Management direction for information security

6.2.1.1Policies for information security The control, implementation guidance and other information stated in ISO/IEC 27002:2013, 5.1.1 and the following additional guidance applies:
6.2.1.2Review of the policies for information security The control, implementation guidance and other information stated in ISO/IEC 27002:2013, 5.1.2 applies