address pr issues

Author: ceperezb

learn-pr/wwl-sci/design-solutions-align-cloud-adoption-framework-well-architected-framework/10-summary.yml

@@ -1,8 +1,8 @@
 ### YamlMime:ModuleUnit
 uid: learn.wwl.design-solutions-align-cloud-adoption-framework-well-architected-framework.summary
-title: Summary - Design solutions that align with the Cloud Adoption Framework (CAF) and Well-Architected Framework (WAF)
+title: Summary
 metadata:
-  title: Summary - Design solutions that align with the Cloud Adoption Framework (CAF) and Well-Architected Framework (WAF)
+  title: Summary
   description: "Summary of module on the topic: Design solutions that align with the Cloud Adoption Framework (CAF) and Well-Architected Framework (WAF)."
   ms.date: 01/24/2026
   author: ceperezb

learn-pr/wwl-sci/design-solutions-align-cloud-adoption-framework-well-architected-framework/4-introduction-azure-landing-zones.yml

@@ -1,9 +1,9 @@
 ### YamlMime:ModuleUnit
 uid: learn.wwl.design-solutions-align-cloud-adoption-framework-well-architected-framework.introduction-azure-landing-zones
-title: Understand Azure Landing Zones
+title: Understand Azure landing zones
 metadata:
-  title: Understand Azure Landing Zones
-  description: "Understand Azure Landing Zones."
+  title: Understand Azure landing zones
+  description: "Understand Azure landing zones."
   ms.date: 01/24/2026
   author: ceperezb
   ms.author: ceperezb

learn-pr/wwl-sci/design-solutions-align-cloud-adoption-framework-well-architected-framework/includes/3-cloud-adoption-framework-secure-methodology.md

@@ -65,7 +65,7 @@ Codify roles, communication channels, evidence handling, and decision authority.
 
 ### Confidentiality strategy
 
-When defining a confidentiality strategy, prioritize data privacy and protection with clear business objectives that emphasize compliance with relevant regulations (GDPR, HIPAA, industry standards). Develop a risk management strategy to identify and assess potential risks to data confidentiality. Plan for data loss prevention (DLP) by defining clear data protection objectives and establishing a framework for implementing robust encryption and access controls.
+When defining a confidentiality strategy, prioritize data privacy and protection with clear business objectives that emphasize compliance with relevant regulations. Develop a risk management strategy to identify and assess potential risks to data confidentiality. Plan for data loss prevention (DLP) by defining clear data protection objectives and establishing a framework for implementing robust encryption and access controls.
 
 ### Integrity strategy
 

learn-pr/wwl-sci/design-solutions-align-cloud-adoption-framework-well-architected-framework/includes/4-introduction-azure-landing-zones.md

@@ -33,4 +33,4 @@ While your specific implementation might vary, as a result of specific business
 
 Use this architecture as a starting point. Download the [Visio file](https://github.com/MicrosoftDocs/cloud-adoption-framework/raw/main/docs/ready/enterprise-scale/media/enterprise-scale-architecture.vsdx) and modify it to fit your specific business and technical requirements when planning your landing zone implementation.
 
-[![A reference architecture diagram of an Azure landing zone.](/azure/cloud-adoption-framework/ready/enterprise-scale/media/azure-landing-zone-architecture-diagram-hub-spoke.svg)](/azure/cloud-adoption-framework/ready/enterprise-scale/media/azure-landing-zone-architecture-diagram-hub-spoke.svg#lightbox)
+:::image type="content" source="../media/azure-landing-zone-architecture-diagram-hub-spoke.png" alt-text="A reference architecture diagram of an Azure landing zone." lightbox="../media/azure-landing-zone-architecture-diagram-hub-spoke.png":::

learn-pr/wwl-sci/design-solutions-align-cloud-adoption-framework-well-architected-framework/includes/7-well-architected-framework-security-pillar.md

@@ -6,7 +6,7 @@ Security is one of the most important aspects of any architecture. It provides t
 - Integrity
 - Availability
 
-Losing these assurances can negatively affect your business operations and revenue, and your organization's reputation. For the security pillar, we'll discuss key architectural considerations and principles for security and how they apply to Azure.
+Losing these assurances can negatively affect your business operations and revenue, and your organization's reputation. For the security pillar, we discuss key architectural considerations and principles for security and how they apply to Azure.
 
 The security of complex systems depends on understanding the business context, social context, and technical context. As you design your system, cover these areas:
 
@@ -30,7 +30,7 @@ The economies of scale allow cloud provider specialist teams to invest in optimi
 
 Cloud providers must be compliant with the same IT regulatory requirements as the aggregate of all their customers. Providers must develop expertise to defend against the aggregate set of adversaries who attack their customers. As a consequence, the default security posture of applications deployed to the cloud is frequently much better than that of applications hosted on-premises.
 
-**Shared Responsibility Model:** As computing environments move from customer-controlled datacenters to the cloud, the responsibility of security also shifts. Security of the operational environment is now a concern shared by both cloud providers and customers. Organizations can reduce focus on activities that aren't core business competencies by shifting these responsibilities to a cloud service like Azure. Depending on the specific technology choices, some security protections will be built into the particular service, while addressing others will remain the customer's responsibility. To ensure that proper security controls are provided, organizations must carefully evaluate the services and technology choices.
+**Shared Responsibility Model:** As computing environments move from customer-controlled datacenters to the cloud, the responsibility of security also shifts. Security of the operational environment is now a concern shared by both cloud providers and customers. Organizations can reduce focus on activities that aren't core business competencies by shifting these responsibilities to a cloud service like Azure. Depending on the specific technology choices, some security protections will be built into the particular service, while addressing others remain the customer's responsibility. To ensure that proper security controls are provided, organizations must carefully evaluate the services and technology choices.
 
 ![Diagram showing shared responsibility and key strategies.](../media/shared-resp-color.png)
 
@@ -65,7 +65,7 @@ We cover the following areas in the security pillar of the Microsoft Azure Well-
 | Security Topic | Description |
 |-------------------|-------------|
 | Security design principles | These principles describe a securely architected system hosted on cloud or on-premises datacenters, or a combination of both. |
-| Governance, risk, and compliance | How is the organization's security going to be monitored, audited, and reported? What types of risks does the organization face while trying to protect identifiable information, Intellectual Property (IP), financial information? Is there specific industry, government, or regulatory requirements that dictate or provide recommendations on criteria that your organization's security controls must meet? |
+| Governance, risk, and compliance | How is the organization's security going to be monitored, audited, and reported? What types of risks does the organization face while trying to protect identifiable information, Intellectual Property (IP), and financial information? Are there specific industry, government, or regulatory requirements that dictate or provide recommendations on criteria that your organization's security controls must meet? |
 | Regulatory compliance | Governments and other organizations frequently publish standards to help define good security practices (due diligence) so that organizations can avoid being negligent in security. |
 | Administration | Administration is the practice of monitoring, maintaining, and operating Information Technology (IT) systems to meet service levels that the business requires. Administration introduces some of the highest impact security risks because performing these tasks requires privileged access to a broad set of these systems and applications. |
 | Applications and services | Applications and the data associated with them ultimately act as the primary store of business value on a cloud platform. |

learn-pr/wwl-sci/design-solutions-align-cloud-adoption-framework-well-architected-framework/includes/8-design-security-governance-strategy.md

@@ -155,7 +155,7 @@ Consider an organization deploying a new customer-facing application with AI cap
 
 **CAF provides strategic guidance:**
 - Security objectives prioritize customer data protection
-- Compliance requirements include GDPR and SOC 2
+- Compliance requirements including data protection and system and organization controls
 - Central security team defines data classification standards
 
 **Landing zones provide the foundation:**

learn-pr/wwl-sci/design-solutions-align-cloud-adoption-framework-well-architected-framework/includes/8a-design-devsecops-processes.md

@@ -114,7 +114,7 @@ Implement policy-as-code to:
 
 Design pipelines that:
 
-- Validate compliance with regulatory requirements like GDPR and HIPAA
+- Validate compliance with regulatory requirements
 - Generate audit evidence automatically
 - Track security controls and their effectiveness