In the context of ISO 27001, operating Procedures for IT Management refers to documents describing technical and management activities to be performed by IT teams to ensure information security.
Please note that depending upon results of risk assessment, or applicable legal requirements, it may be needed that IT operating procedures be documented so employees have clear guidance on how to perform their activities and prevent incidents. These documents will cover either execution of operation activities (e.g., backup generation), as well as management activities (e.g., management of changes in IT systems).
The template “Security Procedures for IT Department” you already bought is the one you need to use to cover this need for ISO 27001.
These articles will provide you a further explanation about developing documents:
- 8 criteria to decide which ISO 27001 policies and procedures to write https://advisera.com/27001academy/blog/2014/07/28/8-criteria-to-decide-which-iso-27001-policies-and-procedures-to-write/
- How to structure the documents for ISO 27001 Annex A controls https://advisera.com/27001academy/blog/2014/11/03/how-to-structure-the-documents-for-iso-27001-annex-a-controls/