![[article image]](https://cacm.acm.org/system/assets/0003/5199/071919_CACMpg30_Must-MustNot2.large.jpg?1563826638&1563826638 "programmer with head down at desk")
Dear KV,
I have joined a small security startup and have been tasked with writing up our internal security processes. The problem is that I am not a writer—I am a software engineer—and whenever I start trying to write about our processes, I either stare at a blank screen until I get frustrated and look away to do something else, or I just wind up writing a lot of sentences that later don't seem to make a lot of sense. I am sure there must be a template that I can work from to get all these things in my head written down in a useful way, but I'm not sure where to look. For example, I want a way to describe to people what they should and shouldn't do with our software and how it must be used so that it provides the security properties they expect. What I see when I try to write about this is a tangled web of spaghetti text.