Information classification policy

Answer:

The purpose of Information classification policy is to ensure that information is protected at an appropriate level, and to do that you have to specify what has to be done and by whom. As a high level document you do not need to provide detailed steps, but you have to include the general overview. For example, to develop an Information classification policy compliant with ISO 27001 you have to describe these steps:
- identify information
- classify information
- label information
- handle information

And for each step you have to define who will perform them.

This article will provide you further explanation about Information classification:
- Information classification according to ISO 27001https://advisera.com/27001academy/blog/2014/05/12/information-classification-according-to-iso-27001/

Thanks... in other words i need a high level information management process ?

To decide what level of detail you need for your information management process , you have to evaluate your organization context considering factor like the number of employees, identified risks, importance of the process, etc. Once you have this evaluation you can decide if a high level process description will fulfill your needs, or if you need to develop a detailed process.

This article will provide you more information: How detailed should the ISO 27001 documents be? https://advisera.com/27001academy/blog/2014/09/22/detailed-iso-27001-documents/