diff --git a/windows/client-management/mdm/policy-csp-servicecontrolmanager.md b/windows/client-management/mdm/policy-csp-servicecontrolmanager.md
index 0601509035..36b8570d34 100644
--- a/windows/client-management/mdm/policy-csp-servicecontrolmanager.md
+++ b/windows/client-management/mdm/policy-csp-servicecontrolmanager.md
@@ -1,100 +1,106 @@
---
-title: Policy CSP - ServiceControlManager
-description: Learn how the Policy CSP - ServiceControlManager setting enables process mitigation options on svchost.exe processes.
+title: ServiceControlManager Policy CSP
+description: Learn more about the ServiceControlManager Area in Policy CSP
+author: vinaypamnani-msft
+manager: aaroncz
ms.author: vinpa
-ms.topic: article
+ms.date: 12/19/2022
+ms.localizationpriority: medium
ms.prod: windows-client
ms.technology: itpro-manage
-author: Heidilohr
-ms.localizationpriority: medium
-ms.date: 09/27/2019
+ms.topic: reference
---
+
+
+
# Policy CSP - ServiceControlManager
-
+> [!TIP]
+> Some of these are ADMX-backed policies and require a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+>
+> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+>
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
-
-## ServiceControlManager policies
+
+
+
-
- -
- ServiceControlManager/SvchostProcessMitigation
-
-
+
+## SvchostProcessMitigation
-
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device
:x: User | :x: Home
:x: Pro
:heavy_check_mark: Enterprise
:heavy_check_mark: Education
:x: Windows SE | :heavy_check_mark: Windows 10, version 1903 [10.0.18362] and later |
+
-
-**ServiceControlManager/SvchostProcessMitigation**
+
+```Device
+./Device/Vendor/MSFT/Policy/Config/ServiceControlManager/SvchostProcessMitigation
+```
+
-
-
-|Edition|Windows 10|Windows 11|
-|--- |--- |--- |
-|Home|No|No|
-|Pro|No|No|
-|Windows SE|No|No|
-|Business|Yes|Yes|
-|Enterprise|Yes|Yes|
-|Education|Yes|Yes|
-
-
-
-
-
-[Scope](./policy-configuration-service-provider.md#policy-scope):
-
-> [!div class = "checklist"]
-> * Device
-
-
-
-
-
+
+
This policy setting enables process mitigation options on svchost.exe processes.
If you enable this policy setting, built-in system services hosted in svchost.exe processes will have stricter security policies enabled on them.
-These stricter security policies include a policy requiring all binaries loaded in these processes to be signed by Microsoft, and a policy disallowing dynamically generated code.
+This includes a policy requiring all binaries loaded in these processes to be signed by microsoft, as well as a policy disallowing dynamically-generated code.
+
+If you disable or do not configure this policy setting, these stricter security settings will not be applied.
+
+
+
+
+
+If you enable this policy, it adds code integrity guard (CIG) and arbitrary code guard (ACG) enforcement and other process mitigation/code integrity policies to SVCHOST processes.
> [!IMPORTANT]
-> Enabling this policy could cause compatibility issues with third-party software that uses svchost.exe processes (for example, third-party antivirus software).
+> Enabling this policy could cause compatibility issues with third-party software that uses svchost.exe processes. For example, third-party antivirus software.
-If you disable or do not configure this policy setting, the stricter security settings will not be applied.
+
-
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | chr (string) |
+| Access Type | Add, Delete, Get, Replace |
+
+
+
> [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](../understanding-admx-backed-policies.md).
->
-> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](../understanding-admx-backed-policies.md#enabling-a-policy).
->
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+> This is an ADMX-backed policy and requires SyncML format for configuration. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
-
-ADMX Info:
-- GP Friendly name: *Enable svchost.exe mitigation options*
-- GP name: *SvchostProcessMitigationEnable*
-- GP path: *System/Service Control Manager Settings/Security Settings*
-- GP ADMX file name: *ServiceControlManager.admx*
+**ADMX mapping**:
-
-
-Supported values:
-- Disabled - Do not add ACG/CIG enforcement and other process mitigation/code integrity policies to SVCHOST processes.
-- Enabled - Add ACG/CIG enforcement and other process mitigation/code integrity policies to SVCHOST processes.
-
-
+| Name | Value |
+|:--|:--|
+| Name | SvchostProcessMitigationEnable |
+| Friendly Name | Enable svchost.exe mitigation options |
+| Location | Computer Configuration |
+| Path | System > Service Control Manager Settings > Security Settings |
+| Registry Key Name | System\CurrentControlSet\Control\SCMConfig |
+| Registry Value Name | EnableSvchostMitigationPolicy |
+| ADMX File Name | ServiceControlManager.admx |
+
-
-
+
+
+
-
-
-
+
-
+
+
+
-## Related topics
+
-[Policy configuration service provider](policy-configuration-service-provider.md)
\ No newline at end of file
+## Related articles
+
+[Policy configuration service provider](policy-configuration-service-provider.md)