utility%20programs.md) [[ISO_27002_2022_8.18_PE Use of privileged utility programs \|Plain English]] ISO 27002:2013: 09.4.4 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.19_MoC Installation of software on operational systems.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.19_MoC Installation of software on operational systems.md index 5468c12..5946fcc 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.19_MoC Installation of software on operational systems.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.19_MoC Installation of software on operational systems.md @@ -1,4 +1,4 @@ -[[ISO_27002_2022_8.19_OT Installation of software on operational systems \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.19_OT%20Installation%20of%20software%20on%20operational%20systems.md) ย  [[ISO_27002_2022_8.19_PE Installation of software on operational systems \|Plain English]] ISO 27002:2013: 12.5.1, 12.6.2 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.1_MoC User endpoint devices.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.1_MoC User endpoint devices.md index 64e3989..faaab87 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.1_MoC User endpoint devices.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.1_MoC User endpoint devices.md @@ -1,4 +1,4 @@ -[[ISO_27002_2022_8.1_OT User endpoint devices \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.1_OT%20User%20endpoint%20devices.md) ย  [[ISO_27002_2022_8.1_PE User endpoint devices \|Plain English]] ISO 27002:2013: 06.2.1, 11.2.8 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.20_MoC Networks security.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.20_MoC Networks security.md index 3842792..467d5d4 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.20_MoC Networks security.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.20_MoC Networks security.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_8.20_OT Networks security \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.20_OT%20Networks%20security.md) [[ISO_27002_2022_8.20_PE Networks security \|Plain English]] ISO 27002:2013: 13.1.1 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.21_MoC Security of network services.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.21_MoC Security of network services.md index 2c10082..f29a0c0 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.21_MoC Security of network services.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.21_MoC Security of network services.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_8.21_OT Security of network services \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.21_OT%20Security%20of%20network%20services.md) [[ISO_27002_2022_8.21_PE Security of network services \|Plain English]] ISO 27002:2013: 13.1.2 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.22_MoC Segregation of networks.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.22_MoC Segregation of networks.md index a186f22..174339a 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.22_MoC Segregation of networks.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.22_MoC Segregation of networks.md @@ -1,4 +1,4 @@ -[[ISO_27002_2022_8.22_OT Segregation of networks \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.22_OT%20Segregation%20of%20networks.md) ย  [[ISO_27002_2022_8.22_PE Segregation of networks \|Plain English]] ISO 27002:2013: 13.1.3 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.23_MoC Web filtering.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.23_MoC Web filtering.md index ac05bbc..5168fee 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.23_MoC Web filtering.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.23_MoC Web filtering.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_8.23_OT Web filtering \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.23_OT%20Web%20filtering.md) [[ISO_27002_2022_8.23_PE Web filtering \|Plain English]] ISO 27002:2013: n/a diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.24_MoC Use of cryptography.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.24_MoC Use of cryptography.md index 0679c42..806d30a 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.24_MoC Use of cryptography.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.24_MoC Use of cryptography.md @@ -1,7 +1,7 @@ -[[ISO_27002_2022_8.24_OT Use of cryptography \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.24_OT%20Use%20of%20cryptography.md) ย  [[ISO_27002_2022_8.24_PE Use of cryptography \|Plain English]] ISO 27002:2013: 10.1.1, 10.1.2 -[[ISO_27002_2022_NL_8.24_BT Gebruik van cryptografie \|Brontekst]] -[[ISO_27002_2022_NL_8.24_NN Gebruik van cryptografie \|Normaal Nederlands]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_8.24_BT%20Gebruik%20van%20cryptografie.md) +[Normaal Nederlands](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_8.24_NN%20Gebruik%20van%20cryptografie.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.25_MoC Secure development life cycle.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.25_MoC Secure development life cycle.md index 8d5227f..194ea82 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.25_MoC Secure development life cycle.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.25_MoC Secure development life cycle.md @@ -1,5 +1,5 @@ -[[ISO_27002_2022_8.25_OT Secure development life cycle \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.25_OT%20Secure%20development%20life%20cycle.md) [[ISO_27002_2022_8.25_PE Secure development life cycle \|Plain English]] ISO 27002:2013: 14.2.1 -![[ci-cd-pipeline-security-best-practices.pdf]] \ No newline at end of file +![](../../../../iso27DIY-gis/reference/Examples/ci-cd-pipeline-security-best-practices.pdf) \ No newline at end of file diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.26_MoC Application security requirements.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.26_MoC Application security requirements.md index 3553dbd..3cb0ce4 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.26_MoC Application security requirements.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.26_MoC Application security requirements.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_8.26_OT Application security requirements \|Original Text]] -[[ISO_27002_2022_8.26_PE Application security requirements \|Plain English]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.26_OT%20Application%20security%20requirements.md) +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_8.26_PE%20Application%20security%20requirements.md) ISO 27002:2013: 14.1.2, 14.1.3 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.27_MoC Secure system architecture and engineering principles.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.27_MoC Secure system architecture and engineering principles.md index 23f5c5b..f877626 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.27_MoC Secure system architecture and engineering principles.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.27_MoC Secure system architecture and engineering principles.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_8.27_OT Secure system architecture and engineering principles \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.27_OT%20Secure%20system%20architecture%20and%20engineering%20principles.md) [[ISO_27002_2022_8.27_PE Secure system architecture and engineering principles \|Plain English]] ISO 27002:2013: 14.2.5 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.28_MoC Secure coding.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.28_MoC Secure coding.md index d90f16f..a75f8e9 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.28_MoC Secure coding.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.28_MoC Secure coding.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_8.28_OT Secure coding \|Original Text]] -[[ISO_27002_2022_8.28_PE Secure coding \|Plain English]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.28_OT%20Secure%20coding.md) +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_8.28_PE%20Secure%20coding.md) ISO 27002:2013: n/a diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.29_MoC Security testing in development and acceptance.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.29_MoC Security testing in development and acceptance.md index f9e2261..00e75c5 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.29_MoC Security testing in development and acceptance.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.29_MoC Security testing in development and acceptance.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_8.29_OT Security testing in development and acceptance \|Original Text]] -[[ISO_27002_2022_8.29_PE Security testing in development and acceptance \|Plain English]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.29_OT%20Security%20testing%20in%20development%20and%20acceptance.md) +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_8.29_PE%20Security%20testing%20in%20development%20and%20acceptance.md) ISO 27002:2013: 14.2.8, 14.2.9 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.2_MoC Privileged access rights.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.2_MoC Privileged access rights.md index 49edac6..4db7bc8 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.2_MoC Privileged access rights.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.2_MoC Privileged access rights.md @@ -2,7 +2,7 @@ Managing privileged access rights. -[[ISO_27002_2022_8.2_OT Privileged access rights \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.2_OT%20Privileged%20access%20rights.md) [[ISO_27002_2022_8.2_PE Privileged access rights \|Plain English]] ISO 27002:2013: 09.2.3 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.30_MoC Outsourced development.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.30_MoC Outsourced development.md index c790721..342c427 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.30_MoC Outsourced development.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.30_MoC Outsourced development.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_8.30_OT Outsourced development \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.30_OT%20Outsourced%20development.md) [[ISO_27002_2022_8.30_PE Outsourced development \|Plain English]] ISO 27002:2013: 14.2.7 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.31_MoC Separation of development, test and production environments.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.31_MoC Separation of development, test and production environments.md index f9d968c..a832535 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.31_MoC Separation of development, test and production environments.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.31_MoC Separation of development, test and production environments.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_8.31_OT Separation of development, test and production environments \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.31_OT%20Separation%20of%20development,%20test%20and%20production%20environments.md) [[ISO_27002_2022_8.31_PE Separation of development, test and production environments \|Plain English]] ISO 27002:2013: 12.1.4, 14.2.6 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.32_MoC Change management.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.32_MoC Change management.md index 699d21c..7468d16 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.32_MoC Change management.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.32_MoC Change management.md @@ -1,5 +1,5 @@ -[[ISO_27002_2022_8.32_OT Change management \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.32_OT%20Change%20management.md) [[ISO_27002_2022_8.32_PE Change management \|Plain English]] ISO 27002:2013: 12.1.2, 14.2.2, 14.2.3, 14.2.4 -[[ISO_27002_2022_NL_8.32_BT Wijzigingsbeheer \|Brontekst]] +[Brontekst](../ISO-27002-OST/ISO27002-NL-2022/ISO_27002_2022_NL_8.32_BT%20Wijzigingsbeheer.md) diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.33_MoC Test information.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.33_MoC Test information.md index 696b093..ddc83dd 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.33_MoC Test information.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.33_MoC Test information.md @@ -1,5 +1,5 @@ # About Control 8.33: Test information -[[ISO_27002_2022_8.33_OT Test information \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.33_OT%20Test%20information.md) [[ISO_27002_2022_8.33_PE Test information \|Plain English]] ISO 27002:2013: 14.3.1 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.34_MoC Protection of information systems during audit testing.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.34_MoC Protection of information systems during audit testing.md index b32e3a0..57f67a6 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.34_MoC Protection of information systems during audit testing.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.34_MoC Protection of information systems during audit testing.md @@ -1,6 +1,6 @@ # About control 8.34: Protection of information systems during audit testing -[[ISO_27002_2022_8.34_OT Protection of information systems during audit testing|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.34_OT%20Protection%20of%20information%20systems%20during%20audit%20testing.md) Plain English ISO 27002:2013: 12.7.1 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.34_MoC.md.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.34_MoC.md.md index dccb835..2aa5d82 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.34_MoC.md.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.34_MoC.md.md @@ -1,3 +1,3 @@ -[[ISO_27002_2022_8.34_OT Protection of information systems during audit testing \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.34_OT%20Protection%20of%20information%20systems%20during%20audit%20testing.md) [[ISO_27002_2022_8.34_PE Protection of information systems during audit testing \|Plain English]] ISO 27002:2013: 12.7.1 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.3_MoC Information access restriction.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.3_MoC Information access restriction.md index ffb223e..abf3a41 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.3_MoC Information access restriction.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.3_MoC Information access restriction.md @@ -2,9 +2,9 @@ Restricting access to information assets in line with the access control policy. -Control 8.3 operationalizes the foundational rules set in [[ISO_27002_2022_5.15_OT Access control|A5.15]] by implementing detailed technical measures. +Control 8.3 operationalizes the foundational rules set in [A5.15](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_5.15_OT%20Access%20control.md) by implementing detailed technical measures. -[[ISO_27002_2022_8.3_OT Information access restriction|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.3_OT%20Information%20access%20restriction.md) [[ISO_27002_2022_8.3_PE Title \|Plain English]] ISO 27002:2013: 09.4.1 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.5_MoC Secure authentication.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.5_MoC Secure authentication.md index 5b5bf78..d7911c0 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.5_MoC Secure authentication.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.5_MoC Secure authentication.md @@ -1,6 +1,6 @@ # About Control 8.5: Secure authentication -[[ISO_27002_2022_8.5_OT Secure authentication \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.5_OT%20Secure%20authentication.md) [[ISO_27002_2022_8.5_PE Secure authentication \|Plain English]] ISO 27002:2013: 09.4.2 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.6_MoC Capacity management.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.6_MoC Capacity management.md index 439cad3..b4cc82f 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.6_MoC Capacity management.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.6_MoC Capacity management.md @@ -1,5 +1,5 @@ -[[ISO_27002_2022_8.6_OT Capacity management\|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.6_OT%20Capacity%20management.md) [[ISO_27002_2022_8.6_PE Title \|Plain English]] ISO 27002:2013: 12.1.3 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.7_MoC Protection against malware.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.7_MoC Protection against malware.md index 6ba2c58..9df0717 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.7_MoC Protection against malware.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.7_MoC Protection against malware.md @@ -1,4 +1,4 @@ -[[ISO_27002_2022_8.7_OT Protection against malware \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.7_OT%20Protection%20against%20malware.md) ย  [[ISO_27002_2022_8.7_PE Protection against malware \|Plain English]] ISO 27002:2013: 12.2.1 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.8_MoC Management of technical vulnerabilities.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.8_MoC Management of technical vulnerabilities.md index a682758..4a7f225 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.8_MoC Management of technical vulnerabilities.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.8_MoC Management of technical vulnerabilities.md @@ -1,8 +1,8 @@ # About Control 8.8: Management of technical vulnerabilities -[[ISO_27002_2022_8.8_OT Management of technical vulnerabilities \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.8_OT%20Management%20of%20technical%20vulnerabilities.md) ย  -[[ISO_27002_2022_8.8_PE Management of technical vulnerabilities \|Plain English]] +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_8.8_PE%20Management%20of%20technical%20vulnerabilities.md) ISO 27002:2013: 12.6.1, 18.2.3 diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_8.9_MoC Configuration management.md b/Corpus/Standards/MoCs/ISO_27002_2022_8.9_MoC Configuration management.md index 83a5da3..c0c9159 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_8.9_MoC Configuration management.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_8.9_MoC Configuration management.md @@ -1,6 +1,6 @@ -[[ISO_27002_2022_8.9_OT Configuration management \|Original Text]] +[Original Text](../ISO-27002-OST/ISO27002-EN-2022/ISO_27002_2022_8.9_OT%20Configuration%20management.md) ย  -[[ISO_27002_2022_8.9_PE Configuration management \|Plain English]] +[Plain English](../../../../iso27DIY-gis/reference/Paraphrased/ISO27002-2022-EN/ISO_27002_2022_8.9_PE%20Configuration%20management.md) ISO 27002:2013: n/a diff --git a/Corpus/Standards/MoCs/ISO_27002_2022_Index_DEPRECIATED.md b/Corpus/Standards/MoCs/ISO_27002_2022_Index_DEPRECIATED.md index 57037a5..3bc56fb 100644 --- a/Corpus/Standards/MoCs/ISO_27002_2022_Index_DEPRECIATED.md +++ b/Corpus/Standards/MoCs/ISO_27002_2022_Index_DEPRECIATED.md @@ -1,5 +1,5 @@ #iso27002/2022/EN -**DEPRECIATED โ€“ now [[ISO_27001_2022_00_MoC Index EXT]]** +**DEPRECIATED โ€“ now [ISO_27001_2022_00_MoC Index EXT](ISO_27001_2022_00_MoC%20Index%20EXT.md)** 2022 ID | Control title | Original | Plain English ------- | ------------- | -------- | ------------- diff --git a/Drafts and Ideas/Context, Strategy, and Leadership/Sources for the Context sessions.md b/Drafts and Ideas/Context, Strategy, and Leadership/Sources for the Context sessions.md index c92a656..837f65f 100644 --- a/Drafts and Ideas/Context, Strategy, and Leadership/Sources for the Context sessions.md +++ b/Drafts and Ideas/Context, Strategy, and Leadership/Sources for the Context sessions.md @@ -2,23 +2,23 @@ ## PECB Lead Auditor Training -[[PECB 27001 LA S05 E01a - Context of the organization]] +[PECB 27001 LA S05 E01a - Context of the organization](../../../๐Ÿ‘ฉ๐Ÿผโ€โš–๏ธ%20Standards%20and%20Regulations/ISO%2027K/PECB%20Lead%20Auditor%20Training%2027001/PECB%2027001%20LA%20S05%20E01a%20-%20Context%20of%20the%20organization.md) ## Sparks -[[The ISMS in its context]] -[[Context analysis]] +[The ISMS in its context](The%20ISMS%20in%20its%20context.md) +[Context analysis](../../../๐Ÿ“š๏ธ%20Literature%20notes/Context%20analysis.md) ## Mark I content -[[ISO27DIY Video A.4 Context and Scope - Internal issues]] +[ISO27DIY Video A.4 Context and Scope - Internal issues](../../../๐Ÿงฑ%20Projects/iso27DIY%20mk%20I/ISO27DIY%20Video%20A.4%20Context%20and%20Scope%20-%20Internal%20issues.md) -[[ISO27DIY Video A.2 Context and Scope - Stakeholders]] -[[ISO27DIY Video A.3 Context and Scope - Regulations and Contracts]] +[ISO27DIY Video A.2 Context and Scope - Stakeholders](../../../๐Ÿงฑ%20Projects/iso27DIY%20mk%20I/ISO27DIY%20Video%20A.2%20Context%20and%20Scope%20-%20Stakeholders.md) +[ISO27DIY Video A.3 Context and Scope - Regulations and Contracts](../../../๐Ÿงฑ%20Projects/iso27DIY%20mk%20I/ISO27DIY%20Video%20A.3%20Context%20and%20Scope%20-%20Regulations%20and%20Contracts.md) ## Standard -[[ISO_27001_2022_4.1_MoC Understanding the organization and its context]] -[[ISO_27001_2022_4.2_MoC Understanding the needs and expectations of interested parties]] -[[ISO_27001_2022_4.3_MoC Determining the scope of the information security management system]] -[[ISO_27001_2022_4.4_MoC Information security management system]] +[ISO_27001_2022_4.1_MoC Understanding the organization and its context](../../Corpus/Standards/MoCs/ISO_27001_2022_4.1_MoC%20Understanding%20the%20organization%20and%20its%20context.md) +[ISO_27001_2022_4.2_MoC Understanding the needs and expectations of interested parties](../../Corpus/Standards/MoCs/ISO_27001_2022_4.2_MoC%20Understanding%20the%20needs%20and%20expectations%20of%20interested%20parties.md) +[ISO_27001_2022_4.3_MoC Determining the scope of the information security management system](../../Corpus/Standards/MoCs/ISO_27001_2022_4.3_MoC%20Determining%20the%20scope%20of%20the%20information%20security%20management%20system.md) +[ISO_27001_2022_4.4_MoC Information security management system](../../Corpus/Standards/MoCs/ISO_27001_2022_4.4_MoC%20Information%20security%20management%20system.md) ## From the 'canvas' @@ -27,12 +27,12 @@ Functiehuis (4.1) Organogram (4.1) Bedrijfsprocessen (4.1) SWOT (4.1) -- [[SWOT Analyses template]] +- [SWOT Analyses template](../../../๐ŸŽ‡%20Sparks/SWOT%20Analyses%20template.md) DESTEP (4.2) Stakeholder analyse (4.2) Wet- en regelgeving (4.2, A5.31-A5.34) ## Further research - [ ] Assets? -- [ ] Impactbepaling uit [[Dataclassificatie Humankind]] +- [ ] Impactbepaling uit [Dataclassificatie Humankind](../../../๐Ÿญ%20Clients/Humankind/Dataclassificatie%20Humankind.md) diff --git a/Drafts and Ideas/ISMS/About the Statement of Applicability.md b/Drafts and Ideas/ISMS/About the Statement of Applicability.md index 5d24d9d..55948ae 100644 --- a/Drafts and Ideas/ISMS/About the Statement of Applicability.md +++ b/Drafts and Ideas/ISMS/About the Statement of Applicability.md @@ -5,9 +5,9 @@ tags: --- ## About the Statement of Applicability -In essence, the Statement of Applicability shows the outcome of the risk treatment process ([[ISO_27001_2022_6.1.3_MoC Information security risk treatment|6.1.3a]]). It is usually presented as a table of Annex A controls, together with a short explanation for the selection *or* exclusion of each, and its implementation status. +In essence, the Statement of Applicability shows the outcome of the risk treatment process ([6.1.3a](../../Corpus/Standards/MoCs/ISO_27001_2022_6.1.3_MoC%20Information%20security%20risk%20treatment.md)). It is usually presented as a table of Annex A controls, together with a short explanation for the selection *or* exclusion of each, and its implementation status. -This follows directly from [[ISO_27001_2022_6.1.3_MoC Information security risk treatment|Clause 6.1.3d]], that demands that the Statement of Applicability contains: +This follows directly from [Clause 6.1.3d](../../Corpus/Standards/MoCs/ISO_27001_2022_6.1.3_MoC%20Information%20security%20risk%20treatment.md), that demands that the Statement of Applicability contains: * the controls that are **necessary** to implement the chosen risk treatments, including the rationale for their selection * the **status** of their implementation *("whether the necessary controls are implemented or not")* * the reason for exclusion of any and all other controls from Annex A. diff --git a/Server@Hostinger/VPS stack.md b/Server@Hostinger/VPS stack.md index 2821166..bf762a9 100644 --- a/Server@Hostinger/VPS stack.md +++ b/Server@Hostinger/VPS stack.md @@ -15,4 +15,4 @@ per 11 April 2026 --- -[[VPS security]] \ No newline at end of file +[VPS security](VPS%20security.md) \ No newline at end of file diff --git a/iso27DIY-MoC.md b/iso27DIY-MoC.md index 94c75e5..7d01a10 100644 --- a/iso27DIY-MoC.md +++ b/iso27DIY-MoC.md @@ -4,60 +4,60 @@ tags: - type/MoC --- ## Marketing source material -[[ISO27DIY Solution and Components]] -[[Value Proposition Canvas for iso27DIY]] -[[Brand Values]] -[[FUD with Certification]] -[[PRD Product Requirements Document for iso27DYI]] +[ISO27DIY Solution and Components](marketing/campaigns/ISO27DIY%20Solution%20and%20Components.md) +[Value Proposition Canvas for iso27DIY](About/Value%20Proposition%20Canvas%20for%20iso27DIY.md) +[Brand Values](marketing/campaigns/Brand%20Values.md) +[FUD with Certification](marketing/campaigns/FUD%20with%20Certification.md) +[PRD Product Requirements Document for iso27DYI](AuditGlue/PRD%20Product%20Requirements%20Document%20for%20iso27DYI.md) -[[iso27DIY Functional Diagram.canvas|iso27DIY Functional Diagram]] -[[iso27DIY content modules.canvas|iso27DIY content modules]] +[iso27DIY Functional Diagram](AuditGlue/System%20alternative/iso27DIY%20Functional%20Diagram.canvas) +[iso27DIY content modules](iso27DIY%20content%20modules.canvas) ## Marketing -[[The Psychology Behind SaaS Pricing|Pricing]] +[Pricing](../๐ŸŽ‡%20Sparks/The%20Psychology%20Behind%20SaaS%20Pricing.md) [[Pricing Tiers for iso27DIY|Tiers]] [[SEO guide for Carrd|Website SEO]] -[[Idea Validation]] +[Idea Validation](../๐ŸŽ‡%20Sparks/Idea%20Validation.md) ## Method -[[Samenhang tussen producten]] -[[ISO 27001 2023 Processen en Artefacten]] -[[Advised Documents for ISO 27001]] -[[Examples of Proof for auditors]] -[[About ISO27DIY Policy Cards]] +[Samenhang tussen producten](../๐ŸŽ‡%20Sparks/Samenhang%20tussen%20producten.md) +[ISO 27001 2023 Processen en Artefacten](Corpus/Standards/ISO-27001-OST/ISO27001-NL-2023/ISO%2027001%202023%20Processen%20en%20Artefacten.md) +[Advised Documents for ISO 27001](../iso27DIY-gis/reference/Advised%20Documents%20for%20ISO%2027001.md) +[Examples of Proof for auditors](../๐ŸŽ‡%20Sparks/Examples%20of%20Proof%20for%20auditors.md) +[About ISO27DIY Policy Cards](../๐Ÿ’กPermanent%20ideas/About%20ISO27DIY%20Policy%20Cards.md) ## Design [[ISO27DIY als LMS]] -[[iso27DIY content modules.canvas|Modules Canvas]] -[[About the flow]] -[[iso27DIY UI ideas|UI ideas]] +[Modules Canvas](iso27DIY%20content%20modules.canvas) +[About the flow](Drafts%20and%20Ideas/About/About%20the%20flow.md) +[UI ideas](AuditGlue/System%20alternative/iso27DIY%20UI%20ideas.md) ### Agents -[[Create a proactive conversational agent]] -[[Create an interview agent]] - [[Agent Design Intent Card]] -[[Create a threat analysis chatbot]] -[[Instruct an LLM on available tools]] -[[LLM Prompt types]] +[Create a proactive conversational agent](../๐ŸŽ‡%20Sparks/Create%20a%20proactive%20conversational%20agent.md) +[Create an interview agent](../๐ŸŽ‡%20Sparks/Create%20an%20interview%20agent.md) + [Agent Design Intent Card](AuditGlue/System%20alternative/Agent%20Design%20Intent%20Card.md) +[Create a threat analysis chatbot](Drafts%20and%20Ideas/Controls/Create%20a%20threat%20analysis%20chatbot.md) +[Instruct an LLM on available tools](../๐ŸŽ‡%20Sparks/Instruct%20an%20LLM%20on%20available%20tools.md) +[LLM Prompt types](../๐ŸŽ‡%20Sparks/LLM%20Prompt%20types.md) ## Content -[[ISO27DIY Videos list]] +[ISO27DIY Videos list](../๐Ÿงฑ%20Projects/iso27DIY%20mk%20I/ISO27DIY%20Videos%20list.md) ## Platform -[[Ontwikkelplan]] -[[Design Document for ISO 27001 Certification Support Online Service]] +[Ontwikkelplan](../๐ŸŽ‡%20Sparks/Ontwikkelplan.md) +[Design Document for ISO 27001 Certification Support Online Service](../๐ŸŽ‡%20Sparks/Design%20Document%20for%20ISO%2027001%20Certification%20Support%20Online%20Service.md) [[iso27DIY Customer Journey]] -[[Personae and Roles]] -[[TypeDB structure for ISO27DIY]] -[[Client segregation]] -[[Building functionality in Supabase]] -[[SupaBase edge functions portability]] -[[Connect LLM to Supabase to create content]] -[[Deciding which functionality goes where]] -[[iso27DYI architecture with LLM]] -[[iso27DIY stack deployment]] -[[SurveyJS]] -[[weweb_security_checklist|WeWeb Security Pre-Launch Checklist]] +[Personae and Roles](../๐ŸŽ‡%20Sparks/Personae%20and%20Roles.md) +[TypeDB structure for ISO27DIY](../๐ŸŽ‡%20Sparks/TypeDB%20structure%20for%20ISO27DIY.md) +[Client segregation](../๐ŸŽ‡%20Sparks/Client%20segregation.md) +[Building functionality in Supabase](../๐ŸŽ‡%20Sparks/Building%20functionality%20in%20Supabase.md) +[SupaBase edge functions portability](../๐ŸŽ‡%20Sparks/SupaBase%20edge%20functions%20portability.md) +[Connect LLM to Supabase to create content](../๐ŸŽ‡%20Sparks/Connect%20LLM%20to%20Supabase%20to%20create%20content.md) +[Deciding which functionality goes where](../๐ŸŽ‡%20Sparks/Deciding%20which%20functionality%20goes%20where.md) +[iso27DYI architecture with LLM](AuditGlue/System%20alternative/iso27DYI%20architecture%20with%20LLM.md) +[iso27DIY stack deployment](AuditGlue/System%20alternative/iso27DIY%20stack%20deployment.md) +[SurveyJS](../๐ŸŽ‡%20Sparks/SurveyJS.md) +[WeWeb Security Pre-Launch Checklist](../๐ŸŽ‡%20Sparks/weweb_security_checklist.md) diff --git a/marketing/automation/UTM coding scheme.md b/marketing/automation/UTM coding scheme.md index 47e3498..ed6deb1 100644 --- a/marketing/automation/UTM coding scheme.md +++ b/marketing/automation/UTM coding scheme.md @@ -62,4 +62,4 @@ https://iso27diy.com/tools?utm_source=newsletter&utm_medium=article&utm_campaign ## UTM overzicht -![[utm-tracker.xlsx]] +![](../../../๐Ÿ“Ž%20Attachments/utm-tracker.xlsx)