From c4e0d21aaf2186cebf08c4a7b0dc9926d3652d9c Mon Sep 17 00:00:00 2001 From: Richard Kranendonk Date: Sat, 2 May 2026 13:23:39 +0200 Subject: [PATCH] Added front matter to 27001 EN --- .../Standards/ISO27x/OST/27001/EN/add_yaml.py | 54 +++++++++++ .../ISO27x/OST/27001/EN/c-0-Introduction.md | 16 +++- .../ISO27x/OST/27001/EN/c-1-Scope.md | 12 +++ .../ISO27x/OST/27001/EN/c-10-Improvement.md | 13 +++ .../27001/EN/c-10.1-Continual-improvement.md | 15 +++- ...0.2-Nonconformity-and-corrective-action.md | 13 ++- .../OST/27001/EN/c-2-Normative-references.md | 14 ++- .../OST/27001/EN/c-3-Terms-and-definitions.md | 14 ++- .../EN/c-4-Context-of-the-organization.md | 13 +++ ...anding-the-organization-and-its-context.md | 14 ++- ...-and-expectations-of-interested-parties.md | 15 +++- ...-information-security-management-system.md | 15 +++- ...-Information-security-management-system.md | 15 +++- .../ISO27x/OST/27001/EN/c-5-Leadership.md | 13 +++ .../EN/c-5.1-Leadership-and-commitment.md | 15 +++- .../ISO27x/OST/27001/EN/c-5.2-Policy.md | 13 +++ ...-roles-responsibilities-and-authorities.md | 15 +++- .../ISO27x/OST/27001/EN/c-6-Planning.md | 13 +++ .../ISO27x/OST/27001/EN/c-6.1.1-General.md | 12 +++ ....2-Information-security-risk-assessment.md | 12 +++ ...1.3-Information-security-risk-treatment.md | 12 +++ ...objectives-and-planning-to-achieve-them.md | 15 +++- .../OST/27001/EN/c-6.3-Planning-of-changes.md | 15 +++- .../ISO27x/OST/27001/EN/c-7-Support.md | 13 +++ .../ISO27x/OST/27001/EN/c-7.1-Resources.md | 13 +++ .../ISO27x/OST/27001/EN/c-7.2-Competence.md | 12 +++ .../ISO27x/OST/27001/EN/c-7.3-Awareness.md | 12 +++ .../OST/27001/EN/c-7.4-Communication.md | 12 +++ .../27001/EN/c-7.5-Documented-information.md | 15 +++- .../ISO27x/OST/27001/EN/c-8-Operation.md | 13 +++ .../c-8.1-Operational-planning-and-control.md | 15 +++- ....2-Information-security-risk-assessment.md | 15 +++- ...8.3-Information-security-risk-treatment.md | 12 ++- .../27001/EN/c-9-Performance-evaluation.md | 13 +++ ...ing-measurement-analysis-and-evaluation.md | 13 +++ .../OST/27001/EN/c-9.2-Internal-audit.md | 14 ++- .../OST/27001/EN/c-9.3-Management-review.md | 14 ++- .../ISO27x/OST/27001/EN/rename-iso-title.zsh | 90 ------------------- .../ISO27x/OST/27001/EN/rename-iso.zsh | 50 ----------- 39 files changed, 523 insertions(+), 161 deletions(-) create mode 100644 Corpus/Standards/ISO27x/OST/27001/EN/add_yaml.py create mode 100644 Corpus/Standards/ISO27x/OST/27001/EN/c-10-Improvement.md create mode 100644 Corpus/Standards/ISO27x/OST/27001/EN/c-4-Context-of-the-organization.md create mode 100644 Corpus/Standards/ISO27x/OST/27001/EN/c-5-Leadership.md create mode 100644 Corpus/Standards/ISO27x/OST/27001/EN/c-6-Planning.md create mode 100644 Corpus/Standards/ISO27x/OST/27001/EN/c-7-Support.md create mode 100644 Corpus/Standards/ISO27x/OST/27001/EN/c-8-Operation.md create mode 100644 Corpus/Standards/ISO27x/OST/27001/EN/c-9-Performance-evaluation.md delete mode 100755 Corpus/Standards/ISO27x/OST/27001/EN/rename-iso-title.zsh delete mode 100755 Corpus/Standards/ISO27x/OST/27001/EN/rename-iso.zsh diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/add_yaml.py b/Corpus/Standards/ISO27x/OST/27001/EN/add_yaml.py new file mode 100644 index 0000000..7623607 --- /dev/null +++ b/Corpus/Standards/ISO27x/OST/27001/EN/add_yaml.py @@ -0,0 +1,54 @@ +#!/usr/bin/env python3 +import os +import re + +directory = '/Users/rico/src/iso27diy-corp/Corpus/Standards/ISO27x/OST/27001/EN/' + +for filename in os.listdir(directory): + if filename.endswith('.md'): + filepath = os.path.join(directory, filename) + with open(filepath, 'r') as f: + lines = f.readlines() + if lines and lines[0].strip() == '---': + continue # Already has YAML + # Extract id and title from filename + match = re.match(r'c-([0-9.]+)-(.+)\.md', filename) + if match: + num = match.group(1) + title_part = match.group(2) + id_val = f'C.{num}' + title = title_part.replace('-', ' ') + elif filename == 'c-0-Introduction.md': + id_val = 'C.0' + title = 'Introduction' + elif filename == 'ISO_27001_OT F Foreword.md': + id_val = 'Foreword' + title = 'Foreword' + else: + # For other files like c-2-Normative-references.md + match = re.match(r'c-([0-9]+)-(.+)\.md', filename) + if match: + num = match.group(1) + title_part = match.group(2) + id_val = f'C.{num}' + title = title_part.replace('-', ' ') + else: + continue # Skip if not matching + + yaml = f'''--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "{id_val}" +title: "{title}" +tags: +- iso27001/2022/EN +status: active +--- +''' + with open(filepath, 'w') as f: + f.write(yaml + ''.join(lines)) + +print("YAML front matter added to files that didn't have it.") \ No newline at end of file diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-0-Introduction.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-0-Introduction.md index 866828b..a59f3e0 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-0-Introduction.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-0-Introduction.md @@ -1,6 +1,18 @@ +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.0" +title: "Introduction" +tags: +- iso27001/2022/EN +status: active +--- ## 0 Introduction -## 0.1 General +### 0.1 General This document has been prepared to provide requirements for establishing, implementing, maintaining and continually improving an information security management system. The adoption of an information security management system is a strategic decision for an organization. The establishment and implementation of an organization's information security management system is influenced by the organization's needs and objectives, security requirements, the organizational processes used and the size and structure of the organization. All of these influencing factors are expected to change over time. @@ -14,7 +26,7 @@ The order in which requirements are presented in this document does not reflect ISO/IEC 27000 describes the overview and the vocabulary of information security management systems, referencing the information security management system family of standards (including ISO/IEC 27003, ISO/IEC 27004 and ISO/IEC 27005), with related terms and definitions. -## 0.2 Compatibility with other management system standards +### 0.2 Compatibility with other management system standards This document applies the high-level structure, identical sub-clause titles, identical text, common terms, and core definitions defined in Annex SL of ISO/IEC Directives, Part 1, Consolidated ISO Supplement, and therefore maintains compatibility with other management system standards that have adopted the Annex SL. diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-1-Scope.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-1-Scope.md index 99edd24..8bf21d8 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-1-Scope.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-1-Scope.md @@ -1,3 +1,15 @@ +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.1" +title: "Scope" +tags: +- iso27001/2022/EN +status: active +--- ## 1 Scope This document specifies the requirements for establishing, implementing, maintaining and continually improving an information diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-10-Improvement.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-10-Improvement.md new file mode 100644 index 0000000..a7791fe --- /dev/null +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-10-Improvement.md @@ -0,0 +1,13 @@ +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.10" +title: "Improvement" +tags: +- iso27001/2022/EN +status: active +--- +# 10 Improvement \ No newline at end of file diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-10.1-Continual-improvement.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-10.1-Continual-improvement.md index ae216d5..780ac81 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-10.1-Continual-improvement.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-10.1-Continual-improvement.md @@ -1,2 +1,15 @@ -## 10.1-Continual improvement +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.10.1" +title: "Continual improvement" +tags: +- iso27001/2022/EN +status: active +--- +## 10.1 Continual improvement + The organization shall continually improve the suitability, adequacy and effectiveness of the information security management system. \ No newline at end of file diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-10.2-Nonconformity-and-corrective-action.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-10.2-Nonconformity-and-corrective-action.md index a29870c..84536f7 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-10.2-Nonconformity-and-corrective-action.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-10.2-Nonconformity-and-corrective-action.md @@ -1,4 +1,15 @@ -## 10.2-Nonconformity-and-corrective action +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.10.2" +title: "Nonconformity and corrective action" +tags: +- iso27001/2022/EN +status: active +--- ## 10.2 Nonconformity and corrective action When a nonconformity occurs, the organization shall: diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-2-Normative-references.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-2-Normative-references.md index b5ae845..139e126 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-2-Normative-references.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-2-Normative-references.md @@ -1,3 +1,15 @@ -## 2-Normative references +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.2" +title: "Normative references" +tags: +- iso27001/2022/EN +status: active +--- +## 2 Normative references The following documents are referred to in the text in such a way that some or all of their content constitutes requirements of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. \ No newline at end of file diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-3-Terms-and-definitions.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-3-Terms-and-definitions.md index 9d23313..ce18537 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-3-Terms-and-definitions.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-3-Terms-and-definitions.md @@ -1,4 +1,16 @@ -## 3-Terms-and definitions +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.3" +title: "Terms and definitions" +tags: +- iso27001/2022/EN +status: active +--- +## 3 Terms and definitions For the purposes of this document, the terms and definitions given in ISO/IEC 27000 apply. diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-4-Context-of-the-organization.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-4-Context-of-the-organization.md new file mode 100644 index 0000000..d1900cb --- /dev/null +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-4-Context-of-the-organization.md @@ -0,0 +1,13 @@ +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: C.4 +title: Context of the organisation +tags: + - iso27001/2022/EN +status: active +--- +# 4 Context of the organisation \ No newline at end of file diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-4.1-Understanding-the-organization-and-its-context.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-4.1-Understanding-the-organization-and-its-context.md index a52b54a..db16bc2 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-4.1-Understanding-the-organization-and-its-context.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-4.1-Understanding-the-organization-and-its-context.md @@ -1,4 +1,16 @@ -# Clause 4.1: Understanding the organization and its context +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.4.1" +title: "Understanding the organization and its context" +tags: +- iso27001/2022/EN +status: active +--- +## Clause 4.1: Understanding the organization and its context The organization shall determine external and internal issues that are relevant to its purpose and that affect its ability to achieve the intended outcome(s) of its information security management system. diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-4.2-Understanding-the-needs-and-expectations-of-interested-parties.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-4.2-Understanding-the-needs-and-expectations-of-interested-parties.md index 50c5e98..ff17bad 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-4.2-Understanding-the-needs-and-expectations-of-interested-parties.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-4.2-Understanding-the-needs-and-expectations-of-interested-parties.md @@ -1,4 +1,17 @@ -## 4.2-Understanding-the-needs-and-expectations-of-interested parties +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.4.2" +title: "Understanding the needs and expectations of interested parties" +tags: +- iso27001/2022/EN +status: active +--- +## 4.2 Understanding the needs and expectations of interested parties + The organization shall determine: a\) interested parties that are relevant to the information security management system; diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-4.3-Determining-the-scope-of-the-information-security-management-system.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-4.3-Determining-the-scope-of-the-information-security-management-system.md index 3246322..3f2cb5c 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-4.3-Determining-the-scope-of-the-information-security-management-system.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-4.3-Determining-the-scope-of-the-information-security-management-system.md @@ -1,4 +1,17 @@ -## 4.3-Determining-the-scope-of-the-information-security-management system +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.4.3" +title: "Determining the scope of the information security management system" +tags: +- iso27001/2022/EN +status: active +--- +## 4.3 Determining the scope of the information security management system + The organization shall determine the boundaries and applicability of the information security management system to establish its scope. When determining this scope, the organization shall consider: diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-4.4-Information-security-management-system.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-4.4-Information-security-management-system.md index 7d17e31..ff56552 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-4.4-Information-security-management-system.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-4.4-Information-security-management-system.md @@ -1,2 +1,15 @@ -## 4.4-Information-security-management system +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.4.4" +title: "Information security management system" +tags: +- iso27001/2022/EN +status: active +--- +## 4.4 Information security management system + The organization shall establish, implement, maintain and continually improve an information security management system, including the processes needed and their interactions, in accordance with the requirements of this document. \ No newline at end of file diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-5-Leadership.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-5-Leadership.md new file mode 100644 index 0000000..4128e08 --- /dev/null +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-5-Leadership.md @@ -0,0 +1,13 @@ +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: C.5 +title: Leadership +tags: + - iso27001/2022/EN +status: active +--- +# 5 Leadership \ No newline at end of file diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-5.1-Leadership-and-commitment.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-5.1-Leadership-and-commitment.md index 16053ef..1053ba0 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-5.1-Leadership-and-commitment.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-5.1-Leadership-and-commitment.md @@ -1,4 +1,17 @@ -## 5.1-Leadership-and commitment +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.5.1" +title: "Leadership and commitment" +tags: +- iso27001/2022/EN +status: active +--- +## 5.1 Leadership and commitment + Top management shall demonstrate leadership and commitment with respect to the information security management system by: a\) ensuring the information security policy and the information security objectives are established and are compatible with the strategic direction of the organization; diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-5.2-Policy.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-5.2-Policy.md index 411fee6..fb4e5a4 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-5.2-Policy.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-5.2-Policy.md @@ -1,4 +1,17 @@ +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.5.2" +title: "Policy" +tags: +- iso27001/2022/EN +status: active +--- ## 5.2 Policy + Top management shall establish an information security policy that: a\) is appropriate to the purpose of the organization; diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-5.3-Organizational-roles-responsibilities-and-authorities.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-5.3-Organizational-roles-responsibilities-and-authorities.md index b015fe1..9cac7b5 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-5.3-Organizational-roles-responsibilities-and-authorities.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-5.3-Organizational-roles-responsibilities-and-authorities.md @@ -1,4 +1,17 @@ -## 5.3-Organizational-roles-responsibilities-and authorities +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.5.3" +title: "Organizational roles responsibilities and authorities" +tags: +- iso27001/2022/EN +status: active +--- +## 5.3 Organizational roles responsibilities and authorities + Top management shall ensure that the responsibilities and authorities for roles relevant to information security are assigned and communicated within the organization. Top management shall assign the responsibility and authority for: diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-6-Planning.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-6-Planning.md new file mode 100644 index 0000000..8dfb2ef --- /dev/null +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-6-Planning.md @@ -0,0 +1,13 @@ +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: C.6 +title: Planning +tags: + - iso27001/2022/EN +status: active +--- +# 6 Planning \ No newline at end of file diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-6.1.1-General.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-6.1.1-General.md index 091785a..49060a2 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-6.1.1-General.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-6.1.1-General.md @@ -1,3 +1,15 @@ +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.6.1.1" +title: "General" +tags: +- iso27001/2022/EN +status: active +--- ### 6.1.1 General When planning for the information security management system, the organization shall consider the issues referred to in [4.1](c-4.1-Understanding-the-organization-and-its-context.md) and the requirements referred to in [4.2](ISO_27001_2022_OT%204.2%20Understanding%20the%20needs%20and%20expectations%20of%20interested%20parties.md) and determine the risks and opportunities that need to be addressed to: diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-6.1.2-Information-security-risk-assessment.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-6.1.2-Information-security-risk-assessment.md index 6dae621..d21dd80 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-6.1.2-Information-security-risk-assessment.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-6.1.2-Information-security-risk-assessment.md @@ -1,3 +1,15 @@ +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.6.1.2" +title: "Information security risk assessment" +tags: +- iso27001/2022/EN +status: active +--- ### 6.1.2 Information security risk assessment The organization shall define and apply an information security risk assessment process that: diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-6.1.3-Information-security-risk-treatment.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-6.1.3-Information-security-risk-treatment.md index 3d2b38e..a1ab924 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-6.1.3-Information-security-risk-treatment.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-6.1.3-Information-security-risk-treatment.md @@ -1,3 +1,15 @@ +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.6.1.3" +title: "Information security risk treatment" +tags: +- iso27001/2022/EN +status: active +--- ### 6.1.3 Information security risk treatment The organization shall define and apply an information security risk treatment process to: diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-6.2-Information-security-objectives-and-planning-to-achieve-them.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-6.2-Information-security-objectives-and-planning-to-achieve-them.md index 6c73c9c..029fc2d 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-6.2-Information-security-objectives-and-planning-to-achieve-them.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-6.2-Information-security-objectives-and-planning-to-achieve-them.md @@ -1,4 +1,17 @@ -## 6.2-Information-security-objectives-and-planning-to-achieve them +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.6.2" +title: "Information security objectives and planning to achieve them" +tags: +- iso27001/2022/EN +status: active +--- +## 6.2 Information security objectives and planning to achieve them + The organization shall establish information security objectives at relevant functions and levels. The information security objectives shall: diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-6.3-Planning-of-changes.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-6.3-Planning-of-changes.md index 8b6e714..514a047 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-6.3-Planning-of-changes.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-6.3-Planning-of-changes.md @@ -1,2 +1,15 @@ -## 6.3-Planning-of changes +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.6.3" +title: "Planning of changes" +tags: +- iso27001/2022/EN +status: active +--- +## 6.3 Planning of changes + When the organization determines the need for changes to the information security management system, the changes shall be carried out in a planned manner. \ No newline at end of file diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-7-Support.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-7-Support.md new file mode 100644 index 0000000..8c6132d --- /dev/null +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-7-Support.md @@ -0,0 +1,13 @@ +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: C.7 +title: Support +tags: + - iso27001/2022/EN +status: active +--- +# 7 Support \ No newline at end of file diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-7.1-Resources.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-7.1-Resources.md index a22190d..2e740ad 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-7.1-Resources.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-7.1-Resources.md @@ -1,2 +1,15 @@ +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.7.1" +title: "Resources" +tags: +- iso27001/2022/EN +status: active +--- ## 7.1 Resources + The organization shall determine and provide the resources needed for the establishment, implementation, maintenance and continual improvement of the information security management system. diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-7.2-Competence.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-7.2-Competence.md index b24272e..06f33e2 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-7.2-Competence.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-7.2-Competence.md @@ -1,3 +1,15 @@ +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.7.2" +title: "Competence" +tags: +- iso27001/2022/EN +status: active +--- ## 7.2 Competence The organization shall: diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-7.3-Awareness.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-7.3-Awareness.md index 9753340..a991ecf 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-7.3-Awareness.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-7.3-Awareness.md @@ -1,3 +1,15 @@ +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.7.3" +title: "Awareness" +tags: +- iso27001/2022/EN +status: active +--- ## 7.3 Awareness Persons doing work under the organization's control shall be aware of: diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-7.4-Communication.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-7.4-Communication.md index bc8dcfb..c0ddd6b 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-7.4-Communication.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-7.4-Communication.md @@ -1,3 +1,15 @@ +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.7.4" +title: "Communication" +tags: +- iso27001/2022/EN +status: active +--- ## 7.4 Communication The organization shall determine the need for internal and external communications relevant to the information security management system including: diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-7.5-Documented-information.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-7.5-Documented-information.md index 791330b..13c3ddc 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-7.5-Documented-information.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-7.5-Documented-information.md @@ -1,4 +1,17 @@ -## 7.5-Documented information +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.7.5" +title: "Documented information" +tags: +- iso27001/2022/EN +status: active +--- +## 7.5 Documented information + ### 7.5.1 General The organization's information security management system shall include: diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-8-Operation.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-8-Operation.md new file mode 100644 index 0000000..fc59611 --- /dev/null +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-8-Operation.md @@ -0,0 +1,13 @@ +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: C.8 +title: Operation +tags: + - iso27001/2022/EN +status: active +--- +# 8 Operation \ No newline at end of file diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-8.1-Operational-planning-and-control.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-8.1-Operational-planning-and-control.md index 7f98721..ca02294 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-8.1-Operational-planning-and-control.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-8.1-Operational-planning-and-control.md @@ -1,4 +1,17 @@ -## 8.1-Operational-planning-and control +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.8.1" +title: "Operational planning and control" +tags: +- iso27001/2022/EN +status: active +--- +## 8.1 Operational planning and control + The organization shall plan, implement and control the processes needed to meet requirements, and to implement the actions determined in Clause 6, by: - establishing criteria for the processes; - implementing control of the processes in accordance with the criteria. diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-8.2-Information-security-risk-assessment.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-8.2-Information-security-risk-assessment.md index a177be2..06ff66d 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-8.2-Information-security-risk-assessment.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-8.2-Information-security-risk-assessment.md @@ -1,4 +1,17 @@ -## 8.2-Information-security-risk assessment +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.8.2" +title: "Information security risk assessment" +tags: +- iso27001/2022/EN +status: active +--- +## 8.2 Information security risk assessment + The organization shall perform information security risk assessments at planned intervals or when significant changes are proposed or occur, taking account of the criteria established in [6.1.2a](ISO_27001_OT%206.1.2%20Information%20security%20risk%20assessment.md). The organization shall retain documented information of the results of the information security risk assessments. \ No newline at end of file diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-8.3-Information-security-risk-treatment.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-8.3-Information-security-risk-treatment.md index c0b1739..01f5b39 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-8.3-Information-security-risk-treatment.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-8.3-Information-security-risk-treatment.md @@ -1,8 +1,16 @@ --- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.8.3" +title: "Information security risk treatment" tags: - - iso27001/2022/EN +- iso27001/2022/EN +status: active --- -# Clause 8.3 Information security risk treatment +## 8.3 Information security risk treatment The organization shall implement the information security risk treatment plan. diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-9-Performance-evaluation.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-9-Performance-evaluation.md new file mode 100644 index 0000000..5010557 --- /dev/null +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-9-Performance-evaluation.md @@ -0,0 +1,13 @@ +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: C.9 +title: Performance evaluation +tags: + - iso27001/2022/EN +status: active +--- +# 9 Performance evaluation \ No newline at end of file diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-9.1-Monitoring-measurement-analysis-and-evaluation.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-9.1-Monitoring-measurement-analysis-and-evaluation.md index d28ff65..b2ab30b 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-9.1-Monitoring-measurement-analysis-and-evaluation.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-9.1-Monitoring-measurement-analysis-and-evaluation.md @@ -1,4 +1,17 @@ +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.9.1" +title: "Monitoring measurement analysis and evaluation" +tags: +- iso27001/2022/EN +status: active +--- ## 9.1 Monitoring measurement analysis and evaluation + The organization shall determine: a\) what needs to be monitored and measured, including information security processes and controls; diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-9.2-Internal-audit.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-9.2-Internal-audit.md index 255bff5..d17db1b 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-9.2-Internal-audit.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-9.2-Internal-audit.md @@ -1,4 +1,16 @@ -## 9.2-Internal audit +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.9.2" +title: "Internal audit" +tags: +- iso27001/2022/EN +status: active +--- +## 9.2 Internal audit ### 9.2.1 General The organization shall conduct internal audits at planned intervals to provide information on whether the information security management system: diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/c-9.3-Management-review.md b/Corpus/Standards/ISO27x/OST/27001/EN/c-9.3-Management-review.md index ed30212..6c15e77 100644 --- a/Corpus/Standards/ISO27x/OST/27001/EN/c-9.3-Management-review.md +++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-9.3-Management-review.md @@ -1,4 +1,16 @@ -## 9.3-Management review +--- +notetype: sourcetext +standard: ISO 27001 +version: 2022 +language: EN +type: clause +id: "C.9.3" +title: "Management review" +tags: +- iso27001/2022/EN +status: active +--- +## 9.3 Management review ### 9.3.1 General Top management shall review the organization\'s information security management system at planned intervals to ensure its continuing suitability, adequacy and effectiveness. diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/rename-iso-title.zsh b/Corpus/Standards/ISO27x/OST/27001/EN/rename-iso-title.zsh deleted file mode 100755 index d756956..0000000 --- a/Corpus/Standards/ISO27x/OST/27001/EN/rename-iso-title.zsh +++ /dev/null @@ -1,90 +0,0 @@ -#!/usr/bin/env zsh -set -euo pipefail - -execute=false -if [[ ${1:-} == '--execute' ]]; then - execute=true - shift -fi - -if [[ $# -gt 0 ]]; then - print -u2 'Usage: rename-iso-title.zsh [--execute]' - exit 2 -fi - -# Requires Obsidian app running and CLI enabled. -: ${OBSIDIAN_CLI:=obsidian} - -files=(c-[0-9]*\.md(N)) -if (( ${#files} == 0 )); then - print 'No matching files found.' - exit 0 -fi - -for src in "$files[@]"; do - base=${src:t} - - # Read the level 1 header from the file - # Format: # - # Extract everything after the first number and space - header=$(head -n 1 "$src" | sed 's/^# [0-9.]* //') - - if [[ -z "$header" ]]; then - print -u2 "WARN skipped (no header found): $src" - continue - fi - - # Clean up the title - title=$header - # Replace spaces with dashes - title=${title// /-} - # Remove commas, slashes, parentheses, quotes - title=${title//,/} - title=${title//\//} - title=${title//\\/} - title=${title//\(} - title=${title//\)} - title=${title//\'} - title=${title//\'} - # Replace diacritics with base characters - title=${title//ï/i} - title=${title//é/e} - title=${title//è/e} - title=${title//ê/e} - title=${title//ë/e} - title=${title//ö/o} - title=${title//ü/u} - title=${title//ó/o} - title=${title//ô/o} - title=${title//á/a} - title=${title//à/a} - title=${title//ã/a} - title=${title//ä/a} - title=${title//í/i} - title=${title//ì/i} - title=${title//ñ/n} - title=${title//ú/u} - title=${title//ù/u} - # Remove multiple dashes - title=${title//---/-} - title=${title//--/-} - # Remove leading/trailing dashes - title=${title#-} - title=${title%-} - - # Build new filename: c-n.n-TITLE.md - ext="${src:r}.md" # extension without the extra .md issue - filename="${src%.*}" - target="${filename}-${title}.md" - - if [[ $src == $target ]]; then - print "SKIP $src" - continue - fi - - print "SRC $src" - print "DEST $target" - if $execute; then - "$OBSIDIAN_CLI" rename file="$src" name="$target" - fi -done \ No newline at end of file diff --git a/Corpus/Standards/ISO27x/OST/27001/EN/rename-iso.zsh b/Corpus/Standards/ISO27x/OST/27001/EN/rename-iso.zsh deleted file mode 100755 index b28bf84..0000000 --- a/Corpus/Standards/ISO27x/OST/27001/EN/rename-iso.zsh +++ /dev/null @@ -1,50 +0,0 @@ -#!/usr/bin/env zsh -set -euo pipefail - -execute=false -if [[ ${1:-} == '--execute' ]]; then - execute=true - shift -fi - -if [[ $# -gt 0 ]]; then - print -u2 'Usage: rename-iso.zsh [--execute]' - exit 2 -fi - -# Requires Obsidian app running and CLI enabled. -# Adjust OBSIDIAN_CLI to the command you actually use (e.g. `obsidian`). -: ${OBSIDIAN_CLI:=obsidian} - -files=(ISO_27001*.md(N)) -if (( ${#files} == 0 )); then - print 'No matching files found.' - exit 0 -fi - -for src in "$files[@]"; do - base=${src:t} - # Match both ISO_27001_OT and ISO_27001_2022_OT patterns - if [[ $base =~ '^ISO_27001(_2022)?_OT ([0-9.]+) (.+)\.md$' ]]; then - version=${match[2]#_} - title=${match[3]} - target="c-${version}-${title}.md" - # Replace spaces with dashes - target=${target// /-} - # Remove commas - target=${target//,} - # Prevent double dashes - target=${target//--/-} - if [[ $src == $target ]]; then - print "SKIP $src" - continue - fi - print "SRC $src" - print "DEST $target" - if $execute; then - "$OBSIDIAN_CLI" rename file="$src" name="$target" - fi - else - print -u2 "WARN skipped (pattern mismatch): $src" - fi -done