Two questions arose regarding the documentation toolkit for ISO 27001:
1. Is it okay if a Chief Information Security Officer (CISO) also releases documents (instead of the CEO)?
2. Can we omit the chapter "Managing records kept on the basis of this document" for the document "00_Procedure_for_Document_and_Record_Control"?
Thank you in advance!