consistency fixes

Author: ShawnJackson

articles/active-directory/standards/memo-22-09-authorization.md

@@ -1,6 +1,6 @@
 ---
-title: Memo 22-09 authorization requirements 
-description: Get guidance on meeting authorization requirements outlined in US government OMB memorandum 22-09.
+title: Memo M-22-09 authorization requirements 
+description: Get guidance on meeting authorization requirements outlined in US government OMB memorandum M-22-09.
 services: active-directory 
 ms.service: active-directory
 ms.subservice: standards
@@ -15,9 +15,9 @@ ms.custom: it-pro
 ms.collection: M365-identity-device-management
 ---
 
-# Meet authorization requirements of Memorandum 22-09
+# Meet authorization requirements of memorandum M-22-09
 
-This series of articles offers guidance for employing Azure Active Directory (Azure AD) as a centralized identity management system for implementing Zero Trust principles, as described in the US federal government's Office of Management and Budget (OMB) [Memorandum M-22-09](https://www.whitehouse.gov/wp-content/uploads/2022/01/M-22-09.pdf).
+This series of articles offers guidance for employing Azure Active Directory (Azure AD) as a centralized identity management system for implementing Zero Trust principles, as described in the US federal government's Office of Management and Budget (OMB) [memorandum M-22-09](https://www.whitehouse.gov/wp-content/uploads/2022/01/M-22-09.pdf).
 
 The memo requires specific types of enforcement within your multifactor authentication (MFA) policies. Specifically, you must account for device-based controls, role-based controls, attribute-based controls, and privileged access management.
 
@@ -66,7 +66,7 @@ Azure includes [ABAC for Storage](../../role-based-access-control/conditions-ove
 
 ## Privileged access management 
 
-The M-22-09 memo specifically calls out the use of privileged access management tools that use single-factor ephemeral credentials for accessing systems as insufficient. These technologies often include password vault products that accept MFA logon for an admin and produce a generated password for an alternate account that's used to access the system. The system is still accessed with a single factor. 
+The M-22-09 memo specifically calls out the use of privileged access management tools that use single-factor ephemeral credentials for accessing systems as insufficient. These technologies often include password vault products that accept MFA sign-in for an admin and produce a generated password for an alternate account that's used to access the system. The system is still accessed with a single factor. 
 
 Microsoft has tools for implementing [Privileged Identity Management](../privileged-identity-management/pim-configure.md) (PIM) for privileged systems with the central identity management system of Azure AD. You can enforce MFA for most privileged systems directly, whether these systems are applications, infrastructure elements, or devices. 
 
@@ -76,7 +76,7 @@ Azure also features PIM capabilities to step up into a specific privileged role.
 
 The following articles are part of this documentation set:
 
-[Meet identity requirements of Memorandum 22-09](memo-22-09-meet-identity-requirements.md)
+[Meet identity requirements of memorandum M-22-09](memo-22-09-meet-identity-requirements.md)
 
 [Enterprise-wide identity management systems](memo-22-09-enterprise-wide-identity-management-system.md)
 

articles/active-directory/standards/memo-22-09-enterprise-wide-identity-management-system.md

@@ -1,6 +1,6 @@
 ---
-title: Memo 22-09 enterprise-wide identity management systems
-description: Get guidance on meeting enterprise-wide identity management system requirements outlined in US government OMB memorandum 22-09.
+title: Memo M-22-09 enterprise-wide identity management systems
+description: Get guidance on meeting enterprise-wide identity management system requirements outlined in US government OMB memorandum M-22-09.
 services: active-directory 
 ms.service: active-directory
 ms.subservice: standards
@@ -125,7 +125,7 @@ Devices integrated with Azure AD can be either [hybrid joined devices](../device
 
 The following articles are a part of this documentation set:
 
-[Meet identity requirements of Memorandum 22-09](memo-22-09-meet-identity-requirements.md)
+[Meet identity requirements of memorandum M-22-09](memo-22-09-meet-identity-requirements.md)
 
 [Multifactor authentication](memo-22-09-multi-factor-authentication.md)
 

articles/active-directory/standards/memo-22-09-meet-identity-requirements.md

@@ -1,6 +1,6 @@
 ---
-title: Memo 22-09 identity requirements overview
-description: Get guidance on meeting requirements outlined in US government OMB memorandum 22-09.
+title: Memo M-22-09 identity requirements overview
+description: Get guidance on meeting requirements outlined in US government OMB memorandum M-22-09.
 services: active-directory 
 ms.service: active-directory
 ms.subservice: standards
@@ -15,13 +15,13 @@ ms.custom: it-pro
 ms.collection: M365-identity-device-management
 ---
 
-# Meet identity requirements of Memorandum 22-09 with Azure Active Directory
+# Meet identity requirements of memorandum M-22-09 with Azure Active Directory
 
-US executive order [14028, Improving the Nation's Cyber Security](https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity), directs federal agencies on advancing security measures that dramatically reduce the risk of successful cyberattacks against the federal government's digital infrastructure. On January 26, 2022, the [Office of Management and Budget (OMB)](https://www.whitehouse.gov/omb/) released the federal Zero Trust strategy in [Memorandum M-22-09](https://www.whitehouse.gov/wp-content/uploads/2022/01/M-22-09.pdf), in support of EO 14028. 
+US executive order [14028, Improving the Nation's Cyber Security](https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity), directs federal agencies on advancing security measures that dramatically reduce the risk of successful cyberattacks against the federal government's digital infrastructure. On January 26, 2022, the [Office of Management and Budget (OMB)](https://www.whitehouse.gov/omb/) released the federal Zero Trust strategy in [memorandum M-22-09](https://www.whitehouse.gov/wp-content/uploads/2022/01/M-22-09.pdf), in support of EO 14028. 
 
-This series of articles offers guidance for employing Azure Active Directory (Azure AD) as a centralized identity management system for implementing Zero Trust principles, as described in Memorandum M-22-09. 
+This series of articles offers guidance for employing Azure Active Directory (Azure AD) as a centralized identity management system for implementing Zero Trust principles, as described in memorandum M-22-09. 
 
-The release of Memorandum 22-09 is designed to support Zero Trust initiatives within federal agencies. It also provides regulatory guidance in supporting federal cybersecurity and data privacy paws. The memo cites the [Department of Defense (DoD) Zero Trust Reference Architecture](https://dodcio.defense.gov/Portals/0/Documents/Library/(U)ZT_RA_v1.1(U)_Mar21.pdf), 
+The release of memorandum M-22-09 is designed to support Zero Trust initiatives within federal agencies. It also provides regulatory guidance in supporting federal cybersecurity and data privacy paws. The memo cites the [Department of Defense (DoD) Zero Trust Reference Architecture](https://dodcio.defense.gov/Portals/0/Documents/Library/(U)ZT_RA_v1.1(U)_Mar21.pdf), 
 
 "The foundational tenet of the Zero Trust Model is that no actor, system, network, or service operating outside or within the security perimeter is trusted. Instead, we must verify anything and everything attempting to establish access. It is a dramatic paradigm shift in philosophy of how we secure our infrastructure, networks, and data, from verify once at the perimeter to continual verification of each user, device, application, and transaction."
 

articles/active-directory/standards/memo-22-09-multi-factor-authentication.md

@@ -1,6 +1,6 @@
 ---
-title: Memo 22-09 multifactor authentication requirements overview
-description: Get guidance on meeting multifactor authentication requirements outlined in US government OMB memorandum 22-09.
+title: Memo M-22-09 multifactor authentication requirements overview
+description: Get guidance on meeting multifactor authentication requirements outlined in US government OMB memorandum M-22-09.
 services: active-directory 
 ms.service: active-directory
 ms.subservice: standards
@@ -15,9 +15,9 @@ ms.custom: it-pro
 ms.collection: M365-identity-device-management
 ---
 
-# Meet multifactor authentication requirements of Memorandum 22-09
+# Meet multifactor authentication requirements of memorandum M-22-09
 
-This series of articles offers guidance for using Azure Active Directory (Azure AD) as a centralized identity management system for implementing Zero Trust principles, as described in the US federal government's Office of Management and Budget (OMB) [Memorandum M-22-09](https://www.whitehouse.gov/wp-content/uploads/2022/01/M-22-09.pdf). 
+This series of articles offers guidance for using Azure Active Directory (Azure AD) as a centralized identity management system for implementing Zero Trust principles, as described in the US federal government's Office of Management and Budget (OMB) [memorandum M-22-09](https://www.whitehouse.gov/wp-content/uploads/2022/01/M-22-09.pdf). 
 
 The memo requires that all employees use enterprise-managed identities to access applications, and that phishing-resistant multifactor authentication (MFA) protect those personnel from sophisticated online attacks. Phishing is the attempt to obtain and compromise credentials, such as by sending a spoofed email that leads to an inauthentic site.
 
@@ -108,7 +108,7 @@ While the memo isn't specific on which policies to use with passwords, consider
 
 The following articles are a part of this documentation set:
 
-[Meet identity requirements of Memorandum 22-09](memo-22-09-meet-identity-requirements.md)
+[Meet identity requirements of memorandum M-22-09](memo-22-09-meet-identity-requirements.md)
 
 [Enterprise-wide identity management systems](memo-22-09-enterprise-wide-identity-management-system.md)
 

articles/active-directory/standards/memo-22-09-other-areas-zero-trust.md

@@ -1,6 +1,6 @@
 ---
-title: Memo 22-09 other areas of Zero Trust
-description: Get guidance on understanding other Zero Trust requirements outlined in US government OMB memorandum 22-09.
+title: Memo M-22-09 other areas of Zero Trust
+description: Get guidance on understanding other Zero Trust requirements outlined in US government OMB memorandum M-22-09.
 services: active-directory 
 ms.service: active-directory
 ms.subservice: standards
@@ -15,9 +15,9 @@ ms.custom: it-pro
 ms.collection: M365-identity-device-management
 ---
 
-# Other areas of Zero Trust addressed in Memorandum 22-09
+# Other areas of Zero Trust addressed in memorandum M-22-09
 
-This article addresses the identity pillar of Zero Trust principles, as described in the US federal government's Office of Management and Budget (OMB) [Memorandum M-22-09](https://www.whitehouse.gov/wp-content/uploads/2022/01/M-22-09.pdf). Some areas of the Zero Trust maturity model cover topics beyond the identity pillar. 
+This article addresses the identity pillar of Zero Trust principles, as described in the US federal government's Office of Management and Budget (OMB) [memorandum M-22-09](https://www.whitehouse.gov/wp-content/uploads/2022/01/M-22-09.pdf). Some areas of the Zero Trust maturity model cover topics beyond the identity pillar. 
 
 This article addresses the following cross-cutting themes:
 
@@ -28,7 +28,7 @@ This article addresses the following cross-cutting themes:
 * Governance 
 
 ## Visibility
-It's important to monitor your Azure Active Directory (Azure AD) tenant. You must adopt an "assume breach" mindset and meet compliance standards in Memorandum M-22-09 and [Memorandum M-21-31](https://www.whitehouse.gov/wp-content/uploads/2021/M-21-31). Three primary log types are used for security analysis and ingestion:
+It's important to monitor your Azure Active Directory (Azure AD) tenant. You must adopt an "assume breach" mindset and meet compliance standards in memorandum M-22-09 and [memorandum M-21-31](https://www.whitehouse.gov/wp-content/uploads/2021/M-21-31). Three primary log types are used for security analysis and ingestion:
 
 * [Azure audit logs](../reports-monitoring/concept-audit-logs.md). Used for monitoring operational activities of the directory itself, such as creating, deleting, updating objects like users or groups. Also used for making changes to configurations of Azure AD, like modifications to a conditional access policy.
 
@@ -85,14 +85,14 @@ It's important that you understand and document clear processes for how you inte
 * [Azure Active Directory governance operations reference guide](../fundamentals/active-directory-ops-guide-govern.md). 
 * [Azure Active Directory security operations guide](../fundamentals/security-operations-introduction.md). It can help you secure your operations and understand how security and governance overlap.
 
-After you understand operational governance, you can use [governance features](../governance/identity-governance-overview.md) to implement portions of your governance controls. These include features mentioned in [Meet authorization requirements of Memo 22-09](memo-22-09-authorization.md). 
+After you understand operational governance, you can use [governance features](../governance/identity-governance-overview.md) to implement portions of your governance controls. These include features mentioned in [Meet authorization requirements of memorandum M-22-09](memo-22-09-authorization.md). 
 
 
 ## Next steps
 
 The following articles are a part of this documentation set:
 
-[Meet identity requirements of Memorandum 22-09](memo-22-09-meet-identity-requirements.md)
+[Meet identity requirements of memorandum M-22-09](memo-22-09-meet-identity-requirements.md)
 
 [Enterprise-wide identity management systems](memo-22-09-enterprise-wide-identity-management-system.md)