diff --git a/cfg/cis-1.6/master.yaml b/cfg/cis-1.6/master.yaml
index b1bf0b5..8f07ced 100644
--- a/cfg/cis-1.6/master.yaml
+++ b/cfg/cis-1.6/master.yaml
@@ -254,7 +254,7 @@ groups:
         use_multiple_values: true
         tests:
           test_items:
-            - flag: "root root"
+            - flag: "root:root"
         remediation: |
           Run the below command (based on the file location on your system) on the master node.
           For example,
diff --git a/integration/testdata/cis-1.6/job-master.data b/integration/testdata/cis-1.6/job-master.data
index f4ddebf..ffdc510 100644
--- a/integration/testdata/cis-1.6/job-master.data
+++ b/integration/testdata/cis-1.6/job-master.data
@@ -18,7 +18,7 @@
 [PASS] 1.1.16 Ensure that the scheduler.conf file ownership is set to root:root (Automated)
 [PASS] 1.1.17 Ensure that the controller-manager.conf file permissions are set to 644 or more restrictive (Automated)
 [PASS] 1.1.18 Ensure that the controller-manager.conf file ownership is set to root:root (Automated)
-[FAIL] 1.1.19 Ensure that the Kubernetes PKI directory and file ownership is set to root:root (Automated)
+[PASS] 1.1.19 Ensure that the Kubernetes PKI directory and file ownership is set to root:root (Automated)
 [PASS] 1.1.20 Ensure that the Kubernetes PKI certificate file permissions are set to 644 or more restrictive (Manual)
 [PASS] 1.1.21 Ensure that the Kubernetes PKI key file permissions are set to 600 (Manual)
 [INFO] 1.2 API Server
@@ -84,10 +84,6 @@ ps -ef | grep etcd
 Run the below command (based on the etcd data directory found above).
 For example, chown etcd:etcd /var/lib/etcd
 
-1.1.19 Run the below command (based on the file location on your system) on the master node.
-For example,
-chown -R root:root /etc/kubernetes/pki/
-
 1.2.1 Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml
 on the master node and set the below parameter.
 --anonymous-auth=false
@@ -177,7 +173,7 @@ on the master node and set the below parameter.
 
 
 == Summary ==
-43 checks PASS
-12 checks FAIL
+44 checks PASS
+11 checks FAIL
 10 checks WARN
 0 checks INFO
diff --git a/integration/testdata/cis-1.6/job.data b/integration/testdata/cis-1.6/job.data
index 5b809d7..04a1c55 100644
--- a/integration/testdata/cis-1.6/job.data
+++ b/integration/testdata/cis-1.6/job.data
@@ -18,7 +18,7 @@
 [PASS] 1.1.16 Ensure that the scheduler.conf file ownership is set to root:root (Automated)
 [PASS] 1.1.17 Ensure that the controller-manager.conf file permissions are set to 644 or more restrictive (Automated)
 [PASS] 1.1.18 Ensure that the controller-manager.conf file ownership is set to root:root (Automated)
-[FAIL] 1.1.19 Ensure that the Kubernetes PKI directory and file ownership is set to root:root (Automated)
+[PASS] 1.1.19 Ensure that the Kubernetes PKI directory and file ownership is set to root:root (Automated)
 [PASS] 1.1.20 Ensure that the Kubernetes PKI certificate file permissions are set to 644 or more restrictive (Manual)
 [PASS] 1.1.21 Ensure that the Kubernetes PKI key file permissions are set to 600 (Manual)
 [INFO] 1.2 API Server
@@ -84,10 +84,6 @@ ps -ef | grep etcd
 Run the below command (based on the etcd data directory found above).
 For example, chown etcd:etcd /var/lib/etcd
 
-1.1.19 Run the below command (based on the file location on your system) on the master node.
-For example,
-chown -R root:root /etc/kubernetes/pki/
-
 1.2.1 Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml
 on the master node and set the below parameter.
 --anonymous-auth=false
@@ -177,8 +173,8 @@ on the master node and set the below parameter.
 
 
 == Summary ==
-43 checks PASS
-12 checks FAIL
+44 checks PASS
+11 checks FAIL
 10 checks WARN
 0 checks INFO
 [INFO] 2 Etcd Node Configuration