Vault restructure

Drafts and Ideas/PolicyCard_Example_5.15.yaml

@@ -1,42 +0,0 @@
-PolicyTitle: Application access policy
-RelevantStandardArticles:
-- ISO27001:2022:5.15
-- ISO27001:2022:5.18
-VersionControl:
-  VersionNumber: '3.14'
-  VersionDate: '2024-12-15'
-  DocumentOwner: Alex Hanover
-  ApprovedBy: Marian Faithful
-  ApprovedDate: '2025-01-08'
-  NextReview: '2025-12-15'
-Purpose:
-  Goal: To protect classified data from unauthorized access
-  Scope: All applications in use within the organization
-  RisksMitigated: Unauthorized access to classified data
-  ControlsImplemented:
-  - ISO27001:2022:5.15
-  - ISO27001:2022:5.18
-Method:
-  Implementation: To mitigate the risk of X, controls A, B and C will be implemented
-    on asset Y by Responsible Z. The effectiveness will be measured through P and
-    will be evaluated by Q according to method R, following planning S.
-  Metrics: Number of users with unjustly granted access to each application, compared
-    to the necessary access following from the Job Framework
-  Measurement: The number of users with unjust access will be determined each quarter
-    by HR, based on the current access matrix delivered by IT
-  Evaluation: The effectiveness of the control will be evaluated quarterly by the
-    Compliance Officer in a meeting with HR and IT
-ReviewsAndChanges:
-  Review: This policy will be reviewed yearly or if relevant and significant changes
-    occur in the organization, in a meeting with the CISO, COO and Compliance Officer
-  Changes: Changes to this policy will be prepared by the policy owner and proposed to the CISO.
-  Responsibilities:
-    PolicyWriting: IT consultant
-    PolicyApproval: CISO
-    Implementation: IT Administration dept.
-Documentation:
-  PolicyDocuments: []
-  ProcedureDescriptions: []
-  ProofExecution: []
-  MeasurementReports: []
-  EvaluationReports: []