diff --git a/cfg/cis-1.5/master.yaml b/cfg/cis-1.5/master.yaml
index c1c0c2ce1cad681cefc2dc843db008548484a8fd..c6c949ae823a1d5bfcc37e1df8537d2d7a143cff 100644
--- a/cfg/cis-1.5/master.yaml
+++ b/cfg/cis-1.5/master.yaml
@@ -520,12 +520,18 @@ groups:
         text: "Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used (Not Scored)"
         audit: "/bin/ps -ef | grep $apiserverbin | grep -v grep"
         tests:
+          bin_op: or
           test_items:
             - flag: "--enable-admission-plugins"
               compare:
                 op: has
                 value: "SecurityContextDeny"
               set: true
+            - flag: "--enable-admission-plugins"
+              compare:
+                op: has
+                value: "PodSecurityPolicy"
+              set: true
         remediation: |
           Edit the API server pod specification file $apiserverconf
           on the master node and set the --enable-admission-plugins parameter to include