diff --git a/AU-Policy.md b/AU-Policy.md
index d132814..6c45fe4 100644
--- a/AU-Policy.md
+++ b/AU-Policy.md
@@ -1,7 +1,7 @@
 # Audit and accountability management policy
 
-See [CIO 2100.1L – GSA IT Security
-Policy](https://www.gsa.gov/cdnstatic/CIO_2100_1L_CHGE_1_CC040905_signed_PDF_version_7-15-2019.pdf)
+See [CIO 2100.1P – GSA IT Security
+Policy](https://www.gsa.gov/directives/files?file=2024-02%2FCC048589%20Final%20Directive%20CIO%202100.1P%20GSA%20Information%20Technology%20Security%20Policy.pdf)
 
 * Chapter 3, _Policy for Identify Function_, which covers:
   * AU-1 policy control
@@ -12,7 +12,7 @@ Policy](https://www.gsa.gov/cdnstatic/CIO_2100_1L_CHGE_1_CC040905_signed_PDF_ver
 * Chapter 6, _Policy for Respond Function_, which covers:
   * AU-6, AU-7s
 
-The latest version can be found on the [GSA IT Security Policies](https://www.gsa.gov/about-us/organization/office-of-the-chief-information-officer/chief-information-security-officer-ciso/it-security-policies) page.
+The latest version can be found on the [GSA IT Security Policies](https://www.gsa.gov/policy-regulations/policy/information-technology-policy/gsa-it-security-policies) page.
 
 ## Purpose
 
@@ -101,7 +101,7 @@ We use reporting rulesets developed by the Snort, Nessus and ClamAV teams, which
 Security vulnerabilities and system inconsistencies are reviewed by the Cloud Operations team (notified by email, text message and voice phone call).  Security vulnerabilities which are not classified as high are reviewed weekly and resolved by Cloud Operations. Regular security reports are automatically generated by Nessus and sent to the System Owner, GSA’s Information Security team and other partner agencies as required.
 See SI procedures for more detail.
 
-The Cloud Operations team acts on findings that result from its regular audit process according to its incident response guidelines (https://docs.cloud.gov/ops/security-ir), including notifying GSA Information Security, the System Owner, and the ISSO.
+The Cloud Operations team acts on findings that result from its regular audit process according to its incident response guidelines (https://github.com/cloud-gov/internal-docs/blob/main/docs/resources/Plans-and-Procedures/security-ir.md), including notifying GSA Information Security, the System Owner, and the ISSO.
 
 See AU-6.
 
@@ -203,3 +203,4 @@ Complete version history: https://github.com/cloud-gov/cg-compliance-docs/commit
 * 2020-11: Update links to GitHub and GSA policies, split controls by CSF, add version history
 * 2021-11: Update to reference Grafana and Prometheus instead of obsoleted components
 * 2023-07: Update AU-11 guidance for M-21-31 and AWS WAF exception
+* 2024-05: Update links to GSA Security Policy and Incident Response Guideline