diff --git a/docs/harbor-doc-reorg/_index.md b/docs/harbor-doc-reorg/_index.md
index 4682b26a6..1805d7b00 100644
--- a/docs/harbor-doc-reorg/_index.md
+++ b/docs/harbor-doc-reorg/_index.md
@@ -40,10 +40,11 @@ This section describes how to use and maintain Harbor after deployment. These da
   - [Create Replication Rules](administration/configuring_replication/create_replication_rules.md)
   - [Manage Replications](administration/configuring_replication/manage_replications.md) 
 - [Vulnerability Scanning with Clair](administration/vulnerability_scanning/_index.md)
-  - [Scan an Individual Image](scan_individual_image.md)
-  - [Scan All Images](scan_all_images.md)
-  - [Schedule Scans](schedule_scans.md)
-  - [Import Vulnerability Data to an Offline Harbor instance](import_vulnerability_data.md)
+  - [Scan an Individual Image](administration/vulnerability_scanning/scan_individual_image.md)
+  - [Scan All Images](administration/vulnerability_scanning/scan_all_images.md)
+  - [Schedule Scans](administration/vulnerability_scanning/schedule_scans.md)
+  - [Import Vulnerability Data to an Offline Harbor instance](administration/vulnerability_scanning/import_vulnerability_data.md)
+  - [Configure System-Wide CVE Whitelists](administration/vulnerability_scanning/configire_system_whitelist.md)
 - [Garbage Collection](administration/garbage_collection/_index.md)
 - [Upgrading Harbor](administration/upgrade/_index.md)
   - [Upgrade Harbor and Migrate Data](administration/upgrade/upgrade_migrate_data.md)
@@ -56,7 +57,7 @@ This section describes how to use and maintain Harbor after deployment. These da
 
 This section describes how users with the developer, master, and project administrator roles manage and participate in Harbor projects.
 
-- [](working_with_projects/)
+- [Configure a Per-Project CVE Whitelist](working_with_projects/configure_project_whitelist.md)
 - [](working_with_projects/)
 - [](working_with_projects/)
 - [](working_with_projects/)
diff --git a/docs/harbor-doc-reorg/administration/vulnerability_scanning/_index.md b/docs/harbor-doc-reorg/administration/vulnerability_scanning/_index.md
index 4a8012d65..ac79b0da5 100644
--- a/docs/harbor-doc-reorg/administration/vulnerability_scanning/_index.md
+++ b/docs/harbor-doc-reorg/administration/vulnerability_scanning/_index.md
@@ -7,6 +7,7 @@ Static analysis of vulnerabilities is provided through open source project [Clai
 - [Scan an Individual Image](scan_individual_image.md)
 - [Scan All Images](scan_all_images.md)
 - [Schedule Scans](schedule_scans.md)
+- [Configure System-Wide CVE Whitelists](configire_system_whitelist.md)
 
 **Vulnerability metadata** 
 
diff --git a/docs/harbor-doc-reorg/administration/vulnerability_scanning/configure_system_whitelist.md b/docs/harbor-doc-reorg/administration/vulnerability_scanning/configure_system_whitelist.md
new file mode 100644
index 000000000..9377e8768
--- /dev/null
+++ b/docs/harbor-doc-reorg/administration/vulnerability_scanning/configure_system_whitelist.md
@@ -0,0 +1,23 @@
+# Configure System-Wide CVE Whitelists
+
+When you run vulnerability scans, images that are subject to Common Vulnerabilities and Exposures (CVE) are identified. According to the severity of the CVE and your security settings, these images might not be permitted to run. As a system administrator, you can create whitelists of CVEs to ignore during vulnerability scanning. 
+
+You can set a system-wide CVE whitelist or you can set CVE whitelists on a per-project basis. 
+
+System-wide CVE whitelists apply to all of the projects in a Harbor instance.
+
+1. Go to **Configuration** > **System Settings**.
+1. Under **Deployment security**, click **Add**. 
+   ![System-wide CVE whitelist](../img/cve-whitelist1.png)
+1. Enter the list of CVE IDs to ignore during vulnerability scanning. 
+   ![Add system CVE whitelist](../img/cve-whitelist2.png)
+
+   Either use a comma-separated list or newlines to add multiple CVE IDs to the list.
+1. Click **Add** at the bottom of the window to add the list.
+1. Optionally uncheck the **Never expires** checkbox and use the calendar selector to set an expiry date for the whitelist.
+   ![Add system CVEs](../img/cve-whitelist3.png)
+1. Click **Save** at the bottom of the page to save your settings.
+   
+After you have created a system whitelist, you can remove CVE IDs from the list by clicking the delete button next to it in the list. You can click **Add** to add more CVE IDs to the system whitelist.
+
+![Add and remove system CVEs](../img/cve-whitelist4.png)
diff --git a/docs/harbor-doc-reorg/working_with_projects/configuring_cve_whitelists.md b/docs/harbor-doc-reorg/working_with_projects/configure_project_whitelist.md
similarity index 54%
rename from docs/harbor-doc-reorg/working_with_projects/configuring_cve_whitelists.md
rename to docs/harbor-doc-reorg/working_with_projects/configure_project_whitelist.md
index d70f9b22f..0f5a91496 100644
--- a/docs/harbor-doc-reorg/working_with_projects/configuring_cve_whitelists.md
+++ b/docs/harbor-doc-reorg/working_with_projects/configure_project_whitelist.md
@@ -1,32 +1,8 @@
-# Configuring CVE Whitelists
+# Configure a Per-Project CVE Whitelist
 
-When you run vulnerability scans, images that are subject to Common Vulnerabilities and Exposures (CVE) are identified. According to the severity of the CVE and your security settings, these images might not be permitted to run. As a system administrator, you can create whitelists of CVEs to ignore during vulnerability scanning. 
+When you run vulnerability scans, images that are subject to Common Vulnerabilities and Exposures (CVE) are identified. According to the severity of the CVE and your security settings, these images might not be permitted to run. You can create whitelists of CVEs to ignore during vulnerability scanning. 
 
-You can set a system-wide CVE whitelist or you can set CVE whitelists on a per-project basis.
-
-### Configure a System-Wide CVE Whitelist
-
-System-wide CVE whitelists apply to all of the projects in a Harbor instance.
-
-1. Go to **Configuration** > **System Settings**.
-1. Under **Deployment security**, click **Add**. 
-   ![System-wide CVE whitelist](../img/cve-whitelist1.png)
-1. Enter the list of CVE IDs to ignore during vulnerability scanning. 
-   ![Add system CVE whitelist](../img/cve-whitelist2.png)
-
-   Either use a comma-separated list or newlines to add multiple CVE IDs to the list.
-1. Click **Add** at the bottom of the window to add the list.
-1. Optionally uncheck the **Never expires** checkbox and use the calendar selector to set an expiry date for the whitelist.
-   ![Add system CVEs](../img/cve-whitelist3.png)
-1. Click **Save** at the bottom of the page to save your settings.
-   
-After you have created a system whitelist, you can remove CVE IDs from the list by clicking the delete button next to it in the list. You can click **Add** to add more CVE IDs to the system whitelist.
-
-![Add and remove system CVEs](../img/cve-whitelist4.png)
-
-### Configure a Per-Project CVE Whitelist
-
-By default, the system whitelist is applied to all projects. You can configure different CVE whitelists for individual projects, that override the system whitelist. 
+Harbor administrators can set a system-wide CVE whitelist. By default, the system whitelist is applied to all projects. Project administrators can configure different CVE whitelists for individual projects, that override the system whitelist. 
 
 1. Go to **Projects**, select a project, and select **Configuration**.
 1. Under **CVE whitelist**, select **Project whitelist**.