5.2

##requirement
Key6Value
NamePolicy
Code5.2
FrameworkISO27001:2022
SectionRequirements
CategorySecurity & Privacy Governance
Additional_Info-
# Description Top management shall establish an information security policy that: a) is appropriate to the purpose of the organization; b) includes information security objectives (see 6.2) or provides the framework for setting information security objectives; c) includes a commitment to satisfy applicable requirements related to information security; d) includes a commitment to continual improvement of the information security management system. The information security policy shall: e) be available as documented information; f) be communicated within the organization; g) be available to interested parties, as appropriate.