diff --git a/Content Factory/Content Factory Implementation.md b/Content Factory/Content Factory Implementation.md index 1651fa4..b1c4ce8 100644 --- a/Content Factory/Content Factory Implementation.md +++ b/Content Factory/Content Factory Implementation.md @@ -17,7 +17,7 @@ See [PROJECT - Five Agents](PROJECT%20-%20Five%20Agents.md) for role description - Create a single short Corpus Index Note with a list of all overview notes, with a one-line description of what they cover. - Upload the Corpus Index Note and all Overview Notes to each agent Project. Claude will read the ones it needs and ignore the rest. -See [Corpus overview notes](../Corpus/Corpus%20overview%20notes.md). +See [Corpus overview notes](../metadata/Corpus%20overview%20notes.md). **3. Prepare and maintain a log** diff --git a/Content Factory/Scratch file/Data classification - how to make labels stick.md b/Content Factory/Scratch file/Data classification - how to make labels stick.md deleted file mode 100644 index 66f47f1..0000000 --- a/Content Factory/Scratch file/Data classification - how to make labels stick.md +++ /dev/null @@ -1,6 +0,0 @@ -# Data classification: how to make labels stick? - -Data travels; how to make labels stick? - -Links to the [Privacy in ISO 27001](../../Corpus/Standards/ISO27x/Privacy%20in%20ISO%2027001.md) issue of [Data Provenance](../../Corpus/Standards/AVG/Data%20Provenance.md) . - diff --git a/Content Factory/Scratch file/Example of ISO 27001 mystique.md b/Content Factory/Scratch file/Example of ISO 27001 mystique.md deleted file mode 100644 index 383e933..0000000 --- a/Content Factory/Scratch file/Example of ISO 27001 mystique.md +++ /dev/null @@ -1,9 +0,0 @@ -# Example of ISO 27001 mystique - -ISO 27001 is a framework, and you cannot successfully implement it by treating the text of the standard as a series of instructions to be followed in the order in which they were printed. If you try that, things will become very confusing very quickly. - -For example, the requirement of having an information security policy is first (?) mentioned in [Chapter 5.1](../../Corpus/MoCs/ISO_27001_2022_5.1_MoC%20Leadership%20and%20commitment.md), "Leadership and commitment", where it says that top management must have it established, *together* with information security objectives. Then in [Chapter 5.2](../../Corpus/Standards/ISO27x/OST/27001/EN/c-5.2-Policy.md), 'Policy', it states that these objectives form *part of* the information security policy, referencing forward to [Chapter 6.2](../../Corpus/MoCs/ISO_27001_2022_6.2_MoC%20Information%20security%20objectives%20and%20planning%20to%20achieve%20them.md), "Information security objectives and planning to achieve them", which demands that organizations should set objectives consistent with the policy. Of course there's also a corresponding Control called "Policies for information security" ([5.1](../../Corpus/Standards/ISO27x/legacy/iso27DIY%20mk%20I/ISO_27002_2022_5.1_MoC%20Policies%20for%20information%20security.md)), which explains that there will be an information security policy at the highest level of the organization, including objectives "or the framework for setting objectives", and further "topic-specific policies as needed", which of course need their own objectives. - -Programmers may love this kind of recursiveness when it's in coding exercises. - - diff --git a/Corpus/Standards/ISO27x/legacy/iso27DIY mk I/ISO27DIY Business drivers.md b/Corpus/Standards/ISO27x/legacy/iso27DIY mk I/ISO27DIY Business drivers.md index 4db5d68..b1c3113 100644 --- a/Corpus/Standards/ISO27x/legacy/iso27DIY mk I/ISO27DIY Business drivers.md +++ b/Corpus/Standards/ISO27x/legacy/iso27DIY mk I/ISO27DIY Business drivers.md @@ -1,3 +1,3 @@ -- [Perverse prikkels in de normindustrie](../../../../../Content%20Factory/Scratch%20file/Perverse%20prikkels%20in%20de%20normindustrie.md) -- [GRC software is geschreven voor domeindeskundigen](../../../../../Content%20Factory/Scratch%20file/GRC%20software%20is%20geschreven%20voor%20domeindeskundigen.md) +- [Perverse prikkels in de normindustrie](../../../../../Marketing/content/Scratch%20file/Perverse%20prikkels%20in%20de%20normindustrie.md) +- [GRC software is geschreven voor domeindeskundigen](../../../../../Marketing/content/Scratch%20file/GRC%20software%20is%20geschreven%20voor%20domeindeskundigen.md) - [Problems solved 1](../../../../Sparks/Problems%20solved%201.md) diff --git a/Corpus/Standards/ISO27x/legacy/iso27DIY mk I/ISO27DIY Business model.md b/Corpus/Standards/ISO27x/legacy/iso27DIY mk I/ISO27DIY Business model.md index efd2b20..9816b93 100644 --- a/Corpus/Standards/ISO27x/legacy/iso27DIY mk I/ISO27DIY Business model.md +++ b/Corpus/Standards/ISO27x/legacy/iso27DIY mk I/ISO27DIY Business model.md @@ -1,6 +1,6 @@ Child notes: - [Blurbs](../../../../Sparks/Blurbs.md) -- [Toegevoegde waarde van ISO27DIY](../../../../../Content%20Factory/Scratch%20file/Toegevoegde%20waarde%20van%20ISO27DIY.md) +- [Toegevoegde waarde van ISO27DIY](../../../../../Marketing/content/Scratch%20file/Toegevoegde%20waarde%20van%20ISO27DIY.md) - [Friendly targets](../../../../../../💡Permanent%20ideas/Friendly%20targets.md) - [Possible Colabs](../../../../../AuditGlue/Possible%20Colabs.md) - [List of possible partners](../../../../../AuditGlue/List%20of%20possible%20partners.md) diff --git a/Corpus/Standards/other/Privacy frameworks list.md b/Corpus/Standards/other/Privacy frameworks list.md index 0bde826..04d35be 100644 --- a/Corpus/Standards/other/Privacy frameworks list.md +++ b/Corpus/Standards/other/Privacy frameworks list.md @@ -5,6 +5,6 @@ [Privacy in ISO 27k](../ISO27x/Privacy%20in%20ISO%2027k.md) Related: -- [Privacy protection in Databases](../../../Content%20Factory/Scratch%20file/Privacy%20protection%20in%20Databases.md) +- [Privacy protection in Databases](../../../Marketing/content/Scratch%20file/Privacy%20protection%20in%20Databases.md) - [ISO 27001 A.18.1.4 Privacy and protection of personally identifiable information](../ISO27x/legacy/ISO%2027001%202013/ISO%2027001%20A.18.1.4%20Privacy%20and%20protection%20of%20personally%20identifiable%20information.md) diff --git a/marketing/content/Scratch file/Data classification - how to make labels stick.md b/marketing/content/Scratch file/Data classification - how to make labels stick.md new file mode 100644 index 0000000..ac96efa --- /dev/null +++ b/marketing/content/Scratch file/Data classification - how to make labels stick.md @@ -0,0 +1,6 @@ +# Data classification: how to make labels stick? + +Data travels; how to make labels stick? + +Links to the [Privacy in ISO 27001](../../../Corpus/Standards/ISO27x/Privacy%20in%20ISO%2027001.md) issue of [Data Provenance](../../../Corpus/Standards/AVG/Data%20Provenance.md) . + diff --git a/marketing/content/Scratch file/Example of ISO 27001 mystique.md b/marketing/content/Scratch file/Example of ISO 27001 mystique.md new file mode 100644 index 0000000..09aabdd --- /dev/null +++ b/marketing/content/Scratch file/Example of ISO 27001 mystique.md @@ -0,0 +1,9 @@ +# Example of ISO 27001 mystique + +ISO 27001 is a framework, and you cannot successfully implement it by treating the text of the standard as a series of instructions to be followed in the order in which they were printed. If you try that, things will become very confusing very quickly. + +For example, the requirement of having an information security policy is first (?) mentioned in [Chapter 5.1](../../Corpus/MoCs/ISO_27001_2022_5.1_MoC%20Leadership%20and%20commitment.md), "Leadership and commitment", where it says that top management must have it established, *together* with information security objectives. Then in [Chapter 5.2](../../../Corpus/Standards/ISO27x/OST/27001/EN/c-5.2-Policy.md), 'Policy', it states that these objectives form *part of* the information security policy, referencing forward to [Chapter 6.2](../../Corpus/MoCs/ISO_27001_2022_6.2_MoC%20Information%20security%20objectives%20and%20planning%20to%20achieve%20them.md), "Information security objectives and planning to achieve them", which demands that organizations should set objectives consistent with the policy. Of course there's also a corresponding Control called "Policies for information security" ([5.1](../../../Corpus/Standards/ISO27x/legacy/iso27DIY%20mk%20I/ISO_27002_2022_5.1_MoC%20Policies%20for%20information%20security.md)), which explains that there will be an information security policy at the highest level of the organization, including objectives "or the framework for setting objectives", and further "topic-specific policies as needed", which of course need their own objectives. + +Programmers may love this kind of recursiveness when it's in coding exercises. + + diff --git a/Content Factory/Scratch file/GRC software is geschreven voor domeindeskundigen.md b/marketing/content/Scratch file/GRC software is geschreven voor domeindeskundigen.md similarity index 89% rename from Content Factory/Scratch file/GRC software is geschreven voor domeindeskundigen.md rename to marketing/content/Scratch file/GRC software is geschreven voor domeindeskundigen.md index 600591b..559a192 100644 --- a/Content Factory/Scratch file/GRC software is geschreven voor domeindeskundigen.md +++ b/marketing/content/Scratch file/GRC software is geschreven voor domeindeskundigen.md @@ -1,4 +1,4 @@ -This note relates to the [ISO27DIY Business model](../../Corpus/Standards/ISO27x/legacy/iso27DIY%20mk%20I/ISO27DIY%20Business%20model.md) +This note relates to the [ISO27DIY Business model](../../../Corpus/Standards/ISO27x/legacy/iso27DIY%20mk%20I/ISO27DIY%20Business%20model.md) Probleem: de GRC software wordt aangekocht om een operationeel probleem van de compliance officer op te lossen. diff --git a/Content Factory/Scratch file/Hoe dwing je verantwoordelijkheid af.md b/marketing/content/Scratch file/Hoe dwing je verantwoordelijkheid af.md similarity index 100% rename from Content Factory/Scratch file/Hoe dwing je verantwoordelijkheid af.md rename to marketing/content/Scratch file/Hoe dwing je verantwoordelijkheid af.md diff --git a/Content Factory/Scratch file/Least privilege, need-to-know - principles vs practice.md b/marketing/content/Scratch file/Least privilege, need-to-know - principles vs practice.md similarity index 100% rename from Content Factory/Scratch file/Least privilege, need-to-know - principles vs practice.md rename to marketing/content/Scratch file/Least privilege, need-to-know - principles vs practice.md diff --git a/Content Factory/Scratch file/Perverse prikkels in de normindustrie.md b/marketing/content/Scratch file/Perverse prikkels in de normindustrie.md similarity index 100% rename from Content Factory/Scratch file/Perverse prikkels in de normindustrie.md rename to marketing/content/Scratch file/Perverse prikkels in de normindustrie.md diff --git a/Content Factory/Scratch file/Privacy protection in Databases.md b/marketing/content/Scratch file/Privacy protection in Databases.md similarity index 100% rename from Content Factory/Scratch file/Privacy protection in Databases.md rename to marketing/content/Scratch file/Privacy protection in Databases.md diff --git a/Content Factory/Scratch file/Toegevoegde waarde van ISO27DIY.md b/marketing/content/Scratch file/Toegevoegde waarde van ISO27DIY.md similarity index 100% rename from Content Factory/Scratch file/Toegevoegde waarde van ISO27DIY.md rename to marketing/content/Scratch file/Toegevoegde waarde van ISO27DIY.md diff --git a/Content Factory/Scratch file/Voordelen van processvolwassenheid.md b/marketing/content/Scratch file/Voordelen van processvolwassenheid.md similarity index 100% rename from Content Factory/Scratch file/Voordelen van processvolwassenheid.md rename to marketing/content/Scratch file/Voordelen van processvolwassenheid.md diff --git a/Content Factory/Scratch file/Weerbaarheid - bereid je voor op verstoring.md b/marketing/content/Scratch file/Weerbaarheid - bereid je voor op verstoring.md similarity index 100% rename from Content Factory/Scratch file/Weerbaarheid - bereid je voor op verstoring.md rename to marketing/content/Scratch file/Weerbaarheid - bereid je voor op verstoring.md diff --git a/Content Factory/Scratch file/longlist.md b/marketing/content/Scratch file/longlist.md similarity index 100% rename from Content Factory/Scratch file/longlist.md rename to marketing/content/Scratch file/longlist.md diff --git a/marketing/content/posts/ZZP/For Leadership/s02pxxnl - Toch een Cbw checklist.md b/marketing/content/posts/ZZP/For Leadership/s02pxxnl - Toch een Cbw checklist.md index ba4f3f1..b67fe8e 100644 --- a/marketing/content/posts/ZZP/For Leadership/s02pxxnl - Toch een Cbw checklist.md +++ b/marketing/content/posts/ZZP/For Leadership/s02pxxnl - Toch een Cbw checklist.md @@ -8,13 +8,9 @@ Deze checklist gaat niet over techniek, maar over management en beleid. Het kost je een paar minuten, en dan weet je waar je staat, als op 1 juli 2026 de Cyberbeveiligingswet (Cbw) in werking treedt — en jij als bestuurder persoonlijk verantwoordelijk wordt voor informatiebeveiliging. - Als je na de checklist graag een uurtje wilt sparren over hoe nu verder, dan praat ik graag een uur met je. — Cbw-compliance in 8 stappen — 5/5 \#managingsecurity \#Cbw \#NIS2 +https://iso27diy.com/assets/cbw-checklist.html - - ---- - — risicoanalyse en beveiligingsbeleid, incidentresponse, bedrijfscontinuïteit, leveranciersbeveiliging, systeembeveiliging, effectiviteitsbeoordeling, cyberhygiëne en opleiding, cryptografie, personeels- en toegangsbeheer, en authenticatie \ No newline at end of file diff --git a/marketing/content/posts/ZZP/For MSPs/Do you supply EU customers.md b/marketing/content/posts/ZZP/For MSPs/Do you supply EU customers.md index 0118976..db69e16 100644 --- a/marketing/content/posts/ZZP/For MSPs/Do you supply EU customers.md +++ b/marketing/content/posts/ZZP/For MSPs/Do you supply EU customers.md @@ -15,4 +15,4 @@ They will check for the minimum measures listed in Art. 21(2): You don't need to be certified. But you do need to be able to answer these questions — on paper, not just in your head. Have your answers ready! -You can find an interactive checklist [[on our site]]. If the checklist raises any questions on how to continue, I'm happy to spend an hour with you. +You can find an interactive checklist [on our site](https://iso27diy.com/assets/nis2-checklist.html). If the checklist raises any questions on how to continue, I'm happy to spend an hour with you. diff --git a/Corpus/Corpus overview notes.md b/metadata/Corpus overview notes.md similarity index 100% rename from Corpus/Corpus overview notes.md rename to metadata/Corpus overview notes.md diff --git a/Corpus/Metadata - ISO 27002 Themes and Attributes.md b/metadata/Metadata - ISO 27002 Themes and Attributes.md similarity index 100% rename from Corpus/Metadata - ISO 27002 Themes and Attributes.md rename to metadata/Metadata - ISO 27002 Themes and Attributes.md diff --git a/Corpus/Obsidian Front Matter Syntax.md b/metadata/Obsidian Front Matter Syntax.md similarity index 100% rename from Corpus/Obsidian Front Matter Syntax.md rename to metadata/Obsidian Front Matter Syntax.md diff --git a/Corpus/Standards/_Corpus-metadata.md b/metadata/_Corpus-metadata.md similarity index 94% rename from Corpus/Standards/_Corpus-metadata.md rename to metadata/_Corpus-metadata.md index d4350b9..beed4b1 100644 --- a/Corpus/Standards/_Corpus-metadata.md +++ b/metadata/_Corpus-metadata.md @@ -1,7 +1,7 @@ # Corpus Metadata - All notes in this Obsidian vault need metadata. -- These metadata need to follow the [Obsidian Front Matter Syntax](../Obsidian%20Front%20Matter%20Syntax.md). +- These metadata need to follow the [Obsidian Front Matter Syntax](Obsidian%20Front%20Matter%20Syntax.md). - Obsidian calls metadata variables 'Properties' - In this Corpus we use General properties (every note should have them) and Specific properties (depending on the kind of note, can be inferred from other properties) @@ -33,5 +33,5 @@ For example, a note that needs to be linked to ISO 27001 clause 5.2 Policy, will - These notes are tagged with “sourcetext”. - The body of these notes must never be changed! - Specific properties for ISO 27002 OST notes are deduced from chapter 4 of the standard ("Themes and Attributes"). They are: `theme`, `control_type`, `information_security_properties`, `cybersecurity_concepts`, `operational_capabilities`, and `security_domains`. -- For the possible values of these properties, see [Metadata - ISO 27002 Themes and Attributes](../Metadata%20-%20ISO%2027002%20Themes%20and%20Attributes.md). +- For the possible values of these properties, see [Metadata - ISO 27002 Themes and Attributes](Metadata%20-%20ISO%2027002%20Themes%20and%20Attributes.md). diff --git a/metadata/front-matter-for-marketing-posts.md b/metadata/front-matter-for-marketing-posts.md new file mode 100644 index 0000000..7d4b2c6 --- /dev/null +++ b/metadata/front-matter-for-marketing-posts.md @@ -0,0 +1,64 @@ +# Front matter for marketing posts + +From [claude chat](https://claude.ai/share/614ce436-307d-4740-a79f-40225461e743) + +``` +--- +title: "" +series: "" # slug for the series this belongs to, e.g. "access-control-basics" +series-part: 1 # position within the series; omit if standalone +theme: "" # broader topic cluster, e.g. "ISO27001 myths" +channel: # list — a post can go to multiple channels + - linkedin + - newsletter + - blog +status: draft # draft | ready | scheduled | published +publish-date: # ISO 8601, e.g. 2026-06-10; can be a list if channels differ + linkedin: 2026-06-10 + newsletter: 2026-06-17 + blog: 2026-06-17 +published-url: # fill in after publishing; one per channel + linkedin: "" + blog: "" +content-type: "" # post | article | newsletter-section | thread +source-notes: # vault notes this was drawn from + - "[[path/to/note]]" +tags: [] +--- +``` + +### Folder structure to go with it + +``` +Content Factory/ + Publishing/ + Series/ + access-control-basics/ + part-1.md + part-2.md + Standalone/ + some-one-off-post.md +``` + +Or if you prefer tag-based grouping over folders, skip the subfolders and rely on `series` + Dataview to surface series views. + +--- + +### Dataview query to check what's scheduled + +dataview + +```dataview +TABLE series, channel, publish-date, status +FROM "Content Factory/Publishing" +WHERE status != "published" +SORT publish-date ASC +``` + +--- + +### Issues to flag + +- If you're already using front matter on content notes, check for conflicts with any existing `status` or `tags` fields before rolling this out. +- `published-url` will stay empty a lot. That's fine — it's a record, not a requirement. +- If posts get repurposed significantly between channels (not just reformatted), they probably deserve separate notes rather than one note with multiple channels listed. \ No newline at end of file