Merge pull request #193710 from timwarner-msft/patch-12

PRMerger14 · web-flow · commit bb8d04a7b66a · 2022-04-01T08:38:39.000-07:00
Add clarification to CMMC Levels
diff --git a/articles/governance/policy/samples/cmmc-l3.md b/articles/governance/policy/samples/cmmc-l3.md
@@ -1,14 +1,14 @@
 ---
 title: Regulatory Compliance details for CMMC Level 3
 description: Details of the CMMC Level 3 Regulatory Compliance built-in initiative. Each control is mapped to one or more Azure Policy definitions that assist with assessment.
-ms.date: 03/14/2022
+ms.date: 04/01/2022
 ms.topic: sample
 ms.custom: generated
 ---
 # Details of the CMMC Level 3 Regulatory Compliance built-in initiative
 
 The following article details how the Azure Policy Regulatory Compliance built-in initiative
-definition maps to **compliance domains** and **controls** in CMMC Level 3.
+definition maps to **compliance domains** and **controls** in Cybersecurity Maturity Model Certification (CMMC) Level 3.
 For more information about this compliance standard, see
 [CMMC Level 3](https://www.acq.osd.mil/cmmc/documentation.html). To understand
 _Ownership_, see [Azure Policy policy definition](../concepts/definition-structure.md#type) and
@@ -22,6 +22,9 @@ Then, find and select the **CMMC Level 3** Regulatory Compliance built-in
 initiative definition.
 
 > [!IMPORTANT]
+> This policy initiative was built to CMMC version 1.0 and will be updated in the future".
+> CMMC Level 2 under CMMC 2.0 is similar to CMMC Level 3 under CMMC 1.0, but has different control mappings.
+> 
 > Each control below is associated with one or more [Azure Policy](../overview.md) definitions.
 > These policies may help you [assess compliance](../how-to/get-compliance-data.md) with the
 > control; however, there often is not a one-to-one or complete match between a control and one or
@@ -31,7 +34,7 @@ initiative definition.
 > definitions at this time. Therefore, compliance in Azure Policy is only a partial view of your
 > overall compliance status. The associations between compliance domains, controls, and Azure Policy
 > definitions for this compliance standard may change over time. To view the change history, see the
-> [GitHub Commit History](https://github.com/Azure/azure-policy/commits/master/built-in-policies/policySetDefinitions/Regulatory%20Compliance/CMMC_L3.json).
+> [GitHub commit history](https://github.com/Azure/azure-policy/commits/master/built-in-policies/policySetDefinitions/Regulatory%20Compliance/CMMC_L3.json).
 
 ## Access Control
 
@@ -1097,4 +1100,4 @@ Additional articles about Azure Policy:
 - See the [initiative definition structure](../concepts/initiative-definition-structure.md).
 - Review other examples at [Azure Policy samples](./index.md).
 - Review [Understanding policy effects](../concepts/effects.md).
-- Learn how to [remediate non-compliant resources](../how-to/remediate-resources.md).
+- Learn how to [remediate non-compliant resources](../how-to/remediate-resources.md).
