ISMS_QA_CHECKLIST.md
May 24, 2026 ยท View on GitHub
๐ Hack23 AB โ ISMS Document Quality Assurance Checklist
Systematic Quality Excellence Through Consistent Standards
Ensuring Professional and Compliant ISMS Documentation
๐ Document Owner: CEO | ๐ Version: 1.3 | ๐
Last Updated: 2026-05-10 (UTC)
๐ Review Cycle: Annual | โฐ Next Review: 2027-05-10
๐ฏ Purpose Statement
This Quality Assurance Checklist ensures systematic consistency and professional excellence across all ISMS policy documents at Hack23 AB. Our ISMS documentation serves dual purposes - operational security framework and client demonstration platform - making quality assurance critical to both our security posture and business credibility.
As CEO, I've observed that manual verification without standardized checklists leads to inconsistent quality across document updates. This checklist transforms subjective "looks good" judgments into objective quality verification, ensuring every document update maintains the enterprise-grade standards our clients expect.
Quality assurance is not bureaucracy - it's the systematic approach that enables us to maintain professional documentation at scale while allowing rapid updates when security requirements evolve. Under our AI-augmented operating model, this checklist is enforced continuously by the specialist Copilot agent ecosystem and the validation scripts under .github/scripts/ โ agents handle the mechanical conformance items so the CEO's manual checklist effort concentrates on judgement-heavy items (classification level, framework mapping correctness, business-impact phrasing).
โ James Pether Sรถrling, CEO/Founder
๐ How to Use This Checklist
When to Use
- โ Before document updates: Pre-review verification
- โ During document creation: Section-by-section validation
- โ After document updates: Final quality check before commit
- โ During scheduled reviews: Comprehensive quality audit
- โ Before external sharing: Client-ready verification
Workflow Integration
- Pre-Update: Review current document version, identify changes needed
- During Update: Check each section against relevant checklist items
- Post-Update: Run through complete checklist before commit
- Final Verification: Execute
./update_dates.shand test all links - Commit: Use descriptive commit message following git workflow standards
๐ค Automated Validation Companion (AI-augmented operating model)
This human checklist is enforced continuously by the Hack23 specialist Copilot agent ecosystem and the validation scripts under .github/scripts/. The CEO no longer needs to walk every PR through the full checklist by hand โ the agents and scripts catch the routine issues, and the CEO focuses checklist effort on judgement-heavy items (classification, framework mapping, business impact phrasing).
| Checklist Domain | Automated Enforcement | Human Decision Required |
|---|---|---|
| ๐จ Header Section Quality | validate-style-guide.sh (logo, H1+emoji, 4 required badges, metadata line) | Tagline / sub-tagline wording quality |
| ๐ Related Documents Section | validate-style-guide.sh (section presence) + validate-cross-references.sh (link target existence) | Choice of which related docs to link |
| ๐ Document Control Footer | validate-style-guide.sh (Approved/Distribution/Classification/Effective/Next Review/Framework fields) | Distribution audience and classification level |
| ๐ Review Cycle Format | validate-review-cycles.sh (parses standard **๐ Review Cycle:** [Monthly|Quarterly|Semi-Annual|Annual] | **โฐ Next Review:** YYYY-MM-DD line โ : shown here is the HTML entity for : used only to prevent the validator's grep "Review Cycle:" from matching this illustrative row; the literal colon : is required in real document metadata) | Whether the cadence itself is appropriate |
| ๐จ Mermaid Diagram Quality | validate-mermaid-diagrams.sh (lowercase APPROVED_COLORS palette only inside ```mermaid blocks) | Diagram structure / clarity |
| ๐ Content Quality Standards | Documentation specialist agent (style, terminology, clarity) on every PR | Technical accuracy and policy alignment |
| ๐ Compliance Framework Mapping | Compliance specialist agent + Compliance_Checklist.md cross-check | Mapping correctness and ISO/NIST/CIS interpretation |
| ๐ Classification Application | Documentation specialist agent surfaces missing badge | Selecting the appropriate confidentiality/integrity/availability level |
| ๐ Date Updates | update_dates.sh --date YYYY-MM-DD recomputes Effective/Next Review | Whether a content change actually warrants a date bump |
Quick gate (run locally before commit):
bash .github/scripts/validate-style-guide.sh
bash .github/scripts/validate-mermaid-diagrams.sh
bash .github/scripts/validate-review-cycles.sh
bash .github/scripts/validate-cross-references.sh
bash .github/scripts/generate-metrics.sh # refreshes ISMS_METRICS_DASHBOARD.md
The full manual checklist below remains the authoritative quality bar โ it is the source-of-truth that the agents and scripts implement. Use it whenever:
- Working on a new policy where the agents have no prior pattern to follow
- Performing the Annual review of this checklist
- Onboarding a new specialist agent or contributor
- Investigating a regression in automated validation
Checklist Interpretation
- โ Must-Have: Required for all documents (ISO 27001 compliance)
- ๐ถ Should-Have: Strongly recommended for consistency
- ๐ก Best Practice: Enhances quality but may not apply to all documents
โ Pre-Update Verification
Document Context Review
- ๐ Current document version reviewed - Understand existing content and structure
- ๐ Change scope identified - Know what sections require updates
- ๐ Related documents identified - Check cross-references for consistency updates
- โ๏ธ Compliance requirements confirmed - Verify ISO 27001, GDPR, NIS2 alignment
- ๐ Review cycle verified - Confirm appropriate review frequency (Monthly/Quarterly/Semi-Annual/Annual)
- ๐ท๏ธ Classification level appropriate - Verify confidentiality/integrity/availability ratings match content
- ๐ฅ Stakeholder impact assessed - Identify who needs to be informed of changes
Repository Status Check
- ๐ Git repository clean - No uncommitted changes that might be lost
- ๐ฟ Correct branch - Working in appropriate feature/update branch
- ๐ฅ Latest changes pulled - Repository synchronized with remote
- ๐ Cross-references checked - Related documents reviewed for consistency
๐จ Header Section Quality (MUST-HAVE โ )
Logo and Title
- ๐ท Centered logo present -
<p align="center"><img src="https://hack23.com/icon-192.png" alt="Hack23 Logo" width="192" height="192"></p> - ๐ Logo dimensions correct - Exactly 192x192 pixels
- ๐ H1 title with emoji -
<h1 align="center">[ICON] Hack23 AB โ [Document Title]</h1> - ๐ฏ Title follows pattern - "Hack23 AB โ [Document Name]" format
- โ Emoji matches document type - ๐ Policy, ๐ Plan, โ๏ธ Procedure, ๐ Register, ๐ท๏ธ Framework
- ๐ Title centered - Uses
<h1 align="center">HTML tag
Tagline and Sub-tagline
- ๐ช Strong tagline present - Bold text with relevant emoji
- ๐ฏ Sub-tagline present - Italic text emphasizing security/transparency
- ๐ Paragraph centered - Uses
<p align="center">wrapper - ๐จ Emojis appropriate - Match document purpose (๐ก๏ธ security, ๐ฏ goals, etc.)
- โ๏ธ Compelling messaging - Clear value proposition for document purpose
Badge Row (4 Required Badges)
- ๐๏ธ Owner badge present -
Owner-CEO-0A66C2in blue - ๐ Version badge present -
Version-X.Y-555in grey - ๐
Effective date badge present -
Effective-YYYY--MM--DD-successin green (note double dash) - ๐ Review cycle badge present -
Review-[Cycle]-orangein orange - ๐ Badges centered - Inside
<p align="center">wrapper - ๐ Badges linked - Each wrapped in
<a href="#">tag (placeholder link acceptable) - ๐จ Badge style consistent - All use
style=for-the-badgeparameter
Metadata Line
- ๐ Document Owner specified -
**๐ Document Owner:** CEO - ๐ Version matches badge - Same X.Y version as badge above
- ๐
Last Updated date present -
**๐ Last Updated:** YYYY-MM-DD (UTC) - ๐ Timezone specified - Always includes "(UTC)" suffix
- ๐ Review Cycle specified -
**๐ Review Cycle:** Monthly | Quarterly | Semi-Annual | Annual - โฐ Next Review date present -
**โฐ Next Review:** YYYY-MM-DD - โ Icons consistent - ๐ Owner, ๐ Version, ๐ Updated, ๐ Review, โฐ Next
- ๐งฎ Next Review calculated correctly - Annual (+1 year), Quarterly (+3 months), Monthly (+1 month), Semi-Annual (+6 months)
Horizontal Separator
- โ Separator after metadata - Three dashes
---on dedicated line
๐ Content Quality Standards
Purpose Statement Section
- ๐ฏ Section titled "Purpose Statement" - With emoji (๐ฏ or similar)
- ๐ฌ CEO quote present - Connects document to Hack23 transparency principles
- ๐ Links to business value - Explains how document supports business model
- ๐จ Compelling narrative - Demonstrates thought leadership and expertise
- โ๏ธ Signature present - "โ James Pether Sรถrling, CEO/Founder" in italics
- โ Separator after statement - Three dashes
---on dedicated line
Section Structure
- ๐ Clear hierarchical headers - H2 (##), H3 (###), H4 (####) properly nested
- ๐จ Headers include emojis - Consistent icon usage matching STYLE_GUIDE.md
- ๐ Consistent spacing - Blank lines before/after headers and sections
- ๐ข Logical ordering - Sections flow logically from context to implementation
- ๐ฏ Section purpose clear - Each section has obvious reason for existence
- ๐ Appropriate content length - Sections neither too dense nor too sparse
Tables and Lists
- ๐ Tables properly formatted - Pipe-delimited with header separators
- โ
Table headers bold - Use
**Header**syntax - ๐ Column alignment consistent - Visual consistency in pipe positions
- ๐ข Lists use proper markdown -
-for unordered,1.for ordered - ๐ฏ List indentation correct - 2 spaces for nested lists
- โ
Checkbox lists formatted -
- [ ]for unchecked,- [x]for checked
Writing Quality
- โ๏ธ No spelling errors - Run spellcheck
- ๐ No grammar errors - Professional writing standards
- ๐ฏ Active voice used - "Configure the firewall" not "The firewall should be configured"
- ๐ Concise sentences - Avoid unnecessarily complex phrasing
- ๐ค Consistent terminology - Same terms used throughout document and across ISMS
- ๐จ Professional tone - Balance technical accuracy with accessibility
Technical Accuracy
- โ Facts verified - Technical claims are accurate
- ๐ Links functional - All hyperlinks tested and working
- ๐ Data current - Statistics and metrics reflect current state
- ๐ท๏ธ Classifications appropriate - Security levels match actual controls
- โ๏ธ Compliance references accurate - ISO 27001, NIST CSF, CIS Controls citations correct
๐ Related Documents Section (MUST-HAVE โ )
Section Header
- ๐ Section titled exactly -
## ๐ Related Documents(or## ๐ **Related Documents**with bold) - ๐ Emoji consistent - Uses ๐ book/library icon
- โ Hierarchical level correct - Always H2 (##) level header
Link Format
- ๐ Relative links used -
./Document_Name.mdformat, not full URLs - ๐จ Each link has icon - Consistent icon from STYLE_GUIDE.md icon reference
- ๐ Link text is filename - Matches actual file name exactly
- โ Optional descriptors added - Brief clarification after filename where helpful
- ๐ซ No self-references - Document doesn't link to itself
Icon Consistency
- ๐ Policies use - ๐ (InfoSec), ๐ (Access), ๐ (Network), ๐ (Crypto), ๐ท๏ธ (Data)
- ๐ Plans use - ๐ (generic), ๐ (BCP), ๐ (DRP), ๐จ (IRP)
- โ๏ธ Procedures use - โ๏ธ (operations), ๐ (change), ๐ (vulnerability)
- ๐ Registers use - ๐ป (Asset), ๐ (Risk), ๐ค (Stakeholder), ๐ข (Supplier)
- ๐ท๏ธ Frameworks use - ๐ท๏ธ (Classification), ๐ (Metrics), ๐ (Compliance)
Link Validation
- โ All links tested - Every link opens correct document
- ๐ File paths correct - Relative paths work from document location
- ๐ External links complete - Full URLs for ISMS-PUBLIC repo references
- ๐ Anchor links work - Section references include correct
#heading-id
Completeness
- ๐ All relevant docs linked - No obvious omissions
- ๐ Bidirectional links - If A references B, B should reference A where appropriate
- ๐ฏ Focus on relationships - Only link truly related documents, not everything
- โ Canonical list consulted - Reference STYLE_GUIDE.md Related Documents section
๐ Document Control Footer (MUST-HAVE โ )
Separator
- โ Separator before footer - Three dashes
---on dedicated line above footer
Footer Content
- โ
Approved by line -
**โ Approved by:** James Pether Sรถrling, CEO - ๐ค Distribution specified -
**๐ค Distribution:** [All Personnel/Key Suppliers/Public/etc.] - ๐ท๏ธ Classification badge present - Links to CLASSIFICATION.md with correct level
- ๐
Effective Date present -
**๐ Effective Date:** YYYY-MM-DD - โฐ Next Review present -
**โฐ Next Review:** YYYY-MM-DD - ๐ฏ Framework Compliance badges - ISO 27001, NIST CSF, CIS Controls, AWS Well-Architected
- โ
"Document Control:" label - Line starts with
**๐ Document Control:**in bold
Classification Badge Verification
- ๐ท๏ธ Badge matches content - Confidentiality level appropriate for sensitivity
- ๐ Badge links to CLASSIFICATION.md - Full GitHub URL with anchor
- ๐จ Badge color matches level - Extreme (black), Very High (darkblue), High (blue), Moderate (orange), Low (yellow), Public (lightgrey)
- ๐ Badge uses flat-square style -
style=flat-squareparameter - โ
Badge format correct -
[](doc-url#anchor)
Framework Compliance Badges
- ๐ ISO 27001 badge present - Blue badge with ISO logo
- ๐ NIST CSF badge present - Green badge with NIST logo
- ๐ฏ CIS Controls badge present - Orange badge with CIS logo
- โ๏ธ AWS Well-Architected badge (if applicable) - Orange badge with AWS logo
- ๐ All badges link to CLASSIFICATION.md - Consistent linking approach
- ๐จ Badge style consistent - All use
style=flat-square&logo=X&logoColor=white
Date Consistency
- ๐ Effective Date matches badge - Footer date matches header badge (with/without double dash)
- โฐ Next Review matches metadata line - Footer matches header metadata
- ๐งฎ Next Review calculated correctly - Follows review cycle (+1 year, +3 months, etc.)
- โ Dates in YYYY-MM-DD format - ISO 8601 date format throughout
๐จ Mermaid Diagram Quality
Color Scheme Compliance
- ๐จ Classification colors used - Critical (#D32F2F), High (#FF9800), Medium (#FFC107), Low (#4CAF50), Public (#9E9E9E)
- ๐ข Process colors used - Finance (#1565C0), Operations (#8D6E63), Legal (#C62828), Sales (#2E7D32), Marketing (#7B1FA2), Security (#D32F2F), Technical (#455A64)
- โ Status colors used - Success (#4CAF50), Warning (#FF9800), Error (#D32F2F), Info (#2196F3), Disabled (#9E9E9E)
- ๐ Colors from STYLE_GUIDE.md - No custom colors used without documentation
Diagram Structure
- ๐ฏ Diagram type appropriate - Flowchart, Graph, Sequence, Gantt, Mindmap, Pie, Quadrant matches use case
- ๐จ Emojis in labels - Consistent emoji usage in node labels
- ๐ Layout clear - Information hierarchy obvious
- โ Node labels concise - Text short enough to fit in nodes
- ๐ค Consistent terminology - Same terms as rest of document
Accessibility
- ๐จ Sufficient contrast - Text readable on background colors
- ๐ Text size appropriate - Not too small when rendered
- ๐ฑ Mobile responsive - Readable on smaller screens (test preview)
- ๐ฏ Alt text considered - Diagram purpose clear from context/caption
Technical Quality
- โ Syntax validated - Diagram renders without errors
- ๐จ Theme specified - Uses
%%{init: {"theme": "X"}}%%where appropriate - ๐ ClassDefs used - Custom node styles defined consistently
- ๐ No broken references - All node IDs referenced correctly
Documentation
- ๐ Diagram purpose explained - Context provided before/after diagram
- ๐ฏ Legend included (if needed) - Complex color schemes explained
- ๐ Data sources cited - If diagram represents data/metrics
- โ Matches STYLE_GUIDE examples - Follows established patterns
๐ง Git Workflow Compliance
Pre-Commit Verification
- ๐
Dates updated via script - Run
./update_dates.sh --date YYYY-MM-DDif dates changed - ๐ Script output reviewed - Check for any warnings or errors
- โ
Changes reviewed -
git diffchecked before staging - ๐๏ธ No temporary files - No
.bakor temp files staged - ๐ Only relevant files staged - No accidental inclusions
Commit Message Quality
- โ๏ธ Descriptive commit message - Clear summary of changes
- ๐ฏ Imperative mood used - "Add feature" not "Added feature"
- ๐ First line under 72 chars - Summary line concise
- ๐ Body explains why (if needed) - Multi-line message for complex changes
- ๐ References issues (if applicable) - Links to GitHub issues
Branch Management
- ๐ฟ Appropriate branch used - Not committing directly to main
- ๐ Branch name descriptive - Follows naming convention
- ๐ Branch up to date - Merged latest changes from main if needed
โ ๏ธ Common Quality Issues - Quick Reference
โ Frequently Missed Items
Header Issues
| Issue | Why It Matters | How to Fix |
|---|---|---|
Date badge uses single dash (2025-11-14) | Badge won't render with color | Change to double dash: 2025--11--14 |
| Logo not centered | Unprofessional appearance | Wrap in <p align="center"> tags |
Badges not in for-the-badge style | Inconsistent with other documents | Add style=for-the-badge parameter |
| Missing emoji in H1 title | Less scannable in document list | Add appropriate icon from STYLE_GUIDE.md |
Content Issues
| Issue | Why It Matters | How to Fix |
|---|---|---|
| Self-reference in Related Documents | Circular link, user confusion | Remove link to current document |
| Broken relative links | Navigation failure | Test all ./Document.md links |
| Inconsistent emoji usage | Unprofessional appearance | Reference STYLE_GUIDE.md icon guide |
| Missing horizontal separators | Poor visual structure | Add --- between major sections |
Footer Issues
| Issue | Why It Matters | How to Fix |
|---|---|---|
| Classification badge wrong color | Misleading security level | Match color to level: Extreme=black, VeryHigh=darkblue, High=blue, Moderate=orange, Low=yellow, Public=lightgrey |
| Next Review date wrong | Compliance tracking failure | Recalculate: Annual (+1yr), Semi-Annual (+6mo), Quarterly (+3mo), Monthly (+1mo) |
| Framework badges missing logos | Less professional | Add &logo=iso, &logo=nist, &logo=cisecurity |
| Effective date doesn't match badge | Date inconsistency | Ensure footer YYYY-MM-DD matches header YYYY--MM--DD |
Mermaid Diagram Issues
| Issue | Why It Matters | How to Fix |
|---|---|---|
| Custom colors not in STYLE_GUIDE | Inconsistent appearance | Use only documented color palette |
| Diagram doesn't render | Broken visualization | Validate syntax at mermaid.live |
| Missing emojis in labels | Less engaging | Add relevant emojis from STYLE_GUIDE.md |
| Text too small/long | Poor readability | Shorten labels or increase font size |
๐ Examples: Correct vs. Incorrect Formatting
โ Correct Header Format
<p align="center">
<img src="https://hack23.com/icon-192.png" alt="Hack23 Logo" width="192" height="192">
</p>
<h1 align="center">๐ Hack23 AB โ Information Security Policy</h1>
<p align="center">
<strong>Security Through Transparency and Excellence</strong><br>
<em>Enterprise-grade Security for Innovation-driven Consulting</em>
</p>
<p align="center">
<a href="#"><img src="https://img.shields.io/badge/Owner-CEO-0A66C2?style=for-the-badge" alt="Owner"/></a>
<a href="#"><img src="https://img.shields.io/badge/Version-1.0-555?style=for-the-badge" alt="Version"/></a>
<a href="#"><img src="https://img.shields.io/badge/Effective-2025--11--14-success?style=for-the-badge" alt="Effective Date"/></a>
<a href="#"><img src="https://img.shields.io/badge/Review-Annual-orange?style=for-the-badge" alt="Review Cycle"/></a>
</p>
**๐ Document Owner:** CEO | **๐ Version:** 1.0 | **๐
Last Updated:** 2025-11-14 (UTC)
**๐ Review Cycle:** Annual | **โฐ Next Review:** 2026-11-14
โ Incorrect Header Format
# Information Security Policy
Owner: CEO
Version: 1.0
Last Updated: November 14, 2025
Review: Annually
<!-- Missing: Logo, centered alignment, emojis, badges, proper date format -->
โ Correct Related Documents Section
## ๐ Related Documents
- [๐ Information Security Policy](./Information_Security_Policy.md)
- [๐ Access Control Policy](./Access_Control_Policy.md)
- [๐ Network Security Policy](./Network_Security_Policy.md)
- [๐ท๏ธ Data Classification Policy](./Data_Classification_Policy.md)
- [๐ป Asset Register](./Asset_Register.md) - Complete inventory of information assets
- [๐ Risk Register](./Risk_Register.md) - Identified risks and treatments
โ Incorrect Related Documents Section
## Related Documents
- Information Security Policy
- [Access Control Policy](./Access_Control_Policy.md)
- Network Security Policy (see separate document)
- [Current Document](./Access_Control_Policy.md)
<!-- Missing: Section emoji, icons per link, relative ./ paths, self-reference included -->
โ Correct Document Control Footer
---
**๐ Document Control:**
**โ
Approved by:** James Pether Sรถrling, CEO
**๐ค Distribution:** All Personnel
**๐ท๏ธ Classification:** [](./CLASSIFICATION.md#confidentiality-levels)
**๐
Effective Date:** 2025-11-14
**โฐ Next Review:** 2026-11-14
**๐ฏ Framework Compliance:** [](./CLASSIFICATION.md) [](./CLASSIFICATION.md) [](./CLASSIFICATION.md)
โ Incorrect Document Control Footer
Approved by: CEO
Effective: 2025-11-14
Classification: Confidential
<!-- Missing: Emojis, "Document Control:" label, distribution, next review, framework badges, classification badge link -->
โ Correct Mermaid Diagram
flowchart TD
START["๐ Risk Identification"] --> ASSESS["๐ Risk Assessment"]
ASSESS --> CLASSIFY{"๐ท๏ธ Classification<br/>Decision"}
CLASSIFY -->|๐ด Critical| CRITICAL["โก Immediate Action"]
CLASSIFY -->|๐ High| HIGH["๐
Planned Response"]
CLASSIFY -->|๐ก Medium| MEDIUM["๐ Monitoring"]
CLASSIFY -->|๐ข Low| LOW["๐ Documented"]
classDef critical fill:#D32F2F,stroke:#B71C1C,stroke-width:2px,color:#ffffff
classDef high fill:#FF9800,stroke:#F57C00,stroke-width:2px,color:#ffffff
classDef medium fill:#FFC107,stroke:#FFA000,stroke-width:2px,color:#000000
classDef low fill:#4CAF50,stroke:#2E7D32,stroke-width:2px,color:#ffffff
class CRITICAL critical
class HIGH high
class MEDIUM medium
class LOW low
โ Incorrect Mermaid Diagram
flowchart TD
A[Start] --> B[Process]
B --> C{Decision}
C --> D[End]
style A fill:#4CAF50
style D fill:#random
๐งช Testing the Checklist
Self-Test: Apply to Sample Documents
To validate this checklist's completeness, test it against existing documents:
-
High-complexity document: Information Security Policy
- Tests: All section types, multiple related docs, complex footer
-
Technical document: Network Security Policy
- Tests: Technical accuracy, Mermaid diagrams, specific controls
-
Register document: Asset Register
- Tests: Tables, data accuracy, classification consistency
Validation Criteria
- โ Checklist identifies all known quality issues in sample documents
- โ Checklist doesn't flag false positives (correct items marked as issues)
- โ Checklist completes in reasonable time (15-20 min per document)
- โ Checklist items are clear and actionable
- โ Examples help clarify ambiguous requirements
๐ Continuous Improvement
Checklist Evolution
This QA checklist should evolve based on:
- New quality issues discovered - Add checklist items when patterns emerge
- STYLE_GUIDE.md updates - Synchronize when standards change
- User feedback - Incorporate suggestions for clarity/completeness
- Automation opportunities - Identify items that could be scripted
Feedback Loop
- ๐ Document issues found - Track what checklist catches vs. misses
- ๐ฏ Measure false positives - Items flagged incorrectly
- โฑ๏ธ Track time to complete - Optimize checklist length vs. thoroughness
- ๐ Update quarterly - Align with checklist review cycle
Automation Potential
Future enhancements could automate:
- โ Link validation - Script to test all relative/absolute links
- ๐จ Badge verification - Check badge URLs and parameters
- ๐ Date calculation - Verify Next Review matches Review Cycle
- ๐จ Mermaid syntax - Validate diagrams render correctly
- ๐ Related docs bidirectional - Verify cross-references are mutual
๐ Related Documents
๐ฏ Strategic & Governance
- ๐ฏ Information Security Strategy - AI-first operations, Pentagon framework, and strategic QA direction
- ๐ Information Security Policy - Example of high-quality policy document with AI-First Operations Governance
- ๐ค AI Policy - AI-assisted document quality validation and automation
- ๐ STYLE_GUIDE.md - Master style guide for all ISMS documentation
- ๐ท๏ธ CLASSIFICATION.md - Classification framework and impact levels
๐ Security Policies & Controls
- ๐ Network Security Policy - Example with Mermaid diagrams
โ๏ธ Operational Integration
- ๐ README.md - ISMS documentation status and overview
- ๐ป Asset Register - Example register document with tables
๐ Document Control:
โ
Approved by: James Pether Sรถrling, CEO
๐ค Distribution: All Personnel
๐ท๏ธ Classification:
๐
Effective Date: 2026-05-10
โฐ Next Review: 2027-05-10
๐ฏ Framework Compliance: