COOKIE-TEMP - Clean Up

Cleaning up minor items.

Access_Control_Policy.md

@@ -1,6 +1,7 @@
 # ACCESS CONTROL POLICY
 
 ## Classification Level
+
 Publicly available
 
 ## Review Information

Bug_Report_Bounty_Policy.md

@@ -1,6 +1,7 @@
 # BUG REPORT/BOUNTY POLICY
 
 ## Classification Level
+
 Publicly available
 
 ## Review Information
@@ -11,7 +12,7 @@ Yearly
 
 __Date of Last Review__
 
-Februrary 23, 2024
+February 23, 2024
 
 ## Introduction
 
@@ -41,5 +42,5 @@ offering we don't want to turn that help away.
    1. Praise the work of the reporter on Twitter (if the reporter consents to having us release their Twitter handle and finding) and WE WILL
    1. Communicate the results of our investigation into the bug report with:
       1. The original reporter (if the reporter consents to having us release their Twitter handle and finding) AND
-      1. Identify our plan and timeframe to mitigate the issue
+      1. Identify our plan and time frame to mitigate the issue
    1. All determinations of risk are at the final discretion of the head of security.

Change_Management_Policy.md

@@ -12,7 +12,7 @@ Yearly
 
 __Date of Last Review__
 
-Februrary 23, 2024
+February 23, 2024
 
 ## Introduction
 

Font_Awesome_Cookie_Policy.md

@@ -1,6 +1,7 @@
 # FONT AWESOME COOKIE POLICY (DRAFT)
 
 ## Classification Level
+
 Publicly available
 
 ## Review Information
@@ -11,7 +12,7 @@ Yearly
 
 __Date of Last Review__
 
-November 21, 2022
+February 23, 2024
 
 ## Introduction
 
@@ -42,7 +43,7 @@ related questions have become common enough that it is appropriate to address sp
 
 1. This policy applies to all employees.
 1. Cookies are collected for the purpose of:
-   1. Providing a consistant experience across the website by managing state between pages
+   1. Providing a consistent experience across the website by managing state between pages
    1. Securing the site from bots and other unauthorized individuals 
    1. Determining and analyzing user traffic on the site
    1. Allowing for secure payment schemes

Incident_Response_Policy.md

@@ -12,7 +12,7 @@ Yearly
 
 __Date of Last Review__
 
-Februrary 23, 2024
+February 23, 2024
 
 ## Introduction
 
@@ -49,22 +49,22 @@ understand how we deal with issues, especially those that might result in a loss
 
 1. All critical systems must have some level of automated monitoring and alerting.
 1. At least one employee must always be "on call" to respond to alerts 24 hours a day 7 days a week.
-1. The on call person must either have access to their computer or a device that is configured to recieve alerts from our automated systems.
+1. The on call person must either have access to their computer or a device that is configured to receive alerts from our automated systems.
 1. All employees are responsible for monitoring potential incidents generally.
 1. The support lead or an assigned delegate monitors help desk tickets for potential incidents between 9 AM and 5 PM Eastern Time, Monday through Friday.
 1. Any employee who detects an incident or potential incident must immediately report it to our internal reporting tool.
 1. Incidents must be investigated immediately.
-   1. If the incident causes an outage or serious degredation of service, it must be addressed immediately.
-   1. If it is unclear if an incident causes serious degredation of service, validate with head of ops, head of development, or the CTO.
-   1. Incidents not causing an outage or serious degregation of service may be addressed during normal business hours.
+   1. If the incident causes an outage or serious degradation of service, it must be addressed immediately.
+   1. If it is unclear if an incident causes serious degradation of service, validate with head of ops, head of development, or the CTO.
+   1. Incidents not causing an outage or serious degradation of service may be addressed during normal business hours.
 1. Any employee can begin addressing an incident after reporting.
 1. During an active incident, all employees should consider the incident their top priority and should coordinate with the team to determine what actions they are expected to take to remedy the issue.
 1. Upon detection of an incident impacting clients a discussion will occur internally and an appropriate employee will make an initial, official statement via Twitter.
-1. System outages must be updated on our status indicator page once we have definitively determined a degregation or service outage.
+1. System outages must be updated on our status indicator page once we have definitively determined a degradation or service outage.
 1. Other department heads or employees will update official communication as necessary.
 1. If an incident results in the loss of client data, we will also communicate that information directly to clients via their existing contact information.
 
 ## Procedures
 
 1. An employee that detects any violation of this policy must report the issue to their supervisor, the head of development, the head of security, or the CTO.
-1. Intentionally or maliciously violating this policy is a serious offense and is grouds for termination of employment.
+1. Intentionally or maliciously violating this policy is a serious offense and is grounds for termination of employment.

NDAA_Sec_889_Attestation.md

@@ -1,4 +1,4 @@
-# ATTESTATION OF COMPLIANCE WITH NATIONAL DEFENCE AUTHORIZATION ACT - SECTION 889, PARTS A & B
+# ATTESTATION OF COMPLIANCE WITH NATIONAL DEFENSE AUTHORIZATION ACT - SECTION 889, PARTS A & B
 
 ## Classification Level
 
@@ -12,7 +12,7 @@ Yearly
 
 __Date of Last Review__
 
-Februrary 23, 2024
+February 23, 2024
 
 ## Attestation
 
@@ -31,7 +31,7 @@ Certifications-Commercial Items.
 
 Provisions are reproduced below for convenience.
 
-Evidence of review stored interally in [sec repo](https://github.com/FortAwesome/sec/blob/main/docs/ndaa_889_review.md).
+Evidence of review stored internally in [sec repo](https://github.com/FortAwesome/sec/blob/main/docs/ndaa_889_review.md).
 
 I certify that misleading or inaccurate information represents violation of False Claims Act and may result in immediate cancellation or
 termination of current or future contracts with the U.S. Government.
@@ -43,7 +43,7 @@ without:
 
 ## Provisions
 
-### 52.204-26 COVERED TELECOMMUNICATIONS EQUIPMENT OR SERVICESREPRESENTATION (DEC 2019)
+### 52.204-26 COVERED TELECOMMUNICATIONS EQUIPMENT OR SERVICES REPRESENTATION (DEC 2019)
 
 (a) Definitions. As used in this provision, “covered telecommunications equipment or services”
 has the meaning provided in the clause 52.204-25, Prohibition on Contracting for Certain

Request_for_Security_Information.md

@@ -6,20 +6,20 @@ Publicly available
 
 ## Review Information
 
-__Mandatory Reivew Period__
+__Mandatory Review Period__
 
 Quarterly
 
 __Date of Last Review__
 
-Februrary 23, 2024
+February 23, 2024
 
 ## Purpose
 
 Fonticons, Inc. receives regular requests to supply security related information and often fill out security questionnaires.
 While we understand that this is often a part of business and security process, we do not typically provide answers to 
 these questions. However, in the interest of transparency and respect for others' processes, this document lays out our 
-publically available security information. We will keep this document up-to-date. Please review these contents before 
+publicly available security information. We will keep this document up-to-date. Please review these contents before 
 requesting additional security information.
 
 ## Font Awesome Security