This area should also cover ISO 27001 chapters 4 and 5.
SIG-ISM has published a whitepaper on security management.
