Merge pull request #270692 from ShawnJackson/azure-database-for-postresql-conceptual-articles

[AQ] edit pass: Azure Database for PostreSQL conceptual articles

Author: ktoliver

articles/postgresql/flexible-server/concepts-azure-ad-authentication.md

@@ -1,6 +1,6 @@
 ---
-title: Security and compliance certifications
-description: Learn about compliance in the Flexible Server deployment option for Azure Database for PostgreSQL - Flexible Server.
+title: Security and compliance certifications in Azure Database for PostgreSQL - Flexible Server
+description: Learn about compliance in the Flexible Server deployment option for Azure Database for PostgreSQL.
 author: gennadNY
 ms.author: gennadyk
 ms.service: postgresql
@@ -15,43 +15,48 @@ ms.date: 01/23/2024
 
 [!INCLUDE [applies-to-postgresql-flexible-server](../includes/applies-to-postgresql-flexible-server.md)]
 
+Customers experience an increasing demand for highly secure and compliant solutions as they face data breaches along with requests from governments to access online customer information. Important regulatory requirements such as [General Data Protection Regulation (GDPR)](/compliance/regulatory/gdpr) and [Sarbanes-Oxley (SOX)](/compliance/regulatory/offering-sox) make selecting cloud services that help customers achieve trust, transparency, security, and compliance essential.
 
-## Overview of Compliance Certifications on Microsoft Azure
+To help customers meet their compliance obligations across regulated industries and markets worldwide, Azure Database for PostgreSQL flexible server builds on the Microsoft Azure compliance offerings to provide rigorous compliance certifications. Azure maintains the largest compliance portfolio in the industry in terms of both breadth (total number of offerings) and depth (number of customer-facing services in the assessment scope).
 
-Customers experience an increasing demand for highly secure and compliant solutions as they face data breaches along with requests from governments to access online customer information. Important regulatory requirements such as the [General Data Protection Regulation (GDPR)](/compliance/regulatory/gdpr) or [Sarbanes-Oxley (SOX)](/compliance/regulatory/offering-sox)  make selecting cloud services that help customers achieve trust, transparency, security, and compliance essential. To help customers achieve compliance with national/regional and industry specific regulations and requirements Azure Database for PostgreSQL flexible server build upon Microsoft Azure’s compliance offerings to provide the most rigorous compliance certifications to customers at service general availability.
-To help customers meet their own compliance obligations across regulated industries and markets worldwide, Azure maintains the largest compliance portfolio in the industry both in terms of breadth (total number of offerings), as well as depth (number of customer-facing services in assessment scope). Azure compliance offerings are grouped into four segments: globally applicable, US government, 
-industry specific, and region/country specific. Compliance offerings are based on various types of assurances, including formal certifications, attestations, validations, authorizations, and assessments produced by independent third-party auditing firms, as well as contractual amendments, self-assessments and customer guidance documents produced by Microsoft. More detailed information about Azure compliance offerings is available from the [Trust](https://www.microsoft.com/trust-center/compliance/compliance-overview) Center. 
+Azure compliance offerings are grouped into four segments: globally applicable, US government, industry specific, and region/country specific. Compliance offerings are based on various types of assurances, including:
+
+- Formal certifications, attestations, validations, authorizations, and assessments produced by independent auditing firms.
+- Contractual amendments, self-assessments, and customer guidance documents produced by Microsoft.
+
+More detailed information about Azure compliance offerings is available from the [Microsoft Trust Center](https://www.microsoft.com/trust-center/compliance/compliance-overview).
 
 ## Azure Database for PostgreSQL flexible server compliance certifications
 
-Azure Database for PostgreSQL flexible server has achieved a comprehensive set of national/regional and industry-specific compliance certifications in our Azure public cloud to help you comply with requirements governing the collection and use of your data.
+Azure Database for PostgreSQL flexible server has achieved a comprehensive set of national/regional and industry-specific compliance certifications in the Azure public cloud. These certifications help you comply with requirements that govern the collection and use of data.
 
 > [!div class="mx-tableFixed"]
-> | **Certification**| **Applicable To** | 
+> | Certification| Applicable to |
 > |------------------|-------------------|
-> |HIPAA and HITECH Act (U.S.) | Healthcare |
+> |HIPAA and HITECH Act (US) | Healthcare |
 > | HITRUST              | Healthcare |
 > | CFTC 1.31            | Financial |
 > | DPP (UK)             | Media |
-> | EU EN 301 549        | Accessibility |
-> | EU ENISA IAF         | Public and private companies, government entities and not-for-profits |
-> | EU US Privacy Shield | Public and private companies, government entities and not-for-profits |
-> | SO/IEC 27018         | Public and private companies, government entities and not-for-profits that provides PII processing services via the cloud |
-> | EU Model Clauses     | Public and private companies, government entities and not-for-profits that provides PII processing services via the cloud | 
-> | FERPA                | Educational Institutions |
-> | FedRAMP High         | US Federal Agencies and Contractors |
+> | EN 301 549 (EU)        | Accessibility |
+> | ENISA IAF (EU)        | Public and private companies, government entities, and nonprofits |
+> | EU-US Privacy Shield | Public and private companies, government entities, and nonprofits |
+> | ISO/IEC 27018         | Public and private companies, government entities, and nonprofits that provide processing services for personal data via the cloud |
+> | EU Model Clauses     | Public and private companies, government entities, and nonprofits that provide processing services for personal data via the cloud |
+> | FERPA                | Educational institutions |
+> | FedRAMP High         | US federal agencies and contractors |
 > | GLBA                 | Financial |
-> | ISO 27001:2013       | Public and private companies, government entities and not-for-profits |
-> | Japan My Number Act  | Public and private companies, government entities and not-for-profits |
+> | ISO 27001:2013       | Public and private companies, government entities, and nonprofits |
+> | My Number Act (Japan) | Public and private companies, government entities, and nonprofits |
 > | TISAX                | Automotive |
-> | NEN Netherlands 7510 | Healthcare |
-> | NHS IG Toolkit UK    | Healthcare |
-> | BIR 2012 Netherlands | Public and private companies, government entities and not-for-profits |
-> | PCI DSS Level 1      | Payment processors and Financial |
-> | SOC 2 Type 2         | Public and private companies, government entities and not-for-profits |
-> | Sec 17a-4            | Financial |
-> | Spain DPA            | Public and private companies, government entities and not-for-profits |
-
-## Next Steps
-* [Azure Compliance on Trusted Cloud](https://azure.microsoft.com/explore/trusted-cloud/compliance/)
-* [Azure Trust Center Compliance](https://www.microsoft.com/en-us/trust-center/compliance/compliance-overview)
+> | NEN 7510 (Netherlands) | Healthcare |
+> | NHS IG Toolkit (UK)    | Healthcare |
+> | BIR 2012 (Netherlands) | Public and private companies, government entities, and nonprofits |
+> | PCI DSS Level 1      | Payment processors and financial |
+> | SOC 2 Type 2         | Public and private companies, government entities, and nonprofits |
+> | SEC 17a-4            | Financial |
+> | Spanish DPA            | Public and private companies, government entities, and nonprofits |
+
+## Next steps
+
+- [Azure compliance](https://azure.microsoft.com/explore/trusted-cloud/compliance/)
+- [Managing compliance in the cloud (Microsoft Trust Center)](https://www.microsoft.com/en-us/trust-center/compliance/compliance-overview)