diff --git a/VULNERABILITY_RESPONSE_PROCESS.md b/VULNERABILITY_RESPONSE_PROCESS.md
index 39e5e02..3d1106a 100644
--- a/VULNERABILITY_RESPONSE_PROCESS.md
+++ b/VULNERABILITY_RESPONSE_PROCESS.md
@@ -60,7 +60,7 @@ PGP key fingerprint = 1218 6272 CD48 E253 9E2D  D29B 66A7 6ECF 9144 09F1
 3. In no more than 3 working days, Response Team should gratefully respond to researcher using only encrypted, secure channels
 
 4. Response Manager makes inquiries to satisfy any needed information to confirm if submission is indeed a vulnerability
-    - a. If submission proves to be vulnerable, proceed to next step
+    - a. If submission proves to be vulnerable with PoC code / exploit, proceed to next step
     - b. If not vulnerable:
       - i. Response Manager responds with reasons why submission is not a vulnerability
       - ii. Response Manager moves discussion to a new or existing ticket on GitHub if necessary