diff --git a/cfg/cis-1.5/node.yaml b/cfg/cis-1.5/node.yaml
index da0c786..212abc0 100644
--- a/cfg/cis-1.5/node.yaml
+++ b/cfg/cis-1.5/node.yaml
@@ -41,12 +41,15 @@ groups:
         text: "Ensure that the proxy kubeconfig file permissions are set to 644 or more restrictive (Scored)"
         audit: '/bin/sh -c ''if test -e $proxykubeconfig; then stat -c permissions=%a $proxykubeconfig; fi'' '
         tests:
+          bin_op: or
           test_items:
             - flag: "permissions"
               set: true
               compare:
                 op: bitmask
                 value: "644"
+            - flag: "$proxykubeconfig"
+              set: false
         remediation: |
           Run the below command (based on the file location on your system) on the each worker node.
           For example,
@@ -57,9 +60,12 @@ groups:
         text: "Ensure that the proxy kubeconfig file ownership is set to root:root (Scored)"
         audit: '/bin/sh -c ''if test -e $proxykubeconfig; then stat -c %U:%G $proxykubeconfig; fi'' '
         tests:
+          bin_op: or
           test_items:
             - flag: root:root
               set: true
+            - flag: "$proxykubeconfig"
+              set: false
         remediation: |
           Run the below command (based on the file location on your system) on the each worker node.
           For example, chown root:root $proxykubeconfig
diff --git a/cfg/cis-1.6/node.yaml b/cfg/cis-1.6/node.yaml
index 3602dd0..8eedf41 100644
--- a/cfg/cis-1.6/node.yaml
+++ b/cfg/cis-1.6/node.yaml
@@ -39,11 +39,15 @@ groups:
         text: "If proxy kubeconfig file exists ensure permissions are set to 644 or more restrictive (Manual)"
         audit: '/bin/sh -c ''if test -e $proxykubeconfig; then stat -c permissions=%a $proxykubeconfig; fi'' '
         tests:
+          bin_op: or
           test_items:
             - flag: "permissions"
+              set: true
               compare:
                 op: bitmask
                 value: "644"
+            - flag: "$proxykubeconfig"
+              set: false
         remediation: |
           Run the below command (based on the file location on your system) on the each worker node.
           For example,
@@ -54,8 +58,11 @@ groups:
         text: "Ensure that the proxy kubeconfig file ownership is set to root:root (Manual)"
         audit: '/bin/sh -c ''if test -e $proxykubeconfig; then stat -c %U:%G $proxykubeconfig; fi'' '
         tests:
+          bin_op: or
           test_items:
             - flag: root:root
+            - flag: "$proxykubeconfig"
+              set: false
         remediation: |
           Run the below command (based on the file location on your system) on the each worker node.
           For example, chown root:root $proxykubeconfig
diff --git a/codecov.yml b/codecov.yml
index f0b53bb..1c23d94 100644
--- a/codecov.yml
+++ b/codecov.yml
@@ -1,3 +1,4 @@
+---
 coverage:
   status:
     project:
diff --git a/integration/testdata/cis-1.5/job-node.data b/integration/testdata/cis-1.5/job-node.data
index 3865f4b..57e2155 100644
--- a/integration/testdata/cis-1.5/job-node.data
+++ b/integration/testdata/cis-1.5/job-node.data
@@ -2,8 +2,8 @@
 [INFO] 4.1 Worker Node Configuration Files
 [PASS] 4.1.1 Ensure that the kubelet service file permissions are set to 644 or more restrictive (Scored)
 [PASS] 4.1.2 Ensure that the kubelet service file ownership is set to root:root (Scored)
-[FAIL] 4.1.3 Ensure that the proxy kubeconfig file permissions are set to 644 or more restrictive (Scored)
-[FAIL] 4.1.4 Ensure that the proxy kubeconfig file ownership is set to root:root (Scored)
+[PASS] 4.1.3 Ensure that the proxy kubeconfig file permissions are set to 644 or more restrictive (Scored)
+[PASS] 4.1.4 Ensure that the proxy kubeconfig file ownership is set to root:root (Scored)
 [PASS] 4.1.5 Ensure that the kubelet.conf file permissions are set to 644 or more restrictive (Scored)
 [PASS] 4.1.6 Ensure that the kubelet.conf file ownership is set to root:root (Scored)
 [PASS] 4.1.7 Ensure that the certificate authorities file permissions are set to 644 or more restrictive (Scored)
@@ -26,13 +26,6 @@
 [PASS] 4.2.13 Ensure that the Kubelet only makes use of Strong Cryptographic Ciphers (Not Scored)
 
 == Remediations ==
-4.1.3 Run the below command (based on the file location on your system) on the each worker node.
-For example,
-chmod 644 /etc/kubernetes/proxy.conf
-
-4.1.4 Run the below command (based on the file location on your system) on the each worker node.
-For example, chown root:root /etc/kubernetes/proxy.conf
-
 4.2.6 If using a Kubelet config file, edit the file to set protectKernelDefaults: true.
 If using command line arguments, edit the kubelet service file
 /etc/systemd/system/kubelet.service.d/10-kubeadm.conf on each worker node and
@@ -71,7 +64,7 @@ systemctl restart kubelet.service
 
 
 == Summary ==
-17 checks PASS
-5 checks FAIL
+19 checks PASS
+3 checks FAIL
 1 checks WARN
 0 checks INFO
diff --git a/integration/testdata/cis-1.5/job.data b/integration/testdata/cis-1.5/job.data
index 142c7c0..89d6d35 100644
--- a/integration/testdata/cis-1.5/job.data
+++ b/integration/testdata/cis-1.5/job.data
@@ -215,8 +215,8 @@ minimum.
 [INFO] 4.1 Worker Node Configuration Files
 [PASS] 4.1.1 Ensure that the kubelet service file permissions are set to 644 or more restrictive (Scored)
 [PASS] 4.1.2 Ensure that the kubelet service file ownership is set to root:root (Scored)
-[FAIL] 4.1.3 Ensure that the proxy kubeconfig file permissions are set to 644 or more restrictive (Scored)
-[FAIL] 4.1.4 Ensure that the proxy kubeconfig file ownership is set to root:root (Scored)
+[PASS] 4.1.3 Ensure that the proxy kubeconfig file permissions are set to 644 or more restrictive (Scored)
+[PASS] 4.1.4 Ensure that the proxy kubeconfig file ownership is set to root:root (Scored)
 [PASS] 4.1.5 Ensure that the kubelet.conf file permissions are set to 644 or more restrictive (Scored)
 [PASS] 4.1.6 Ensure that the kubelet.conf file ownership is set to root:root (Scored)
 [PASS] 4.1.7 Ensure that the certificate authorities file permissions are set to 644 or more restrictive (Scored)
@@ -239,13 +239,6 @@ minimum.
 [PASS] 4.2.13 Ensure that the Kubelet only makes use of Strong Cryptographic Ciphers (Not Scored)
 
 == Remediations ==
-4.1.3 Run the below command (based on the file location on your system) on the each worker node.
-For example,
-chmod 644 /etc/kubernetes/proxy.conf
-
-4.1.4 Run the below command (based on the file location on your system) on the each worker node.
-For example, chown root:root /etc/kubernetes/proxy.conf
-
 4.2.6 If using a Kubelet config file, edit the file to set protectKernelDefaults: true.
 If using command line arguments, edit the kubelet service file
 /etc/systemd/system/kubelet.service.d/10-kubeadm.conf on each worker node and
@@ -284,8 +277,8 @@ systemctl restart kubelet.service
 
 
 == Summary ==
-17 checks PASS
-5 checks FAIL
+19 checks PASS
+3 checks FAIL
 1 checks WARN
 0 checks INFO
 [INFO] 5 Kubernetes Policies
diff --git a/integration/testdata/cis-1.6/job-node.data b/integration/testdata/cis-1.6/job-node.data
index 942c7a4..80daa4a 100644
--- a/integration/testdata/cis-1.6/job-node.data
+++ b/integration/testdata/cis-1.6/job-node.data
@@ -2,8 +2,8 @@
 [INFO] 4.1 Worker Node Configuration Files
 [PASS] 4.1.1 Ensure that the kubelet service file permissions are set to 644 or more restrictive (Automated)
 [PASS] 4.1.2 Ensure that the kubelet service file ownership is set to root:root (Automated)
-[WARN] 4.1.3 If proxy kubeconfig file exists ensure permissions are set to 644 or more restrictive (Manual)
-[WARN] 4.1.4 Ensure that the proxy kubeconfig file ownership is set to root:root (Manual)
+[PASS] 4.1.3 If proxy kubeconfig file exists ensure permissions are set to 644 or more restrictive (Manual)
+[PASS] 4.1.4 Ensure that the proxy kubeconfig file ownership is set to root:root (Manual)
 [PASS] 4.1.5 Ensure that the --kubeconfig kubelet.conf file permissions are set to 644 or more restrictive (Automated)
 [PASS] 4.1.6 Ensure that the --kubeconfig kubelet.conf file ownership is set to root:root (Manual)
 [PASS] 4.1.7 Ensure that the certificate authorities file permissions are set to 644 or more restrictive (Manual)
@@ -26,13 +26,6 @@
 [PASS] 4.2.13 Ensure that the Kubelet only makes use of Strong Cryptographic Ciphers (Manual)
 
 == Remediations ==
-4.1.3 Run the below command (based on the file location on your system) on the each worker node.
-For example,
-chmod 644 /etc/kubernetes/proxy.conf
-
-4.1.4 Run the below command (based on the file location on your system) on the each worker node.
-For example, chown root:root /etc/kubernetes/proxy.conf
-
 4.2.6 If using a Kubelet config file, edit the file to set protectKernelDefaults: true.
 If using command line arguments, edit the kubelet service file
 /etc/systemd/system/kubelet.service.d/10-kubeadm.conf on each worker node and
@@ -71,7 +64,7 @@ systemctl restart kubelet.service
 
 
 == Summary ==
-17 checks PASS
+19 checks PASS
 1 checks FAIL
-5 checks WARN
+3 checks WARN
 0 checks INFO
diff --git a/integration/testdata/cis-1.6/job.data b/integration/testdata/cis-1.6/job.data
index bf5d50f..5b809d7 100644
--- a/integration/testdata/cis-1.6/job.data
+++ b/integration/testdata/cis-1.6/job.data
@@ -222,8 +222,8 @@ minimum.
 [INFO] 4.1 Worker Node Configuration Files
 [PASS] 4.1.1 Ensure that the kubelet service file permissions are set to 644 or more restrictive (Automated)
 [PASS] 4.1.2 Ensure that the kubelet service file ownership is set to root:root (Automated)
-[WARN] 4.1.3 If proxy kubeconfig file exists ensure permissions are set to 644 or more restrictive (Manual)
-[WARN] 4.1.4 Ensure that the proxy kubeconfig file ownership is set to root:root (Manual)
+[PASS] 4.1.3 If proxy kubeconfig file exists ensure permissions are set to 644 or more restrictive (Manual)
+[PASS] 4.1.4 Ensure that the proxy kubeconfig file ownership is set to root:root (Manual)
 [PASS] 4.1.5 Ensure that the --kubeconfig kubelet.conf file permissions are set to 644 or more restrictive (Automated)
 [PASS] 4.1.6 Ensure that the --kubeconfig kubelet.conf file ownership is set to root:root (Manual)
 [PASS] 4.1.7 Ensure that the certificate authorities file permissions are set to 644 or more restrictive (Manual)
@@ -246,13 +246,6 @@ minimum.
 [PASS] 4.2.13 Ensure that the Kubelet only makes use of Strong Cryptographic Ciphers (Manual)
 
 == Remediations ==
-4.1.3 Run the below command (based on the file location on your system) on the each worker node.
-For example,
-chmod 644 /etc/kubernetes/proxy.conf
-
-4.1.4 Run the below command (based on the file location on your system) on the each worker node.
-For example, chown root:root /etc/kubernetes/proxy.conf
-
 4.2.6 If using a Kubelet config file, edit the file to set protectKernelDefaults: true.
 If using command line arguments, edit the kubelet service file
 /etc/systemd/system/kubelet.service.d/10-kubeadm.conf on each worker node and
@@ -291,9 +284,9 @@ systemctl restart kubelet.service
 
 
 == Summary ==
-17 checks PASS
+19 checks PASS
 1 checks FAIL
-5 checks WARN
+3 checks WARN
 0 checks INFO
 [INFO] 5 Kubernetes Policies
 [INFO] 5.1 RBAC and Service Accounts