Here is one where they combine the policy and the NIST standards into one document. Personally, I'd make two separate documents but this is a start. Also, check out NIST SP 800-137 and 137A for more info on the subject.
From a technical perspective I suggest thinking about the solution architecture and then adding the security monitoring components. I like storyboarding those kinds of solutions, they are more practical than paper policy.