diff --git a/README.md b/README.md
index c94eec33..9427c9df 100644
--- a/README.md
+++ b/README.md
@@ -74,17 +74,17 @@ The following checks are all run against the target project:
 
 | Name  | Description |
 |---|---|
-| Security-MD | Does the project contain security policies? |
+| Security-MD | Does the project contain a [security policy](https://docs.github.com/en/free-pro-team@latest/github/managing-security-vulnerabilities/adding-a-security-policy-to-your-repository)? |
 | Contributors  | Does the project have contributors from at least two different organizations? |
-| Frozen-Deps | Does the project declare and freeze dependencies? |
+| Frozen-Deps | Does the project declare and freeze [dependencies](https://docs.github.com/en/free-pro-team@latest/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)? |
+| Signed-Releases | Does the project cryptographically [sign releases](https://wiki.debian.org/Creating%20signed%20GitHub%20releases)? |
 | Signed-Tags | Does the project cryptographically sign release tags? |
-| Signed-Releases | Does the project cryptographically sign releases? |
 | CI-Tests | Does the project run tests in CI? |
 | Code-Review | Does the project require code review before code is merged? |
-| CII-Best-Practices | Does the project have a CII Best Practices Badge? |
-| Pull-Requests | Does the project use Pull Requests for all changes? |
-| Fuzzing | Does the project use OSS-Fuzz? |
-| SAST | Does the project use static code analysis tools, e.g. CodeQL? |
+| CII-Best-Practices | Does the project have a [CII Best Practices Badge](https://bestpractices.coreinfrastructure.org/en)? |
+| Pull-Requests | Does the project use Pull Requests for all code changes? |
+| Fuzzing | Does the project use [OSS-Fuzz](https://github.com/google/oss-fuzz)? |
+| SAST | Does the project use static code analysis tools, e.g. [CodeQL](https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/enabling-code-scanning-for-a-repository#enabling-code-scanning-using-actions)? |
 | Active | Did the project get any commits and releases in last 90 days? |
 
 To see detailed information on how each check works, see the [check-specific documentation page](checks.md).