MicrosoftDocs
diff --git a/‎learn-pr/azure/introduction-to-migrating-gcp-to-azure/includes/3-map-governance-features.md
Lines changed: 22 additions & 20 deletions b/‎learn-pr/azure/introduction-to-migrating-gcp-to-azure/includes/3-map-governance-features.md
Lines changed: 22 additions & 20 deletions
@@ -1,49 +1,51 @@
-Complex systems such as cloud computing platforms give users powerful functionality and a broad range of features. Meanwhile many jurisdictions have been implementing data protection legislation that you must comply with when you handle customer data. To ensure that you operate legally and securely, you must take control of your users' actions. Including, the data that they store and manipulate. This control is known as governance.
+Complex systems such as cloud computing platforms give users powerful functionality and a broad range of features. Meanwhile, many jurisdictions have been implementing data protection legislation that you must comply with when you handle customer data. To ensure that you operate legally and securely, you must take control of your users' actions--including the data that they store and manipulate. This control is called *governance*.
 
-In your global cycling manufacturer, you have a set of policies for the governance of information that enforce your company policies and relevant legislation in your Google Cloud systems. The competitor you recently merged with has different policies implemented in their Azure subscriptions. You need to understand the Azure settings and review them to ensure continued compliance.
+In the global cycling retailer, you have a set of policies for the governance of information. These policies enforce your company's requirements and relevant legislation in your Google Cloud systems. The competitor that you recently merged with has different policies implemented in its Azure subscriptions. You need to understand the Azure settings and review them to ensure continued compliance.
 
 In this unit, you examine governance tools in Azure and compare them to Google Cloud.
 
-:::image type="content" source="../media/governance-overview.png" alt-text="A diagram showing the types of service provided by Microsoft Azure and Google Cloud." border="false":::
+:::image type="content" source="../media/governance-overview.png" alt-text="Diagram that shows the types of services provided by Microsoft Azure and Google Cloud, with governance highlighted." border="false":::
 
-## Comparing governance in Azure and Google Cloud
+## Compare governance in Azure and Google Cloud
 
-Governance includes the Identity and Access Management (IAM) that you saw in the previous module. However it also includes compliance, resource allocation, security, and cost management to ensure that your cloud usage aligns with organizational goals and regulatory requirements. Effective governance promotes transparency, accountability, and risk management, and enables companies to use cloud services while they maintain control over data integrity, security, and resource utilization.
+Governance includes the identity and access management (IAM) that the previous module described. But it also includes compliance, resource allocation, security, and cost management to ensure that your cloud usage aligns with organizational goals and regulatory requirements. Effective governance promotes transparency, accountability, and risk management. It enables companies to use cloud services while they maintain control over data integrity, security, and resource utilization.
 
-But Azure and Google Cloud have governance tools with analogous features. Let's investigate and compare them.
+Azure and Google Cloud have governance tools with analogous features. Let's investigate and compare them.
 
-## Deploying Resources
+## Deploy resources
 
-A complete custom system deployed on a cloud service often consists of multiple resources of different types. For example, to implement a web app, you might need to deploy an HTML server, a database, several containers, and other components. Both Google Cloud and Azure have declarative deployment tools that you can use to ease the management of multiple resources and associate them into a single group of resources.
+A complete custom system deployed on a cloud service often consists of various types of resources. For example, to implement a web app, you might need to deploy an HTML server, a database, several containers, and other components. Both Google Cloud and Azure have declarative deployment tools that you can use to ease the management of multiple resources and associate them into a single group of resources.
 
 In Google Cloud, this functionality is in Deployment Manager. You write configuration YAML files and Jinja template files to define a set of resources. Terraform is another popular tool used in Google Cloud Platform (GCP) for infrastructure as code.
 
-In Azure, you can use Azure Resource Manager (ARM) to complete the same task. ARM templates are written in JSON format. You can alternatively choose to write Bicep files - Bicep is a domain specific language with a user-friendly syntax. For a cloud agnostic approach, Terraform is a great option as well.
+In Azure, you can use Azure Resource Manager templates (ARM templates) to complete the same task. ARM templates are written in JSON format. You can alternatively choose to write Bicep files. Bicep is a domain-specific language with a user-friendly syntax. For a cloud-agnostic approach, Terraform is also a great option.
 
 > [!NOTE]
-> At the time of writing, Azure Blueprints define a repeatable set of Azure resources that implement and adhere to an organization's standards, patterns, and requirements. However, Blueprints are to be deprecated in July 2026. Consider using ARM templates or Bicep files instead.
+> In Azure Blueprints, blueprints define a repeatable set of Azure resources that implement and adhere to an organization's standards, patterns, and requirements. However, Azure Blueprints is scheduled to be deprecated in July 2026. Consider using ARM templates or Bicep files instead.
 
-## Using policy
+## Use policies
 
-In Google Cloud, you use policies in IAM to apply permissions to roles. In Azure policies, you not only enforce IAM but also enforce specific rules and regulations across cloud resources. They allow administrators to define and apply rules to ensure compliance with organizational standards and regulatory requirements. Policies are defined in JSON format and can be applied to various scopes, such as subscriptions or resource groups.
+In Google Cloud, you use policies in IAM to apply permissions to roles. In Azure policies, you not only enforce IAM but also enforce specific rules and regulations across cloud resources.
 
-## Managing subscriptions
+Policies enable administrators to define and apply rules to help ensure compliance with organizational standards and regulatory requirements. Policies are defined in JSON format and can be applied to various scopes, such as subscriptions or resource groups.
 
-In Azure, many companies have a single subscription to contain all their resources. However, it's also possible to associate multiple subscriptions into a single object called a management group and then use it to assign permissions and complete other governance tasks. For example, Azure policies can be applied to all the subscriptions in a management group.
+## Manage subscriptions
 
-## Managing costs
+In Azure, many companies have a single subscription to contain all their resources. But it's also possible to associate multiple subscriptions into a single object called a *management group*. Companies can use a management group to assign permissions and complete other governance tasks. For example, a company can apply Azure policies to all the subscriptions in a management group.
 
-With limited budgets and tight margins, it's critical to ensure that you're getting the best value from your cloud services. Microsoft provides the [Microsoft Cost Management](/azure/cost-management-billing/costs/overview-cost-management) and [Billing](/azure/cost-management-billing/cost-management-billing-overview) tools to enable you to monitor and control Azure spending and optimize your resource use. They provide detailed insights into your costs and usage and help you to get the best value from your Azure investment.
+## Manage costs
 
-## Security
+With limited budgets and tight margins, it's critical to ensure that you're getting the best value from your cloud services. You can use [Microsoft Cost Management](/azure/cost-management-billing/costs/overview-cost-management) and [Microsoft Billing](/azure/cost-management-billing/cost-management-billing-overview) to monitor and control Azure spending and optimize your resource use. These services provide detailed insights into your costs and usage to help you get the best value from your Azure investment.
 
-[Microsoft Defender for Cloud](/azure/defender-for-cloud/defender-for-cloud-introduction) is a Cloud-Native Application Protection Platform (CNAPP) designed to prevent diverse cyber attacks and close well-known vulnerabilities. It offers unified security management and advanced threat protection across hybrid cloud workloads.
+## Provide security
 
-## Monitoring activity
+[Microsoft Defender for Cloud](/azure/defender-for-cloud/defender-for-cloud-introduction) is a cloud-native application protection platform (CNAPP) designed to prevent diverse cyberattacks and close well-known vulnerabilities. It offers unified security management and advanced threat protection across hybrid cloud workloads.
+
+## Monitor activity
 
 In governance, it's vital to investigate what users and services are doing, and restrict their actions ahead of time. By monitoring your resources and users, you can spot when permissions, roles, and policies might be incomplete or inappropriate.
 
-Azure Monitor provides this functionality. In Google Cloud, the Operation Suite has similar tools.
+Azure Monitor provides this functionality. In Google Cloud, the operations suite has similar tools.
 
 ## Learn more