Have a few questions about documentation. So for the ISMS project, there is an IT security policy doc which includes e.q.:
3.12. Clear desk and clear screen policy
3.11. Password responsibilities
3.9. Authorizations for information system use
3.7. Backup procedure
Should it all be in one document (IT Security Policy) or we can divide them and use them by each?