How would you document standard operating procedures and protocols for security projects and workflows?