NHSDigital
diff --git a/‎README.md‎
Lines changed: 7 additions & 5 deletions b/‎README.md‎
Lines changed: 7 additions & 5 deletions
diff --git a/‎continuous-improvement.md‎
Lines changed: 1 addition & 1 deletion b/‎continuous-improvement.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎images/engineering-ecosystem-dark.png‎
159 KB b/‎images/engineering-ecosystem-dark.png‎
159 KB
diff --git a/‎images/engineering-ecosystem-light.png‎
163 KB b/‎images/engineering-ecosystem-light.png‎
163 KB
diff --git a/‎images/engineering-ecosystem.png‎
187 KB b/‎images/engineering-ecosystem.png‎
187 KB
diff --git a/‎quality-dashboard.png‎ ‎images/quality-dashboard.png‎quality-dashboard.png renamed to images/quality-dashboard.png b/‎quality-dashboard.png‎ ‎images/quality-dashboard.png‎quality-dashboard.png renamed to images/quality-dashboard.png
diff --git a/‎quality-view.svg‎ ‎images/quality-view.svg‎quality-view.svg renamed to images/quality-view.svg b/‎quality-view.svg‎ ‎images/quality-view.svg‎quality-view.svg renamed to images/quality-view.svg
diff --git a/‎metrics.md‎
Lines changed: 1 addition & 1 deletion b/‎metrics.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎practices/security.md‎
Lines changed: 1 addition & 1 deletion b/‎practices/security.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎quality-checks.md‎
Lines changed: 1 addition & 1 deletion b/‎quality-checks.md‎
Lines changed: 1 addition & 1 deletion
@@ -2,12 +2,14 @@
 
 ## Purpose
 
-The framework is concerned with using "good" software engineering to support rapid and safe delivery of high-quality software, at scale. It aims to:
-* Describe a shared (across multiple teams) view of what "good" software delivery and operations looks like
-* Assist teams to practice continuous improvement
-* Signpost useful training resources and examples/blueprints relating to aspects of "good"
-* Provide resources useful for establishment & expansion of an engineering community
+This framework is concerned with using "good" software engineering to support rapid and safe delivery of high-quality software, at scale.
 
+It aims to:
+1. Describe a shared (across multiple teams) definition of "good" engineering
+2. Provide tools for teams to gain insight into their current engineering maturity levels
+3. Provide resources to support teams to increase their engineering maturity levels
+
+![Ecosystem](images/engineering-ecosystem.png)
 ## Philosophy
 
 The philosophy underpinning this framework advocates:
 
@@ -136,7 +136,7 @@ value = criticality x (bugs + delays + uncertainty + unhappiness)
 
 Visualising technical debt using an approach like Colin Breck's [Quality Views](https://blog.colinbreck.com/using-quality-views-to-communicate-software-quality-and-evolution/) can help facilitate conversations about how much improvement effort is required and where it should be focussed.
 
-![Quality View](quality-view.svg)
+![Quality View](images/quality-view.svg)
 [Example Quality View by Colin Breck]
 
 ## Acting
 
@@ -8,7 +8,7 @@ These hard figures help us to measure the effect of improvement work over time,
 
 Also, these metrics are intended to be considered as part of [engineering reviews](review.md). We recommend tracking these metrics on an Engineering Quality dashboard for teams to track their progress with improvements in line with the engineering reviews, for example:
 
-![Example Dashboard](quality-dashboard.png)
+![Example Dashboard](images/quality-dashboard.png)
 
 These metrics are obviously limited to engineering concerns, and are only one part of the picture. For example, we don't want to build the wrong thing, even if we build it in a great way! We recommend that these metrics form part of a broader set of health indicators, including data relating to user satisfaction.
 
 
@@ -70,7 +70,7 @@ The remainder of this page gives more detailed and specific recommendations to b
   - Code must be automatically scanned for secrets or other sensitive data:
     - To catch any issues early and to minimise potential exposure, scan code on developer machines *before* code is committed to the code repository. We recommend using [awslabs git-secrets](https://github.com/awslabs/git-secrets). To set this up on a Mac workstation or as part of your Jenkins pipeline, follow the examples and READMEs in [nhsd-git-secrets](../nhsd-git-secrets). Windows testing is in progress and instructions/code will be added in due course
     - As a backstop, *also* enable server-side scanning within the code repository. Recommended solution options:
-      - TO DO: more details... for example in [GitHub](https://docs.github.com/en/github/administering-a-repository/about-secret-scanning)
+      - TO DO: more details... for example in [GitHub](https://docs.github.com/en/code-security/secret-security/about-secret-scanning)
   - Be wary of any 3rd party JavaScript included on the page, e.g. for A/B testing, analytics
   - Pin dependencies at known versions to avoid unexpected updates
   - Scan dependencies for vulnerabilities, e.g. using [OWASP Dependency Check](https://www.owasp.org/index.php/OWASP_Dependency_Check) or [Snyk](https://snyk.io/)
 
@@ -34,7 +34,7 @@ We rate our applications against each of these checks as follows:
 
 We recommend tracking progress on an Engineering Quality dashboard, for example:
 
-![Example Dashboard](quality-dashboard.png)
+![Example Dashboard](images/quality-dashboard.png)
 
 ## Details