It should be kept in mind that in order to provide an organization the depth of Information Security Management System’s documentation, three options for ISMS development are available. Basic, Standard and Advanced. At Basic level, the security policy and all required high level policies for the organization are implemented. At Standard level, the organization develops general purpose standards and policies needed to implement ISMS and if the organization is planning to implement a standard (e.g. ISO 27001), it will satisfy all the requirement of that standard. At Advance level, the organization develops all mandatory policies, technical & general purpose standards, procedures and guidelines and continuously evaluate and monitor the standard.