There must be a documented procedure for all applicable control objectives for the highest level of compliance.
Our team, by interviewing key personnel in your organization (human resources, physical security, contracting, information security, etc.) will work directly with each entity to help them establish an ISO 27001 compliant standard operating procedure where each security objective assigned to them will have a documented procedure.
After our team helps each section establish their documented procedures, they will be the owners of the documents and they will maintain them thereafter. This makes is so that "holistic" security practices are in place and avoiding a small team of information security professionals documenting and maintaining all procedures as many organizations currently operate.