Spearbit uses a markdown based template to collaboratively write the final report for security reviews. This markdown file is then converted to a PDF with minimal additional modifications.
Use hackmd.io to collaborate on reports.
Example of the markdown file: Brink security review (engagement 2).
Example of a rendered pdf.
An example issue can be found in Appendix.
General suggestions
The issue description should be detailed. Ideally, someone who is outside of the project and the security review team should be able to understand the issues, merely by reading the issue description.
Sort by highest to lowest severity. For example, a critical bug that steals all the funds should appear before a generic suggestion such as floating pragma.