Guidance for Information Security Policy

I was wondering where I can find some guidance with regard to Point A.5 Draft Information Security Policy? Is this an Information Security Charter? We plan to set up an Information Security Steering Committee. Should this be included here as well or better a seperate document
 

Answer:

I am sorry but I am not sure what you mean with “Information Security Charter”, but at the highest level, organizations should define an "Information security policy" which is approved by top management and which sets out the organization’s approach to managing its information security objectives, main responsibilities, etc. Separate from this top-level policy the companies usually develop detailed policies (like Backup policy, Access control policy, etc.). 
ISO 27001 does not require Information Security Steering Committee, and smaller companies typically do not have such a body - if you decide to setup such body, it can be defined in the Information security policy. 
For more information about the Information Security Policy, please read this article “One Information Security Policy, or several policies?” : https://advisera.com/27001academy/blog/2013/06/18/one-information-security-policy-or-several-policies/
And also this article can be interesting for you “Information security policy – how detailed should it be?” : https://advisera.com/27001academy/blog/2010/05/26/information-security-policy-how-detailed-should-it-be/