Fix broken links

README.md

@@ -34,7 +34,7 @@ The philosophy underpinning this framework advocates:
 The framework is a companion to:
 
 * The [NHS service standard](https://service-manual.nhs.uk/service-standard), with cross-references in this format: [SERVICE-RELIABILITY](https://service-manual.nhs.uk/service-standard/14-operate-a-reliable-service)
-* The [NHS Digital architectural principles](https://digital.nhs.uk/about-nhs-digital/our-work/nhs-digital-architecture/principles), with cross-references in this format: [ARCHITECTURE-SECURITY](https://digital.nhs.uk/about-nhs-digital/our-work/nhs-digital-architecture/principles/adopt-appropriate-cyber-security-standards)
+* The [NHS Digital architectural principles](https://digital.nhs.uk/about-nhs-digital/our-work/nhs-digital-architecture/principles), with cross-references in this format: [ARCHITECTURE-SECURITY](https://digital.nhs.uk/developer/architecture/principles/adopt-appropriate-cyber-security-standards)
 
 ## Contents
 

practices/performance-testing.md

@@ -18,7 +18,7 @@
 ## Context
 
 - These notes are part of a broader set of [principles](../principles.md)
-- This is related to [Engineering quality-checks](https://digital.nhs.uk/about-nhs-digital/our-work/nhs-digital-architecture/principles/adopt-appropriate-cyber-security-standards)
+- This is related to [Engineering quality checks](../quality-checks.md)
 - Related community of practice: [Test Automation Working Group](../communities/pd-test-automation-working-group.md)
 - See also:
   - [Quality Metrics](../quality-checks.md)

practices/security.md

@@ -13,7 +13,7 @@
 ## Context
 
 - These notes are part of a broader set of [principles](../principles.md)
-- This is related to [ARCHITECTURE-SECURITY](https://digital.nhs.uk/about-nhs-digital/our-work/nhs-digital-architecture/principles/adopt-appropriate-cyber-security-standards)
+- This is related to [ARCHITECTURE-SECURITY](https://digital.nhs.uk/developer/architecture/principles/adopt-appropriate-cyber-security-standards)
 - :warning:Any deviation away from these security practices **must** be discussed with your security lead
 
 ## Use the NCSC guidance
@@ -83,7 +83,7 @@ The remainder of this page gives more detailed and specific recommendations to b
   - Be wary of any 3rd party JavaScript included on the page, e.g. for A/B testing, analytics
   - Pin dependencies at known versions to avoid unexpected updates
   - Scan dependencies for vulnerabilities, e.g. using [OWASP Dependency Check](https://owasp.org/www-project-dependency-check/) or [Snyk](https://snyk.io/)
-  - Scan running software, e.g. using [OWASP ZAP](https://owasp.org/www-project-zap/)
+  - Scan running software, e.g. using [Zed Attack Proxy](https://www.zaproxy.org/)
 - **Automate** security testing — on every build if practical
   - Generate test data in a way that avoids including personally identifiable information
 - When granting roles to CI/CD tools, use different roles for the different stages in the deployment pipeline — for example so that a deployment meant for a development account cannot be performed against a production account

quality-checks.md

@@ -1,4 +1,4 @@
-# Engineering quality-checks
+# Engineering quality checks
 
 This is part of a broader [quality framework](README.md) and forms a key part of the [metrics](insights/metrics.md) section.