Converting ISO 27001 and NIST compliance into contract-dominating capability — enterprise resilience sovereign doctrine.