Some companies sharing their policy templates.
Start at i-assure.com website, they have some RMF templates available for download.
eSecurityPlanet.com Sample Patch Management Policy Templates. This is a good starting point.
I’ve used this Patch Management template from this website. Easy to update and ready to go.
https://www.cde.state.co.us/dataprivacyandsecurity/patchmanagementpolicy
And bunch of policy templates from Purplesec.us website.
https://purplesec.us/resources/cyber-security-policy-templates/
I will update them here when I see good starting policy to support your organization.