Worked on enhancing security governance for the orcwg/cra-hub repository by developing comprehensive Security Vulnerability Management Documentation. Focused on aligning with ASF practices, the documentation detailed processes for vulnerability classification, severity assessment, and reporting and handling workflows, incorporating direct links to ASF blog resources for ongoing remediation guidance. Used Markdown to structure the documentation, emphasizing clarity and accessibility for both developers and security teams. The work improved audit readiness and provided onboarding guidance, supporting consistent vulnerability management. By integrating practical ASF examples, the documentation offered actionable reference points, strengthening the repository’s security posture and facilitating knowledge transfer within the team.