Documentation elaboration

Answer: First of all, you have to carefully study the standards requirements, as well as other requirements defined by the organization (e.g., laws, industry regulations, contracts, etc.) to identify what is being demanded. A common mistake when writing policies and procedures is including things that are not required, because people think this way the documentation will look better. You have to avoid this.

Some other tips I can tell you are:
- ensure the documentation will be understandable by their intended readers
- try to keep the quantity of documents at a minimum, but also do not create few documents with dozens of pages (in both ways the documentation will quickly be abandoned)
- make use of templates to ensure people can find the same type of information in the same section of every document.

These articles will provide you further explanation about documentation elaboration:
- Seven steps for implementing policies and procedures https://advisera.com/27001academy/knowledgebase/d gebase/seven-steps-for-implementing-policies-and-procedures/
- 8 criteria to decide which ISO 27001 policies and procedures to write https://advisera.com/27001academy/blog/2014/07/28/8-criteria-to-decide-which-iso-27001-policies-and-procedures-to-write/
- One Information Security Policy, or several policies? https://advisera.com/27001academy/blog/2013/06/18/one-information-security-policy-or-several-policies/

Although these articles focus on ISO 27001, you can apply the same concepts to ISO 22301 documentation.

These materials will also help you regarding documentation elaboration:
- Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/