diff --git a/README.md b/README.md
index 241e44e..ff607ae 100644
--- a/README.md
+++ b/README.md
@@ -4,15 +4,15 @@ Module for creating Title 26 Compliant S3 Buckets
 
 # Requirements
 
-1. Encryption enforcement on the Bucket Policy 
 1. Only Cloud Administrators have bucket delete permissions
 1. Permissions tightly controlled with Bucket Policy and IAM role/policy for users, instances, and other services
-1. Dedicated KMS CMK key 
+1. Encryption enforcement on the Bucket Policy 
+1. Dedicated KMS Customer Master Key (CMK) created per S3 bucket
 1. MFA enforced API calls – required for all data migrations (Cloud and Data Admins)
 1. Object Level Logging enabled with 7 year retention on CloudWatch Log Group
-1. Backup logs to BCC (How often?)
+  * Backup logs to BCC (How often?)
 1. Server Access Logging enabled with 7 year retention on CloudWatch Log Group
-1. Backup logs to BCC (How often?)
+   * Backup logs to BCC (How often?)
 1. Versioning enabled
 1. Monthly Security Audit reviews
    * By customer?
@@ -20,4 +20,4 @@ Module for creating Title 26 Compliant S3 Buckets
 1. IP Address Restriction policy enforced
 1. Not publically accessible
 1. Customer signature for key deletion(s) during decommissioning(s) and maximum wait period
-1. Delete CMK key for Data Sanitization.
+1. Delete CMK for Data Sanitization