How to write your Information Security Policy according to ISO 27001

An information security policy is the cornerstone of an information security program. It should reflect the organization’s objectives for security and the agreed upon management strategy for securing information.