Cleaned up Literature folder
This commit is contained in:
parent
73a6380034
commit
fe5eda4e05
586 changed files with 53911 additions and 2475 deletions
|
|
@ -3,4 +3,4 @@
|
|||
An appropriate set of procedures for information labelling shall be developed and implemented in accordance with the information classification scheme adopted by the organization.
|
||||
|
||||
Related:
|
||||
- [Labeling of information in the digital domain](../../../../Sparks/ISMS/Labeling%20of%20information%20in%20the%20digital%20domain.md)
|
||||
- [Labeling of information in the digital domain](../../../../ISMS/Labeling%20of%20information%20in%20the%20digital%20domain.md)
|
||||
|
|
@ -27,6 +27,6 @@ Related ISO clauses and controls:
|
|||
Related ideas:
|
||||
- [ISO27DIY Recipe for Policy Cards](ISO27DIY%20Recipe%20for%20Policy%20Cards.md)
|
||||
- [BC5701_Training_Tab_03_MS](../../../BC%205701/BC5701_Training_Tab_03_MS.md#Beleid)
|
||||
- [Modules, Screens and Content](../../../../Sparks/Modules,%20Screens%20and%20Content.md)
|
||||
- [Modules, Screens and Content](../../../../../AuditGlue/Modules,%20Screens%20and%20Content.md)
|
||||
- [🧰 Resource portal](🧰%20Resource%20portal.md)
|
||||
- [Topical InfoSec Kanban’s](../../../../Literature%20notes/Topical%20InfoSec%20Kanban’s.md)
|
||||
- [Collection of Kanban boards on information security topics](../../../../Information%20Security/Collection%20of%20Kanban%20boards%20on%20information%20security%20topics.md)
|
||||
|
|
|
|||
|
|
@ -2,14 +2,14 @@
|
|||
|
||||
- Easier sales
|
||||
- Accelerates your customer’s Purchase Decision Process ("Sell with Confidence. Worldwide.")
|
||||
- Certification for this standard is increasingly becoming a knock-out criterium for [Examples of vendor selection questionnaires](../../../../Sparks/Information%20Security/Examples%20of%20vendor%20selection%20questionnaires.md).
|
||||
- Certification for this standard is increasingly becoming a knock-out criterium for [Examples of vendor selection questionnaires](../../../../Information%20Security/Examples%20of%20vendor%20selection%20questionnaires.md).
|
||||
- Raises your infosec maturity level
|
||||
- Raise your [Maturity Models](../../../../📚️%20Literature%20notes/Maturity%20Models.md) from incident driven to improvement focussed
|
||||
- Continual improvement of security
|
||||
- Increased resilience
|
||||
- be prepared for events that threaten your business continuity
|
||||
- Accountability / responsibility
|
||||
- [Corporate social responsibility](../../../../Literature%20notes/Corporate%20social%20responsibility.md)
|
||||
- [Corporate social responsibility](../../../../Various/Corporate%20social%20responsibility.md)
|
||||
- Voorkómen maatschappelijke ontwrichting (voorbeeld: een massale cyberaanval legt de Rotterdamse havens stil)
|
||||
- Encourage transparency. "We believe that transparency, such as having a permissive vulnerability disclosure policy (VDP) that encourages security research, is a key characteristic of a good, mature security program".
|
||||
- https://www.maastrichtuniversity.nl/data-protection-corporate-social-responsibility
|
||||
|
|
@ -1,3 +1,3 @@
|
|||
- [Perverse prikkels in de normindustrie](../../../../Sparks/Perverse%20prikkels%20in%20de%20normindustrie.md)
|
||||
- [Perverse prikkels in de normindustrie](../../../../../Content%20Factory/Scratch%20file/Perverse%20prikkels%20in%20de%20normindustrie.md)
|
||||
- [GRC software is geschreven voor domeindeskundigen](../../../../../Content%20Factory/Scratch%20file/GRC%20software%20is%20geschreven%20voor%20domeindeskundigen.md)
|
||||
- [Problems solved 1](../../../../Sparks/Problems%20solved%201.md)
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
Child notes:
|
||||
- [Blurbs](../../../../Sparks/Blurbs.md)
|
||||
- [Toegevoegde waarde van ISO27DIY 1](../../../../Sparks/Toegevoegde%20waarde%20van%20ISO27DIY%201.md)
|
||||
- [Toegevoegde waarde van ISO27DIY](../../../../../Content%20Factory/Scratch%20file/Toegevoegde%20waarde%20van%20ISO27DIY.md)
|
||||
- [Friendly targets](../../../../../../💡Permanent%20ideas/Friendly%20targets.md)
|
||||
- [Possible Colabs](../../../../Sparks/Possible%20Colabs.md)
|
||||
- [List of possible partners](../../../../Sparks/iso27diy/List%20of%20possible%20partners.md)
|
||||
- [Possible Colabs](../../../../../AuditGlue/Possible%20Colabs.md)
|
||||
- [List of possible partners](../../../../../AuditGlue/List%20of%20possible%20partners.md)
|
||||
- [ISO27DIY Business drivers](ISO27DIY%20Business%20drivers.md)
|
||||
- [AuditGlue Business model](../AuditGlue%20Business%20model.md)
|
||||
- [[### Related notes
|
||||
|
|
|
|||
|
|
@ -6,4 +6,4 @@ Examples / templates may be offered as a (freebee) resource - see [🧰 Resource
|
|||
|
||||
Related:
|
||||
- [Working back from the Annex A dashboard](Working%20back%20from%20the%20Annex%20A%20dashboard.md)
|
||||
- See [Topical InfoSec Kanban’s](../../../../Literature%20notes/Topical%20InfoSec%20Kanban’s.md) for inspiration.
|
||||
- See [Collection of Kanban boards on information security topics](../../../../Information%20Security/Collection%20of%20Kanban%20boards%20on%20information%20security%20topics.md) for inspiration.
|
||||
|
|
@ -12,7 +12,7 @@ In this video you'll learn how to create a stakeholder analysis, identifying the
|
|||
|
||||
> Examine "external stakeholders’ relationships, perceptions, values, needs and expectations"
|
||||
|
||||
- [ ] See also [Stakeholder Analysis](../../../../Sparks/Stakeholder%20Analysis.md)
|
||||
- [ ] See also [Stakeholder Analysis](../../../../ISMS/Stakeholder%20Analysis.md)
|
||||
- [ ] And [this](https://www.pmi.org/learning/library/stakeholder-analysis-pivotal-practice-projects-8905) from the Project Management Institute
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
Start with the [](../../../../Attachments/ISO%2027001%20Implementatie%20dashboard%20Annex%20A.xlsx) as a framework.
|
||||
Start with the [](../../../../ISMS/NHC%20ISO%2027001%20Implementatie%20dashboard%20Annex%20A.xlsx) as a framework.
|
||||
Every cell gets one or more corresponding [ISO27DIY Kanban board](ISO27DIY%20Kanban%20board.md) items. So they are all linked to at least one of the ISO 27001 controls or ISO 27001 clauses.
|
||||
|
||||
Note that in this approach all [About ISO27DIY Policy Cards](About%20ISO27DIY%20Policy%20Cards.md), [Advised Documents for ISO 27001](../../../../../../iso27DIY-gis/reference/Advised%20Documents%20for%20ISO%2027001.md), and identified risks and controls will appear on the Kanban board, directly or indirectly.
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
Skeleton project plan contents:
|
||||
- [ISO 27001 benefits](../ISO%2027001%20benefits.md)
|
||||
- [ISO27DIY benefits](../../../../../Sparks/iso27diy/ISO27DIY%20benefits.md)
|
||||
- [ISO27DIY benefits](../../../../../../AuditGlue/ISO27DIY%20benefits.md)
|
||||
|
||||
|
||||
## Benefits
|
||||
|
|
|
|||
|
|
@ -6,5 +6,5 @@
|
|||
|
||||
## Related:
|
||||
- [ISO 27001 benefits](../ISO%2027001%20benefits.md)
|
||||
- [ISO27DIY benefits](../../../../../Sparks/iso27diy/ISO27DIY%20benefits.md)
|
||||
- [ISO27DIY benefits](../../../../../../AuditGlue/ISO27DIY%20benefits.md)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
TOM: "What does running an ISO compliant ISMS look like, organization wise?"
|
||||
|
||||
See: [Target Operational Model](../../../../../Literature%20notes/Target%20Operational%20Model.md)
|
||||
See: [Target Operational Model](../../../../../Various/Target%20Operational%20Model.md)
|
||||
|
||||
- What's expected of senior management on board:
|
||||
- Show leadership and commitment
|
||||
|
|
@ -11,4 +11,4 @@ See: [Target Operational Model](../../../../../Literature%20notes/Target%20Opera
|
|||
- Consider requesting certification
|
||||
- [Organizing Cybersecurity](../../../../../Sparks/Organizing%20Cybersecurity.md)
|
||||
|
||||
- [Target Operational Model](../../../../../Literature%20notes/Target%20Operational%20Model.md)
|
||||
- [Target Operational Model](../../../../../Various/Target%20Operational%20Model.md)
|
||||
|
|
@ -1,6 +1,6 @@
|
|||
The purpose of the Implementation Dashboard is to get an overview of progress and gaps and make auditing easier.
|
||||
|
||||
See this:
|
||||
- [example Excel sheet (NL version)](../../../../../Attachments/ISO%2027001%20Implementatie%20dashboard%20Annex%20A.xlsx)
|
||||
- [example Excel sheet (NL version)](../../../../../ISMS/NHC%20ISO%2027001%20Implementatie%20dashboard%20Annex%20A.xlsx)
|
||||
- [example Excel sheet (EN version)](ISO%2027001-2013%20Implementation%20Dashboard.xlsx)
|
||||
|
||||
|
|
|
|||
|
|
@ -4,9 +4,9 @@ Pivoting away from 'guided implementation management' to:
|
|||
|
||||
|
||||
Related:
|
||||
- [Three user modes for AuditGlue](../../../../Sparks/Three%20user%20modes%20for%20AuditGlue.md)
|
||||
- [Three user modes for AuditGlue](../../../../../AuditGlue/Three%20user%20modes%20for%20AuditGlue.md)
|
||||
- [Distributed usage of AuditGlue](../../../../../../Permanent%20ideas/Distributed%20usage%20of%20AuditGlue.md)
|
||||
- [Modules, Screens and Content](../../../../Sparks/Modules,%20Screens%20and%20Content.md)
|
||||
- [Modules, Screens and Content](../../../../../AuditGlue/Modules,%20Screens%20and%20Content.md)
|
||||
- [AuditGlue ERD](../AuditGlue%20ERD.md)
|
||||
- [AuditGlue Business model](../AuditGlue%20Business%20model.md)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
[Source text](../../../../../Sparks/Source%20text.md)
|
||||
[Source text](../../../../../../AuditGlue/System%20alternative/Source%20text.md)
|
||||
|
||||
## Control ID + Title
|
||||
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ Related to:
|
|||
The Document Owner is responsible for development and implementation of the policy.
|
||||
|
||||
- [ ] Check Standard on documentation and ownership
|
||||
- [ ] Check 'responsible' vs. 'accountable' / [Responsibility assignment matrices](../../../../../Literature%20notes/Responsibility%20assignment%20matrices.md)
|
||||
- [ ] Check 'responsible' vs. 'accountable' / [Responsibility assignment matrices](../../../../../ISMS/Responsibility%20assignment%20matrices.md)
|
||||
|
||||
## Policy subject
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue