Merge pull request #177648 from MicrosoftGuyJFlo/GitHubIssue80730

PRMerger4 · web-flow · commit f1ca1bb14612 · 2021-10-26T11:52:07.000-07:00
[Azure AD] Identity Protection - GitHub Issue 80730
diff --git a/articles/active-directory/identity-protection/howto-identity-protection-configure-risk-policies.md b/articles/active-directory/identity-protection/howto-identity-protection-configure-risk-policies.md
@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: identity-protection
 ms.topic: how-to
-ms.date: 05/27/2021
+ms.date: 10/26/2021
 
 ms.author: joflore
 author: MicrosoftGuyJFlo
@@ -38,7 +38,7 @@ Configured trusted [network locations](../conditional-access/location-condition.
 
 ### Risk remediation
 
-Organizations can choose to block access when risk is detected. Blocking sometimes stops legitimate users from doing what they need to. A better solution is to allow self-remediation using Azure AD Multi-Factor Authentication (MFA) and self-service password reset (SSPR). 
+Organizations can choose to block access when risk is detected. Blocking sometimes stops legitimate users from doing what they need to. A better solution is to allow self-remediation using Azure AD Multi-Factor Authentication (MFA) and self-service password reset (SSPR).
 
 - When a user risk policy triggers: 
    - Administrators can require a secure password reset, requiring Azure AD MFA be done before the user creates a new password with SSPR, resetting the user risk. 
@@ -65,6 +65,8 @@ There are two locations where these policies may be configured, Conditional Acce
 
 > [!VIDEO https://www.youtube.com/embed/zEsbbik-BTE]
 
+Before enabling remediation policies, organizations may want to [investigate](howto-identity-protection-investigate-risk.md) and [remediate](howto-identity-protection-remediate-unblock.md) any active risks.
+
 ### User risk with Conditional Access
 
 1. Sign in to the **Azure portal** as a global administrator, security administrator, or Conditional Access administrator.
