#!/usr/bin/env python3 """ prepend_frontmatter.py For each ISO 27002 control note in the target folder: - Skips files that already have YAML frontmatter (starts with ---) - Skips a-3-Terms* - Prepends the correct frontmatter block and writes the file back Run from anywhere: python3 prepend_frontmatter.py Requires Python 3.6+. No dependencies. """ import os VAULT_DIR = "/Users/rico/src/iso27diy-corp/Corpus/Standards/ISO27x/OST/27002/EN" FRONTMATTER = { "a-5.1-Policies-for-information-security.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.1" title: "Policies for information security" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Identify] operational_capabilities: [Governance] security_domains: - Governance_and_Ecosystem - Resilience tags: - iso27002/2022/EN status: active ---""", "a-5.2-Information-security-roles-and-responsibilities.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.2" title: "Information security roles and responsibilities" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Identify] operational_capabilities: [Governance] security_domains: - Governance_and_Ecosystem - Protection - Resilience tags: - iso27002/2022/EN status: active ---""", "a-5.3-Segregation-of-duties.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.3" title: "Segregation of duties" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - Governance - Identity_and_access_management security_domains: [Governance_and_Ecosystem] tags: - iso27002/2022/EN status: active ---""", "a-5.4-Management-responsibilities.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.4" title: "Management responsibilities" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Identify] operational_capabilities: [Governance] security_domains: [Governance_and_Ecosystem] tags: - iso27002/2022/EN status: active ---""", "a-5.5-Contact-with-authorities.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.5" title: "Contact with authorities" theme: Organizational control_type: - Preventive - Corrective information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Identify - Protect - Respond - Recover operational_capabilities: [Governance] security_domains: - Defence - Resilience tags: - iso27002/2022/EN status: active ---""", "a-5.6-Contact-with-special-interest-groups.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.6" title: "Contact with special interest groups" theme: Organizational control_type: - Preventive - Corrective information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Protect - Respond - Recover operational_capabilities: [Governance] security_domains: [Defence] tags: - iso27002/2022/EN status: active ---""", "a-5.7-Threat-intelligence.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.7" title: "Threat intelligence" theme: Organizational control_type: - Preventive - Detective - Corrective information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Identify - Detect - Respond operational_capabilities: [Threat_and_vulnerability_management] security_domains: - Defence - Resilience tags: - iso27002/2022/EN status: active ---""", "a-5.8-Information-security-in-project-management.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.8" title: "Information security in project management" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Identify - Protect operational_capabilities: [Governance] security_domains: - Governance_and_Ecosystem - Protection tags: - iso27002/2022/EN status: active ---""", "a-5.9-Inventory-of-information-and-other-associated-assets.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.9" title: "Inventory of information and other associated assets" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Identify] operational_capabilities: [Asset_management] security_domains: - Governance_and_Ecosystem - Protection tags: - iso27002/2022/EN status: active ---""", "a-5.10-Acceptable-use-of-information-and-other-associated-assets.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.10" title: "Acceptable use of information and other associated assets" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - Asset_management - Information_protection security_domains: - Governance_and_Ecosystem - Protection tags: - iso27002/2022/EN status: active ---""", "a-5.11-Return-of-assets.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.11" title: "Return of assets" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [Asset_management] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-5.12-Classification-of-information.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.12" title: "Classification of information" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Identify] operational_capabilities: [Information_protection] security_domains: - Protection - Defence tags: - iso27002/2022/EN status: active ---""", "a-5.13-Labelling-of-information.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.13" title: "Labelling of information" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [Information_protection] security_domains: - Defence - Protection tags: - iso27002/2022/EN status: active ---""", "a-5.14-Information-transfer.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.14" title: "Information transfer" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - Asset_management - Information_protection security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-5.15-Access-control.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.15" title: "Access control" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [Identity_and_access_management] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-5.16-Identity-management.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.16" title: "Identity management" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [Identity_and_access_management] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-5.17-Authentication-information.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.17" title: "Authentication information" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [Identity_and_access_management] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-5.18-Access-rights.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.18" title: "Access rights" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [Identity_and_access_management] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-5.19-Information-security-in-supplier-relationships.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.19" title: "Information security in supplier relationships" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Identify] operational_capabilities: [Supplier_relationships_security] security_domains: - Governance_and_Ecosystem - Protection tags: - iso27002/2022/EN status: active ---""", "a-5.20-Addressing-information-security-within-supplier-agreements.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.20" title: "Addressing information security within supplier agreements" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Identify] operational_capabilities: [Supplier_relationships_security] security_domains: - Governance_and_Ecosystem - Protection tags: - iso27002/2022/EN status: active ---""", "a-5.21-Managing-information-security-in-the-ICT-supply-chain.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.21" title: "Managing information security in the ICT supply chain" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Identify] operational_capabilities: [Supplier_relationships_security] security_domains: - Governance_and_Ecosystem - Protection tags: - iso27002/2022/EN status: active ---""", "a-5.22-Monitoring-review-and-change-management-of-supplier-services.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.22" title: "Monitoring, review and change management of supplier services" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Identify] operational_capabilities: [Supplier_relationships_security] security_domains: - Governance_and_Ecosystem - Protection - Defence - Information_security_assurance tags: - iso27002/2022/EN status: active ---""", "a-5.23-Information-security-for-use-of-cloud-services.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.23" title: "Information security for use of cloud services" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [Supplier_relationships_security] security_domains: - Governance_and_Ecosystem - Protection tags: - iso27002/2022/EN status: active ---""", "a-5.24-Information-security-incident-management-planning-and-preparation.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.24" title: "Information security incident management planning and preparation" theme: Organizational control_type: [Corrective] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Respond - Recover operational_capabilities: - Governance - Information_security_event_management security_domains: [Defence] tags: - iso27002/2022/EN status: active ---""", "a-5.25-Assessment-and-decision-on-information-security-events.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.25" title: "Assessment and decision on information security events" theme: Organizational control_type: [Detective] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Detect - Respond operational_capabilities: [Information_security_event_management] security_domains: [Defence] tags: - iso27002/2022/EN status: active ---""", "a-5.26-Response-to-information-security-incidents.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.26" title: "Response to information security incidents" theme: Organizational control_type: [Corrective] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Respond - Recover operational_capabilities: [Information_security_event_management] security_domains: [Defence] tags: - iso27002/2022/EN status: active ---""", "a-5.27-Learning-from-information-security-incidents.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.27" title: "Learning from information security incidents" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Identify - Protect operational_capabilities: [Information_security_event_management] security_domains: [Defence] tags: - iso27002/2022/EN status: active ---""", "a-5.28-Collection-of-evidence.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.28" title: "Collection of evidence" theme: Organizational control_type: [Corrective] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Detect - Respond operational_capabilities: [Information_security_event_management] security_domains: [Defence] tags: - iso27002/2022/EN status: active ---""", "a-5.29-Information-security-during-disruption.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.29" title: "Information security during disruption" theme: Organizational control_type: - Preventive - Corrective information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Protect - Respond operational_capabilities: [Continuity] security_domains: - Protection - Resilience tags: - iso27002/2022/EN status: active ---""", "a-5.30-ICT-readiness-for-business-continuity.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.30" title: "ICT readiness for business continuity" theme: Organizational control_type: [Corrective] information_security_properties: [Availability] cybersecurity_concepts: [Respond] operational_capabilities: [Continuity] security_domains: [Resilience] tags: - iso27002/2022/EN status: active ---""", "a-5.31-Legal-statutory-regulatory-and-contractual-requirements.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.31" title: "Legal, statutory, regulatory and contractual requirements" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Identify] operational_capabilities: [Legal_and_compliance] security_domains: - Governance_and_Ecosystem - Protection tags: - iso27002/2022/EN status: active ---""", "a-5.32-Intellectual-property-rights.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.32" title: "Intellectual property rights" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Identify] operational_capabilities: [Legal_and_compliance] security_domains: [Governance_and_Ecosystem] tags: - iso27002/2022/EN status: active ---""", "a-5.33-Protection-of-records.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.33" title: "Protection of records" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Identify - Protect operational_capabilities: - Legal_and_compliance - Asset_management - Information_protection security_domains: [Defence] tags: - iso27002/2022/EN status: active ---""", "a-5.34-Privacy-and-protection-of-PII.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.34" title: "Privacy and protection of PII" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Identify - Protect operational_capabilities: - Information_protection - Legal_and_compliance security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-5.35-Independent-review-of-information-security.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.35" title: "Independent review of information security" theme: Organizational control_type: - Preventive - Corrective information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Identify - Protect operational_capabilities: [Information_security_assurance] security_domains: [Governance_and_Ecosystem] tags: - iso27002/2022/EN status: active ---""", "a-5.36-Compliance-with-policies-rules-and-standards-for-information-security.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.36" title: "Compliance with policies, rules and standards for information security" theme: Organizational control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Identify - Protect operational_capabilities: - Legal_and_compliance - Information_security_assurance security_domains: [Governance_and_Ecosystem] tags: - iso27002/2022/EN status: active ---""", "a-5.37-Documented-operating-procedures.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.5.37" title: "Documented operating procedures" theme: Organizational control_type: - Preventive - Corrective information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Protect - Recover operational_capabilities: - Asset_management - Physical_security - System_and_network_security - Application_security - Secure_configuration - Identity_and_access_management - Threat_and_vulnerability_management - Continuity - Information_security_event_management security_domains: - Governance_and_Ecosystem - Protection - Defence tags: - iso27002/2022/EN status: active ---""", "a-6.1-Screening.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.6.1" title: "Screening" theme: People control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [Human_resource_security] security_domains: [Governance_and_Ecosystem] tags: - iso27002/2022/EN status: active ---""", "a-6.2-Terms-and-conditions-of-employment.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.6.2" title: "Terms and conditions of employment" theme: People control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [Human_resource_security] security_domains: [Governance_and_Ecosystem] tags: - iso27002/2022/EN status: active ---""", "a-6.3-Information-security-awareness-education-and-training.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.6.3" title: "Information security awareness, education and training" theme: People control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [Human_resource_security] security_domains: [Governance_and_Ecosystem] tags: - iso27002/2022/EN status: active ---""", "a-6.4-Disciplinary-process.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.6.4" title: "Disciplinary process" theme: People control_type: - Preventive - Corrective information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Protect - Respond operational_capabilities: [Human_resource_security] security_domains: [Governance_and_Ecosystem] tags: - iso27002/2022/EN status: active ---""", "a-6.5-Responsibilities-after-termination-or-change-of-employment.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.6.5" title: "Responsibilities after termination or change of employment" theme: People control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - Human_resource_security - Asset_management security_domains: [Governance_and_Ecosystem] tags: - iso27002/2022/EN status: active ---""", "a-6.6-Confidentiality-or-non-disclosure-agreements.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.6.6" title: "Confidentiality or non-disclosure agreements" theme: People control_type: [Preventive] information_security_properties: [Confidentiality] cybersecurity_concepts: [Protect] operational_capabilities: - Human_resource_security - Information_protection - Supplier_relationships_security security_domains: [Governance_and_Ecosystem] tags: - iso27002/2022/EN status: active ---""", "a-6.7-Remote-working.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.6.7" title: "Remote working" theme: People control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - Asset_management - Information_protection - Physical_security - System_and_network_security security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-6.8-Information-security-event-reporting.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.6.8" title: "Information security event reporting" theme: People control_type: [Detective] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Detect] operational_capabilities: [Information_security_event_management] security_domains: [Defence] tags: - iso27002/2022/EN status: active ---""", "a-7.1-Physical-security-perimeters.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.7.1" title: "Physical security perimeters" theme: Physical control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [Physical_security] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-7.2-Physical-entry.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.7.2" title: "Physical entry" theme: Physical control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - Physical_security - Identity_and_access_management security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-7.3-Securing-offices-rooms-and-facilities.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.7.3" title: "Securing offices, rooms and facilities" theme: Physical control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - Physical_security - Asset_management security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-7.4-Physical-security-monitoring.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.7.4" title: "Physical security monitoring" theme: Physical control_type: - Preventive - Detective information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Protect - Detect operational_capabilities: [Physical_security] security_domains: - Protection - Defence tags: - iso27002/2022/EN status: active ---""", "a-7.5-Protecting-against-physical-and-environmental-threats.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.7.5" title: "Protecting against physical and environmental threats" theme: Physical control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [Physical_security] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-7.6-Working-in-secure-areas.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.7.6" title: "Working in secure areas" theme: Physical control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [Physical_security] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-7.7-Clear-desk-and-clear-screen.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.7.7" title: "Clear desk and clear screen" theme: Physical control_type: [Preventive] information_security_properties: [Confidentiality] cybersecurity_concepts: [Protect] operational_capabilities: [Physical_security] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-7.8-Equipment-siting-and-protection.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.7.8" title: "Equipment siting and protection" theme: Physical control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - Physical_security - Asset_management security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-7.9-Security-of-assets-off-premises.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.7.9" title: "Security of assets off-premises" theme: Physical control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - Physical_security - Asset_management security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-7.10-Storage-media.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.7.10" title: "Storage media" theme: Physical control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - Physical_security - Asset_management security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-7.11-Supporting-utilities.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.7.11" title: "Supporting utilities" theme: Physical control_type: - Preventive - Detective information_security_properties: - Integrity - Availability cybersecurity_concepts: - Protect - Detect operational_capabilities: [Physical_security] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-7.12-Cabling-security.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.7.12" title: "Cabling security" theme: Physical control_type: [Preventive] information_security_properties: - Confidentiality - Availability cybersecurity_concepts: [Protect] operational_capabilities: [Physical_security] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-7.13-Equipment-maintenance.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.7.13" title: "Equipment maintenance" theme: Physical control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - Physical_security - Asset_management security_domains: - Protection - Resilience tags: - iso27002/2022/EN status: active ---""", "a-7.14-Secure-disposal-or-re-use-of-equipment.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.7.14" title: "Secure disposal or re-use of equipment" theme: Physical control_type: [Preventive] information_security_properties: [Confidentiality] cybersecurity_concepts: [Protect] operational_capabilities: - Physical_security - Asset_management security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.1-User-endpoint-devices.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.1" title: "User endpoint devices" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - Asset_management - Information_protection security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.2-Privileged-access-rights.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.2" title: "Privileged access rights" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [Identity_and_access_management] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.3-Information-access-restriction.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.3" title: "Information access restriction" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [Identity_and_access_management] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.4-Access-to-source-code.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.4" title: "Access to source code" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - Identity_and_access_management - Application_security - Secure_configuration security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.5-Secure-authentication.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.5" title: "Secure authentication" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [Identity_and_access_management] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.6-Capacity-management.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.6" title: "Capacity management" theme: Technological control_type: - Preventive - Detective information_security_properties: - Integrity - Availability cybersecurity_concepts: - Identify - Protect - Detect operational_capabilities: [Continuity] security_domains: - Governance_and_Ecosystem - Protection tags: - iso27002/2022/EN status: active ---""", "a-8.7-Protection-against-malware.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.7" title: "Protection against malware" theme: Technological control_type: - Preventive - Detective - Corrective information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Protect - Detect operational_capabilities: - System_and_network_security - Information_protection security_domains: - Protection - Defence tags: - iso27002/2022/EN status: active ---""", "a-8.8-Management-of-technical-vulnerabilities.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.8" title: "Management of technical vulnerabilities" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Identify - Protect operational_capabilities: [Threat_and_vulnerability_management] security_domains: - Governance_and_Ecosystem - Protection - Defence tags: - iso27002/2022/EN status: active ---""", "a-8.9-Configuration-management.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.9" title: "Configuration management" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [Secure_configuration] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.10-Information-deletion.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.10" title: "Information deletion" theme: Technological control_type: [Preventive] information_security_properties: [Confidentiality] cybersecurity_concepts: [Protect] operational_capabilities: - Information_protection - Legal_and_compliance security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.11-Data-masking.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.11" title: "Data masking" theme: Technological control_type: [Preventive] information_security_properties: [Confidentiality] cybersecurity_concepts: [Protect] operational_capabilities: [Information_protection] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.12-Data-leakage-prevention.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.12" title: "Data leakage prevention" theme: Technological control_type: - Preventive - Detective information_security_properties: [Confidentiality] cybersecurity_concepts: - Protect - Detect operational_capabilities: [Information_protection] security_domains: - Protection - Defence tags: - iso27002/2022/EN status: active ---""", "a-8.13-Information-backup.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.13" title: "Information backup" theme: Technological control_type: [Corrective] information_security_properties: - Integrity - Availability cybersecurity_concepts: [Recover] operational_capabilities: [Continuity] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.14-Redundancy-of-information-processing-facilities.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.14" title: "Redundancy of information processing facilities" theme: Technological control_type: [Preventive] information_security_properties: [Availability] cybersecurity_concepts: [Protect] operational_capabilities: - Continuity - Asset_management security_domains: - Protection - Resilience tags: - iso27002/2022/EN status: active ---""", "a-8.15-Logging.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.15" title: "Logging" theme: Technological control_type: [Detective] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Detect] operational_capabilities: [Information_security_event_management] security_domains: - Protection - Defence tags: - iso27002/2022/EN status: active ---""", "a-8.16-Monitoring-activities.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.16" title: "Monitoring activities" theme: Technological control_type: - Detective - Corrective information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Detect - Respond operational_capabilities: [Information_security_event_management] security_domains: [Defence] tags: - iso27002/2022/EN status: active ---""", "a-8.17-Clock-synchronization.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.17" title: "Clock synchronization" theme: Technological control_type: [Detective] information_security_properties: [Integrity] cybersecurity_concepts: - Protect - Detect operational_capabilities: [Information_security_event_management] security_domains: - Protection - Defence tags: - iso27002/2022/EN status: active ---""", "a-8.18-Use-of-privileged-utility-programs.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.18" title: "Use of privileged utility programs" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - System_and_network_security - Secure_configuration - Application_security security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.19-Installation-of-software-on-operational-systems.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.19" title: "Installation of software on operational systems" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - Secure_configuration - Application_security security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.20-Networks-security.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.20" title: "Networks security" theme: Technological control_type: - Preventive - Detective information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Protect - Detect operational_capabilities: [System_and_network_security] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.21-Security-of-network-services.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.21" title: "Security of network services" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [System_and_network_security] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.22-Segregation-of-networks.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.22" title: "Segregation of networks" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [System_and_network_security] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.23-Web-filtering.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.23" title: "Web filtering" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [System_and_network_security] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.24-Use-of-cryptography.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.24" title: "Use of cryptography" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: [Secure_configuration] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.25-Secure-development-life-cycle.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.25" title: "Secure development life cycle" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - Application_security - System_and_network_security security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.26-Application-security-requirements.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.26" title: "Application security requirements" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - Application_security - System_and_network_security security_domains: - Protection - Defence tags: - iso27002/2022/EN status: active ---""", "a-8.27-Secure-system-architecture-and-engineering-principles.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.27" title: "Secure system architecture and engineering principles" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - Application_security - System_and_network_security security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.28-Secure-coding.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.28" title: "Secure coding" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - Application_security - System_and_network_security security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.29-Security-testing-in-development-and-acceptance.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.29" title: "Security testing in development and acceptance" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Identify] operational_capabilities: - Application_security - Information_security_assurance - System_and_network_security security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.30-Outsourced-development.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.30" title: "Outsourced development" theme: Technological control_type: - Preventive - Detective information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: - Identify - Protect - Detect operational_capabilities: - System_and_network_security - Application_security - Supplier_relationships_security security_domains: - Governance_and_Ecosystem - Protection tags: - iso27002/2022/EN status: active ---""", "a-8.31-Separation-of-development-test-and-production-environments.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.31" title: "Separation of development, test and production environments" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - Application_security - System_and_network_security security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.32-Change-management.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.32" title: "Change management" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - Application_security - System_and_network_security security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.33-Test-information.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.33" title: "Test information" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity cybersecurity_concepts: [Protect] operational_capabilities: [Information_protection] security_domains: [Protection] tags: - iso27002/2022/EN status: active ---""", "a-8.34-Protection-of-information-systems-during-audit-testing.md": """--- notetype: sourcetext standard: ISO 27002 version: 2022 language: EN type: control id: "A.8.34" title: "Protection of information systems during audit testing" theme: Technological control_type: [Preventive] information_security_properties: - Confidentiality - Integrity - Availability cybersecurity_concepts: [Protect] operational_capabilities: - System_and_network_security - Information_protection security_domains: - Governance_and_Ecosystem - Protection tags: - iso27002/2022/EN status: active ---""", } def main(): written = [] skipped_fm = [] skipped_missing = [] errors = [] for filename, frontmatter in sorted(FRONTMATTER.items()): filepath = os.path.join(VAULT_DIR, filename) if not os.path.exists(filepath): skipped_missing.append(filename) continue with open(filepath, "r", encoding="utf-8") as f: content = f.read() if content.startswith("---"): skipped_fm.append(filename) continue new_content = frontmatter + "\n\n" + content with open(filepath, "w", encoding="utf-8") as f: f.write(new_content) written.append(filename) print(f"Written: {len(written)}") print(f"Already had FM: {len(skipped_fm)}") print(f"File not found: {len(skipped_missing)}") print(f"Errors: {len(errors)}") if skipped_fm: print("\nAlready had frontmatter (skipped):") for f in skipped_fm: print(f" {f}") if skipped_missing: print("\nNot found (skipped):") for f in skipped_missing: print(f" {f}") if errors: print("\nErrors:") for e in errors: print(f" {e}") if __name__ == "__main__": main()