This list of items will suffice for information security policy completeness with respect to current industry best practice as long as accountability for prescribing specific security measures is established within the "supplementary documents" and "responsibilities" section. While items 6 and 7 may contain a large variety of other agreed-upon details with respect to security measures, it is ok to keep them to a minimum to maintain policy readability and rely on sub-policies or supporting documents to include the requirements. Again, it is more important to have complete compliance at the policy level than to have the policy include a lot of detail.
Would it be possible for a group of 20 Business Studies students - male and female, aged between 18 and 22 - from Whitcomb Polytechnic to visit you before the end of this term, which is on the 21 December? I realise that you must receive many requests for such visits, and that the time available may already be booked up. If it is not, and you are able to see us, I should be most grateful if you could suggest a date and let me know of any normal conditions you lay down for visits of this kind.