update scope requirement - line 27

Author: duongau

articles/virtual-network-manager/overview.md

@@ -24,7 +24,7 @@ Azure Virtual Network Manager is a management service that enables you to group,
 
 :::image type="content" source="./media/overview/management-group.png" alt-text="Diagram of management group in Virtual Network Manager.":::
 
-During the creation process, you define the scope for what your Azure Virtual Network Manager will manage. The scope can be defined at the subscription or [management group](../governance/management-groups/overview.md) level. After defining the scope, you enable features such as *Connectivity* and the *SecurityAdmin* role for your Virtual Network Manager.
+During the creation process, you define the scope for what your Azure Virtual Network Manager will manage. Defining a scope requires a [management group](../governance/management-groups/overview.md) to be created. After defining the scope, you enable features such as *Connectivity* and the *SecurityAdmin* role for your Virtual Network Manager.
 
 After you deploy the Virtual Network Manager instance, you then create a *network group* by using conditional statements to select virtual networks by name, tags, or IDs (dynamic membership). You can also select specific virtual networks (static membership). The network group rules defined are reflected in Azure Policy as a custom initiative definition and corresponding assignment that illustrate the rules you defined for virtual network membership. For more information about Azure Policy initiatives, see [Azure Policy initiative structure](../governance/policy/concepts/initiative-definition-structure.md). These policies are available in read-only mode today. For more information about how to create, update, and delete these policies, see [Network groups and Azure Policy](concept-network-groups.md#network-group-and-azure-policy). You then create connectivity and/or security configuration(s) applied to those network groups based on your topology and security needs.