Security Policy and Procedure Document

I am updating a security document for a company and I would like a security policy document.  The document needs to be written from view point of a CIO and SCIO position.  What needs to be known about the company from a technical security perspective.   I need someone with a security background to develop a draft document I can use as a template.  

 

 

Thanks.