diff --git a/SecurityPolicy.html b/SecurityPolicy.html
index b67f8f0..a1e32e6 100644
--- a/SecurityPolicy.html
+++ b/SecurityPolicy.html
@@ -509,7 +509,9 @@ Documentation for installing and configuring servers with the appropriate softwa
 <h4 id="s3.2.3"> 3.2.3. Patching </h4>
 
 <p>
-Software used on production servers must be kept current with respect to patches affecting software security. Patch application is governed by CCS and must be approved by the Systems Administration team leader, fully documented in the logs and reported by email to the Systems Administration list on completion (see &sect;4.2).
+Software used on production servers must be kept current with respect to patches affecting software security. Patch application
+<span class="strike">is governed by CCS and</span>  <!-- this is true, but CCS refers it to here, and the wording doesn't make sense without understanding CCS -->
+must be approved by the Systems Administration team leader, fully documented in the logs and reported by email to the Systems Administration list on completion (see &sect;4.2).
 </p>
 
 <h5 id="s3.2.3.1"> 3.2.3.1. “emergency” patching </h5>
@@ -1251,7 +1253,7 @@ CAcert trusted roles give up some privacy for the privacy of others.
 <p>
 Individuals and access (both) must be authorised by the Board.
 Only the Board may approve new individuals or any access to the systems.
-Each Individual should be proposed to the Board,
+Each individual should be proposed to the Board,
 with the relevant supporting information as above.
 </p>