Here is another great doc that I wanted to highlight: "ISM Community Top Ten"
"The ISM Community Top Ten is an awareness document that describes a series of key issues that organizations should immediately understand. [...] This Top Ten list describes key concepts that should be part of any effective information security program. Organizations can quickly compare their current information security program against this Top Ten list and determine if and whether they need to improve. "
It is a bit of dry read (but less dry than, say, ISO docs), but an interesting one nonetheless.