Updated a graphic, tidied the procedure, added Azure Security Benchmark

Author: memildin

articles/security-center/media/update-regulatory-compliance-packages/dynamic-regulatory-compliance-additional-standards.png

@@ -19,11 +19,11 @@ ms.author: memildin
 
 Azure Security Center continually compares the configuration of your resources with requirements in industry standards, regulations, and benchmarks. The **regulatory compliance dashboard** provides insights into your compliance posture based on how you're meeting specific compliance controls and requirements.
 
-One standard for which you can track your compliance posture is [Azure CIS 1.1.0](https://www.cisecurity.org/benchmark/azure/) (more formally, the "CIS Microsoft Azure Foundations Benchmark version 1.1.0"). 
+With the **dynamic compliance packages** feature, Security Center *automatically improves its coverage of industry standards over time*. 
 
-The representation of Azure CIS that initially appears in your compliance dashboard relies on a static set of rules that is included with Security Center.
+One standard for which you can track your compliance posture is [Azure CIS 1.1.0](https://www.cisecurity.org/benchmark/azure/) (more formally, the "CIS Microsoft Azure Foundations Benchmark version 1.1.0"). The representation of Azure CIS that initially appears in your compliance dashboard relies on a static set of rules that is included with Security Center.
 
-With the **dynamic compliance packages** feature, Security Center automatically improves its coverage of industry standards over time. Compliance packages are essentially initiatives defined in Azure Policy. They can be assigned to your selected scope (subscription, management group, and so on). To see compliance data mapped as assessments in your dashboard, add a compliance package to your management group or subscription from within the Security Policy. Adding a compliance package effectively assigns the regulatory compliance initiative to your selected scope. In this way, you can track newly published regulatory initiatives as compliance standards in your dashboard. When Microsoft releases new content for the initiative (new policies that map to more controls in the standard), the additional content appears automatically in your dashboard.
+Compliance packages are essentially initiatives defined in Azure Policy. They can be assigned to your selected scope (subscription, management group, and so on). To see compliance data mapped as assessments in your dashboard, add a compliance package to your management group or subscription from within the Security Policy. Adding a compliance package effectively assigns the regulatory compliance initiative to your selected scope. In this way, you can track newly published regulatory initiatives as compliance standards in your dashboard. When Microsoft releases new content for the initiative (new policies that map to more controls in the standard), the additional content appears automatically in your dashboard.
 
 The dynamic compliance package for the Azure CIS benchmark, **Azure CIS 1.1.0 (new)**, improves on the original *static* version by:
 
@@ -38,22 +38,33 @@ The following steps explain how to add the dynamic package for monitoring your c
 
 ### Update to the Azure CIS 1.1.0 (new) dynamic compliance package 
 
-1. Open the **Security policy** page. This page shows the number of management groups, subscriptions, workspaces, and your management group structure.
+1. From Security Center's sidebar, select **Regulatory compliance** to open the regulatory compliance dashboard. Here you can see the compliance standards currently assigned to the currently selected subscriptions.   
 
-1. Select the subscription or management group for which you want to manage the regulatory compliance posture. We recommend selecting the highest scope for which the standard is applicable so that compliance data is aggregated and tracked for all nested resources. 
+1. From the top of the page, select **Manage compliance policies**. This opens the Policy Management page.
+
+1. Select the subscription or management group for which you want to manage the regulatory compliance posture. 
+
+    > [!TIP]
+    > We recommend selecting the highest scope for which the standard is applicable so that compliance data is aggregated and tracked for all nested resources. 
 
 1. In the Industry & regulatory standards section, you'll see that Azure CIS 1.1.0 can be updated for new content. Click **Update now**. 
 
-1. Optionally, click **Add more standards** to open the **Add regulatory compliance standards** page. There, you can search manually for **Azure CIS 1.1.0 (New)** and dynamic packages for other compliance standards such as **NIST SP 800-53 R4**, **SWIFT CSP CSCF-v2020**, **UKO and UK NHS**, and **Canada PBMM**.
+1. Optionally, click **Add more standards** to open the **Add regulatory compliance standards** page. There, you can search manually for **Azure CIS 1.1.0 (New)** and dynamic packages for other compliance standards such as:
+
+    - **Azure Security Benchmark** ([details here](https://docs.microsoft.com/azure/security/benchmarks/introduction))
+    - **NIST SP 800-53 R4**
+    - **SWIFT CSP CSCF-v2020**
+    - **UKO and UK NHS**
+    - **Canada PBMM**
 
     > [!TIP]
     > Only users who are owner or policy contributor have the necessary permissions to add compliance standards. 
 
-    ![Adding regulatory packages to Azure Security Center's regulatory compliance dashboard](./media/update-regulatory-compliance-packages/security-center-dynamic-regulatory-compliance-additional-standards.png)
+    ![Adding regulatory packages to Azure Security Center's regulatory compliance dashboard](./media/update-regulatory-compliance-packages/dynamic-regulatory-compliance-additional-standards.png)
 
 
-1. From Security Center's sidebar, select **Regulatory compliance** to open the regulatory compliance dashboard. 
-    * Azure CIS 1.1.0 (New) now appears in your list of Industry & regulatory standards. 
+1. From Security Center's sidebar, select **Regulatory compliance** again to go back to the regulatory compliance dashboard.
+    * **Azure CIS 1.1.0 (New)** now appears in your list of Industry & regulatory standards. 
     * The original *static* view of your Azure CIS 1.1.0 compliance will also remain alongside it. It may be automatically removed in the future.
 
     > [!NOTE]