Added front matter to 27001 EN

2026-05-02 13:23:39 +02:00 · 2026-05-02 13:23:39 +02:00 · c4e0d21aaf
commit c4e0d21aaf
parent 405b666055
39 changed files with 523 additions and 161 deletions
--- a/Corpus/Standards/ISO27x/OST/27001/EN/add_yaml.py
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/add_yaml.py
@ -0,0 +1,54 @@
 #!/usr/bin/env python3
 import os
 import re
 directory = '/Users/rico/src/iso27diy-corp/Corpus/Standards/ISO27x/OST/27001/EN/'
 for filename in os.listdir(directory):
    if filename.endswith('.md'):
        filepath = os.path.join(directory, filename)
        with open(filepath, 'r') as f:
            lines = f.readlines()
        if lines and lines[0].strip() == '---':
            continue  # Already has YAML
        # Extract id and title from filename
        match = re.match(r'c-([0-9.]+)-(.+)\.md', filename)
        if match:
            num = match.group(1)
            title_part = match.group(2)
            id_val = f'C.{num}'
            title = title_part.replace('-', ' ')
        elif filename == 'c-0-Introduction.md':
            id_val = 'C.0'
            title = 'Introduction'
        elif filename == 'ISO_27001_OT F Foreword.md':
            id_val = 'Foreword'
            title = 'Foreword'
        else:
            # For other files like c-2-Normative-references.md
            match = re.match(r'c-([0-9]+)-(.+)\.md', filename)
            if match:
                num = match.group(1)
                title_part = match.group(2)
                id_val = f'C.{num}'
                title = title_part.replace('-', ' ')
            else:
                continue  # Skip if not matching
        yaml = f'''---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "{id_val}"
 title: "{title}"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 '''
        with open(filepath, 'w') as f:
            f.write(yaml + ''.join(lines))
 print("YAML front matter added to files that didn't have it.")
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-0-Introduction.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-0-Introduction.md
@ -1,6 +1,18 @@
 ---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.0"
 title: "Introduction"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 0 Introduction
-## 0.1 General
+### 0.1 General
 This document has been prepared to provide requirements for establishing, implementing, maintaining and continually improving an information security management system. The adoption of an information security management system is a strategic decision for an organization. The establishment and implementation of an organization's information security management system is influenced by the organization's needs and objectives, security requirements, the organizational processes used and the size and structure of the organization. All of these influencing factors are expected to change over time.
@ -14,7 +26,7 @@ The order in which requirements are presented in this document does not reflect
 ISO/IEC 27000 describes the overview and the vocabulary of information security management systems, referencing the information security management system family of standards (including ISO/IEC 27003, ISO/IEC 27004 and ISO/IEC 27005), with related terms and definitions.
-## 0.2 Compatibility with other management system standards
+### 0.2 Compatibility with other management system standards
 This document applies the high-level structure, identical sub-clause titles, identical text, common terms, and core definitions defined in Annex SL of ISO/IEC Directives, Part 1, Consolidated ISO Supplement, and therefore maintains compatibility with other management system standards that have adopted the Annex SL.
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-1-Scope.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-1-Scope.md
@ -1,3 +1,15 @@
 ---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.1"
 title: "Scope"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 1 Scope
 This document specifies the requirements for establishing, implementing, maintaining and continually improving an information
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-10-Improvement.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-10-Improvement.md
@ -0,0 +1,13 @@
 ---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.10"
 title: "Improvement"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 # 10 Improvement
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-10.1-Continual-improvement.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-10.1-Continual-improvement.md
@ -1,2 +1,15 @@
-## 10.1-Continual improvement
+---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.10.1"
 title: "Continual improvement"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 10.1 Continual improvement
 The organization shall continually improve the suitability, adequacy and effectiveness of the information security management system.
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-10.2-Nonconformity-and-corrective-action.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-10.2-Nonconformity-and-corrective-action.md
@ -1,4 +1,15 @@
-## 10.2-Nonconformity-and-corrective action
+---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.10.2"
 title: "Nonconformity and corrective action"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 10.2 Nonconformity and corrective action
 When a nonconformity occurs, the organization shall:
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-2-Normative-references.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-2-Normative-references.md
@ -1,3 +1,15 @@
-## 2-Normative references
+---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.2"
 title: "Normative references"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 2 Normative references
 The following documents are referred to in the text in such a way that some or all of their content constitutes requirements of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-3-Terms-and-definitions.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-3-Terms-and-definitions.md
@ -1,4 +1,16 @@
-## 3-Terms-and definitions
+---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.3"
 title: "Terms and definitions"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 3 Terms and definitions
 For the purposes of this document, the terms and definitions given in
 ISO/IEC 27000 apply.
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-4-Context-of-the-organization.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-4-Context-of-the-organization.md
@ -0,0 +1,13 @@
 ---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: C.4
 title: Context of the organisation
 tags:
  - iso27001/2022/EN
 status: active
 ---
 # 4 Context of the organisation
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-4.1-Understanding-the-organization-and-its-context.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-4.1-Understanding-the-organization-and-its-context.md
@ -1,4 +1,16 @@
-# Clause 4.1: Understanding the organization and its context
+---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.4.1"
 title: "Understanding the organization and its context"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## Clause 4.1: Understanding the organization and its context
 The organization shall determine external and internal issues that are relevant to its purpose and that affect its ability to achieve the intended outcome(s) of its information security management system.
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-4.2-Understanding-the-needs-and-expectations-of-interested-parties.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-4.2-Understanding-the-needs-and-expectations-of-interested-parties.md
@ -1,4 +1,17 @@
-## 4.2-Understanding-the-needs-and-expectations-of-interested parties
+---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.4.2"
 title: "Understanding the needs and expectations of interested parties"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 4.2 Understanding the needs and expectations of interested parties
 The organization shall determine:
 a\) interested parties that are relevant to the information security management system;
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-4.3-Determining-the-scope-of-the-information-security-management-system.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-4.3-Determining-the-scope-of-the-information-security-management-system.md
@ -1,4 +1,17 @@
-## 4.3-Determining-the-scope-of-the-information-security-management system
+---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.4.3"
 title: "Determining the scope of the information security management system"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 4.3 Determining the scope of the information security management system
 The organization shall determine the boundaries and applicability of the information security management system to establish its scope.
 When determining this scope, the organization shall consider:
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-4.4-Information-security-management-system.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-4.4-Information-security-management-system.md
@ -1,2 +1,15 @@
-## 4.4-Information-security-management system
+---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.4.4"
 title: "Information security management system"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 4.4 Information security management system
 The organization shall establish, implement, maintain and continually improve an information security management system, including the processes needed and their interactions, in accordance with the requirements of this document.
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-5-Leadership.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-5-Leadership.md
@ -0,0 +1,13 @@
 ---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: C.5
 title: Leadership
 tags:
  - iso27001/2022/EN
 status: active
 ---
 # 5 Leadership
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-5.1-Leadership-and-commitment.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-5.1-Leadership-and-commitment.md
@ -1,4 +1,17 @@
-## 5.1-Leadership-and commitment
+---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.5.1"
 title: "Leadership and commitment"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 5.1 Leadership and commitment
 Top management shall demonstrate leadership and commitment with respect to the information security management system by:
 a\) ensuring the information security policy and the information security objectives are established and are compatible with the strategic direction of the organization;
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-5.2-Policy.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-5.2-Policy.md
@ -1,4 +1,17 @@
 ---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.5.2"
 title: "Policy"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 5.2 Policy
 Top management shall establish an information security policy that:
 a\) is appropriate to the purpose of the organization;
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-5.3-Organizational-roles-responsibilities-and-authorities.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-5.3-Organizational-roles-responsibilities-and-authorities.md
@ -1,4 +1,17 @@
-## 5.3-Organizational-roles-responsibilities-and authorities
+---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.5.3"
 title: "Organizational roles responsibilities and authorities"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 5.3 Organizational roles responsibilities and authorities
 Top management shall ensure that the responsibilities and authorities for roles relevant to information security are assigned and communicated within the organization.
 Top management shall assign the responsibility and authority for:
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-6-Planning.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-6-Planning.md
@ -0,0 +1,13 @@
 ---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: C.6
 title: Planning
 tags:
  - iso27001/2022/EN
 status: active
 ---
 # 6 Planning
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-6.1.1-General.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-6.1.1-General.md
@ -1,3 +1,15 @@
 ---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.6.1.1"
 title: "General"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ### 6.1.1 General
 When planning for the information security management system, the organization shall consider the issues referred to in [4.1](c-4.1-Understanding-the-organization-and-its-context.md) and the requirements referred to in [4.2](ISO_27001_2022_OT%204.2%20Understanding%20the%20needs%20and%20expectations%20of%20interested%20parties.md) and determine the risks and opportunities that need to be addressed to:
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-6.1.2-Information-security-risk-assessment.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-6.1.2-Information-security-risk-assessment.md
@ -1,3 +1,15 @@
 ---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.6.1.2"
 title: "Information security risk assessment"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ### 6.1.2 Information security risk assessment
 The organization shall define and apply an information security risk assessment process that:
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-6.1.3-Information-security-risk-treatment.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-6.1.3-Information-security-risk-treatment.md
@ -1,3 +1,15 @@
 ---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.6.1.3"
 title: "Information security risk treatment"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ### 6.1.3 Information security risk treatment
 The organization shall define and apply an information security risk treatment process to:
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-6.2-Information-security-objectives-and-planning-to-achieve-them.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-6.2-Information-security-objectives-and-planning-to-achieve-them.md
@ -1,4 +1,17 @@
-## 6.2-Information-security-objectives-and-planning-to-achieve them
+---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.6.2"
 title: "Information security objectives and planning to achieve them"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 6.2 Information security objectives and planning to achieve them
 The organization shall establish information security objectives at relevant functions and levels.
 The information security objectives shall:
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-6.3-Planning-of-changes.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-6.3-Planning-of-changes.md
@ -1,2 +1,15 @@
-## 6.3-Planning-of changes
+---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.6.3"
 title: "Planning of changes"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 6.3 Planning of changes
 When the organization determines the need for changes to the information security management system, the changes shall be carried out in a planned manner.
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-7-Support.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-7-Support.md
@ -0,0 +1,13 @@
 ---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: C.7
 title: Support
 tags:
  - iso27001/2022/EN
 status: active
 ---
 # 7 Support
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-7.1-Resources.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-7.1-Resources.md
@ -1,2 +1,15 @@
 ---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.7.1"
 title: "Resources"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 7.1 Resources
 The organization shall determine and provide the resources needed for the establishment, implementation, maintenance and continual improvement of the information security management system.
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-7.2-Competence.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-7.2-Competence.md
@ -1,3 +1,15 @@
 ---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.7.2"
 title: "Competence"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 7.2 Competence
 The organization shall:
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-7.3-Awareness.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-7.3-Awareness.md
@ -1,3 +1,15 @@
 ---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.7.3"
 title: "Awareness"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 7.3 Awareness
 Persons doing work under the organization's control shall be aware of:
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-7.4-Communication.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-7.4-Communication.md
@ -1,3 +1,15 @@
 ---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.7.4"
 title: "Communication"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 7.4 Communication
 The organization shall determine the need for internal and external communications relevant to the information security management system including:
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-7.5-Documented-information.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-7.5-Documented-information.md
@ -1,4 +1,17 @@
-## 7.5-Documented information
+---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.7.5"
 title: "Documented information"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 7.5 Documented information
 ### 7.5.1 General
 The organization's information security management system shall include:
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-8-Operation.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-8-Operation.md
@ -0,0 +1,13 @@
 ---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: C.8
 title: Operation
 tags:
  - iso27001/2022/EN
 status: active
 ---
 # 8 Operation
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-8.1-Operational-planning-and-control.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-8.1-Operational-planning-and-control.md
@ -1,4 +1,17 @@
-## 8.1-Operational-planning-and control
+---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.8.1"
 title: "Operational planning and control"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 8.1 Operational planning and control
 The organization shall plan, implement and control the processes needed to meet requirements, and to implement the actions determined in Clause 6, by:
 - establishing criteria for the processes;
 - implementing control of the processes in accordance with the criteria.
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-8.2-Information-security-risk-assessment.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-8.2-Information-security-risk-assessment.md
@ -1,4 +1,17 @@
-## 8.2-Information-security-risk assessment
+---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.8.2"
 title: "Information security risk assessment"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 8.2 Information security risk assessment
 The organization shall perform information security risk assessments at planned intervals or when significant changes are proposed or occur, taking account of the criteria established in [6.1.2a](ISO_27001_OT%206.1.2%20Information%20security%20risk%20assessment.md).
 The organization shall retain documented information of the results of the information security risk assessments.
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-8.3-Information-security-risk-treatment.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-8.3-Information-security-risk-treatment.md
@ -1,8 +1,16 @@
 ---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.8.3"
 title: "Information security risk treatment"
 tags:
-  - iso27001/2022/EN
+- iso27001/2022/EN
 status: active
 ---
-# Clause 8.3 Information security risk treatment
+## 8.3 Information security risk treatment
 The organization shall implement the information security risk treatment plan.
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-9-Performance-evaluation.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-9-Performance-evaluation.md
@ -0,0 +1,13 @@
 ---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: C.9
 title: Performance evaluation
 tags:
  - iso27001/2022/EN
 status: active
 ---
 # 9 Performance evaluation
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-9.1-Monitoring-measurement-analysis-and-evaluation.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-9.1-Monitoring-measurement-analysis-and-evaluation.md
@ -1,4 +1,17 @@
 ---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.9.1"
 title: "Monitoring measurement analysis and evaluation"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 9.1 Monitoring measurement analysis and evaluation
 The organization shall determine:
 a\) what needs to be monitored and measured, including information security processes and controls;
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-9.2-Internal-audit.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-9.2-Internal-audit.md
@ -1,4 +1,16 @@
-## 9.2-Internal audit
+---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.9.2"
 title: "Internal audit"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 9.2 Internal audit
 ### 9.2.1 General
 The organization shall conduct internal audits at planned intervals to provide information on whether the information security management system:
--- a/Corpus/Standards/ISO27x/OST/27001/EN/c-9.3-Management-review.md
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/c-9.3-Management-review.md
@ -1,4 +1,16 @@
-## 9.3-Management review
+---
 notetype: sourcetext
 standard: ISO 27001
 version: 2022
 language: EN
 type: clause
 id: "C.9.3"
 title: "Management review"
 tags:
 - iso27001/2022/EN
 status: active
 ---
 ## 9.3 Management review
 ### 9.3.1 General
 Top management shall review the organization\'s information security management system at planned intervals to ensure its continuing suitability, adequacy and effectiveness.
--- a/Corpus/Standards/ISO27x/OST/27001/EN/rename-iso-title.zsh
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/rename-iso-title.zsh
@ -1,90 +0,0 @@
 #!/usr/bin/env zsh
 set -euo pipefail
 execute=false
 if [[ ${1:-} == '--execute' ]]; then
  execute=true
  shift
 fi
 if [[ $# -gt 0 ]]; then
  print -u2 'Usage: rename-iso-title.zsh [--execute]'
  exit 2
 fi
 # Requires Obsidian app running and CLI enabled.
 : ${OBSIDIAN_CLI:=obsidian}
 files=(c-[0-9]*\.md(N))
 if (( ${#files} == 0 )); then
  print 'No matching files found.'
  exit 0
 fi
 for src in "$files[@]"; do
  base=${src:t}
  # Read the level 1 header from the file
  # Format: # <number> <title>
  # Extract everything after the first number and space
  header=$(head -n 1 "$src" | sed 's/^# [0-9.]* //')
  if [[ -z "$header" ]]; then
    print -u2 "WARN  skipped (no header found): $src"
    continue
  fi
  # Clean up the title
  title=$header
  # Replace spaces with dashes
  title=${title// /-}
  # Remove commas, slashes, parentheses, quotes
  title=${title//,/}
  title=${title//\//}
  title=${title//\\/}
  title=${title//\(}
  title=${title//\)}
  title=${title//\'}
  title=${title//\'}
  # Replace diacritics with base characters
  title=${title//ï/i}
  title=${title//é/e}
  title=${title//è/e}
  title=${title//ê/e}
  title=${title//ë/e}
  title=${title//ö/o}
  title=${title//ü/u}
  title=${title//ó/o}
  title=${title//ô/o}
  title=${title//á/a}
  title=${title//à/a}
  title=${title//ã/a}
  title=${title//ä/a}
  title=${title//í/i}
  title=${title//ì/i}
  title=${title//ñ/n}
  title=${title//ú/u}
  title=${title//ù/u}
  # Remove multiple dashes
  title=${title//---/-}
  title=${title//--/-}
  # Remove leading/trailing dashes
  title=${title#-}
  title=${title%-}
  # Build new filename: c-n.n-TITLE.md
  ext="${src:r}.md"  # extension without the extra .md issue
  filename="${src%.*}"
  target="${filename}-${title}.md"
  if [[ $src == $target ]]; then
    print "SKIP  $src"
    continue
  fi
  print "SRC   $src"
  print "DEST  $target"
  if $execute; then
    "$OBSIDIAN_CLI" rename file="$src" name="$target"
  fi
 done
--- a/Corpus/Standards/ISO27x/OST/27001/EN/rename-iso.zsh
+++ b/Corpus/Standards/ISO27x/OST/27001/EN/rename-iso.zsh
@ -1,50 +0,0 @@
 #!/usr/bin/env zsh
 set -euo pipefail
 execute=false
 if [[ ${1:-} == '--execute' ]]; then
  execute=true
  shift
 fi
 if [[ $# -gt 0 ]]; then
  print -u2 'Usage: rename-iso.zsh [--execute]'
  exit 2
 fi
 # Requires Obsidian app running and CLI enabled.
 # Adjust OBSIDIAN_CLI to the command you actually use (e.g. `obsidian`).
 : ${OBSIDIAN_CLI:=obsidian}
 files=(ISO_27001*.md(N))
 if (( ${#files} == 0 )); then
  print 'No matching files found.'
  exit 0
 fi
 for src in "$files[@]"; do
  base=${src:t}
  # Match both ISO_27001_OT and ISO_27001_2022_OT patterns
  if [[ $base =~ '^ISO_27001(_2022)?_OT ([0-9.]+) (.+)\.md$' ]]; then
 	version=${match[2]#_}
 	title=${match[3]}
 	target="c-${version}-${title}.md"
 	# Replace spaces with dashes
 	target=${target// /-}
 	# Remove commas
 	target=${target//,}
 	# Prevent double dashes
 	target=${target//--/-}
 	if [[ $src == $target ]]; then
 	  print "SKIP  $src"
 	  continue
 	fi
 	print "SRC   $src"
 	print "DEST  $target"
 	if $execute; then
 	  "$OBSIDIAN_CLI" rename file="$src" name="$target"
 	fi
  else
 	print -u2 "WARN  skipped (pattern mismatch): $src"
  fi
 done