My question is about availability of the policies and procedures of the ISMS. So let's say they are available for all users, on internal site. Does that document need to contain the signatures of all the involved people in revising, approving it? I'm asking also from GDPR point of view.
The GDPR does not require you to have specific persons signing policies and procedures, this is usually an internal requirement of the companies. The only thing you may need to prove is the fact that the policies and procedures are available to the concerned employees and that there is a method in place to check if they are effective.