The aforementioned report is one of many related white papers provided by the DoJ's Computer Crime and Intellectual Property section.
https://www.justice.gov/criminal-ccips/ccips-documents-and-reports

Disclose.io

disclose.io is a cross-industry, vendor-agnostic standardization project for safe harbor† best practices to enable good-faith security research.

Main web site: https://disclose.io/

Github repository with policy templates: https://github.com/disclose/disclose

Where to Look for More

Numerous organizations have already posted their vulnerability disclosure policies. A wide variety of these policies can be found by searching the web for "vulnerability disclosure policy," or "vulnerability disclosure program," or by browsing third-party vulnerability disclosure (e.g., bug bounty) service providers' hosted programs.

...

Panel

borderStyle	solid

< Appendix D – - Sample Vulnerability Disclosure Document | Bibliography >

Space shortcuts

Page tree

Versions Compared

Old Version 6

New Version 7

Key

Disclose.io

Where to Look for More

Space shortcuts

Page tree

Page History

Versions Compared

Old Version 6

New Version 7

Key

Disclose.io

Where to Look for More