Re: Working in a company we try to impement ISO 27001
Welcome:
Before you start developing anything to meet ISO27000, what are you trying to achieve? Do you want to be Certified, for example? Does your highest level of management including your CISO in agreement with the need for an Information Security Management System? Have you had a "Gap Analysis" performed for you, so in addition to the obvious things that ISO 27001 requires, you know everything else you need to work on and have a plan, including some external help?
Without these things, you will not get very far, even with us here, helping you!