diff --git a/cfg/cis-1.5/node.yaml b/cfg/cis-1.5/node.yaml
index 1b787c368ce5ba182cad2d9af1dbcfaead2a1780..bdf0ffc28e6e1f66795cfd23f0c492a88cf25a48 100644
--- a/cfg/cis-1.5/node.yaml
+++ b/cfg/cis-1.5/node.yaml
@@ -99,7 +99,17 @@ groups:
 
       - id: 4.1.7
         text: "Ensure that the certificate authorities file permissions are set to 644 or more restrictive (Scored)"
-        types: "manual"
+        audit: |
+          CAFILE=$(ps -ef | grep kubelet | grep -v apiserver | grep -- --client-ca-file= | awk -F '--client-ca-file=' '{print $2}' | awk '{print $1}')
+          if test -z $CAFILE; then CAFILE=$kubeletcafile; fi
+          if test -e $CAFILE; then stat -c permissions=%a $CAFILE; fi
+        tests:
+          test_items:
+            - flag: "permissions"
+              set: true
+              compare:
+                op: bitmask
+                value: "644"
         remediation: |
           Run the following command to modify the file permissions of the
           --client-ca-file chmod 644 <filename>
diff --git a/integration/testdata/cis-1.5/job-node.data b/integration/testdata/cis-1.5/job-node.data
index 5de99b8f92ca9f83e4c2e7892318a32f8e6b690e..843a24755bc3d78de376991f94a3f5467787d111 100644
--- a/integration/testdata/cis-1.5/job-node.data
+++ b/integration/testdata/cis-1.5/job-node.data
@@ -6,7 +6,7 @@
 [FAIL] 4.1.4 Ensure that the proxy kubeconfig file ownership is set to root:root (Scored)
 [PASS] 4.1.5 Ensure that the kubelet.conf file permissions are set to 644 or more restrictive (Scored)
 [PASS] 4.1.6 Ensure that the kubelet.conf file ownership is set to root:root (Scored)
-[WARN] 4.1.7 Ensure that the certificate authorities file permissions are set to 644 or more restrictive (Scored)
+[PASS] 4.1.7 Ensure that the certificate authorities file permissions are set to 644 or more restrictive (Scored)
 [PASS] 4.1.8 Ensure that the client certificate authorities file ownership is set to root:root (Scored)
 [PASS] 4.1.9 Ensure that the kubelet configuration file has permissions set to 644 or more restrictive (Scored)
 [PASS] 4.1.10 Ensure that the kubelet configuration file ownership is set to root:root (Scored)
@@ -33,7 +33,6 @@ chmod 644 /etc/kubernetes/proxy.conf
 4.1.4 Run the below command (based on the file location on your system) on the each worker node.
 For example, chown root:root /etc/kubernetes/proxy.conf
 
-4.1.7 audit test did not run: There are no tests
 4.2.4 If using a Kubelet config file, edit the file to set readOnlyPort to 0.
 If using command line arguments, edit the kubelet service file
 /etc/systemd/system/kubelet.service.d/10-kubeadm.conf on each worker node and
@@ -81,7 +80,7 @@ systemctl restart kubelet.service
 
 
 == Summary ==
-15 checks PASS
+16 checks PASS
 6 checks FAIL
-2 checks WARN
+1 checks WARN
 0 checks INFO
diff --git a/integration/testdata/cis-1.5/job.data b/integration/testdata/cis-1.5/job.data
index 48001695ac71f08f1e0f372ac3dc7fdce658a933..a11293c4561c8db5c1f0feb38a76783566f61345 100644
--- a/integration/testdata/cis-1.5/job.data
+++ b/integration/testdata/cis-1.5/job.data
@@ -231,7 +231,7 @@ minimum.
 [FAIL] 4.1.4 Ensure that the proxy kubeconfig file ownership is set to root:root (Scored)
 [PASS] 4.1.5 Ensure that the kubelet.conf file permissions are set to 644 or more restrictive (Scored)
 [PASS] 4.1.6 Ensure that the kubelet.conf file ownership is set to root:root (Scored)
-[WARN] 4.1.7 Ensure that the certificate authorities file permissions are set to 644 or more restrictive (Scored)
+[PASS] 4.1.7 Ensure that the certificate authorities file permissions are set to 644 or more restrictive (Scored)
 [PASS] 4.1.8 Ensure that the client certificate authorities file ownership is set to root:root (Scored)
 [PASS] 4.1.9 Ensure that the kubelet configuration file has permissions set to 644 or more restrictive (Scored)
 [PASS] 4.1.10 Ensure that the kubelet configuration file ownership is set to root:root (Scored)
@@ -258,7 +258,6 @@ chmod 644 /etc/kubernetes/proxy.conf
 4.1.4 Run the below command (based on the file location on your system) on the each worker node.
 For example, chown root:root /etc/kubernetes/proxy.conf
 
-4.1.7 audit test did not run: There are no tests
 4.2.4 If using a Kubelet config file, edit the file to set readOnlyPort to 0.
 If using command line arguments, edit the kubelet service file
 /etc/systemd/system/kubelet.service.d/10-kubeadm.conf on each worker node and
@@ -306,9 +305,9 @@ systemctl restart kubelet.service
 
 
 == Summary ==
-15 checks PASS
+16 checks PASS
 6 checks FAIL
-2 checks WARN
+1 checks WARN
 0 checks INFO
 [INFO] 5 Kubernetes Policies
 [INFO] 5.1 RBAC and Service Accounts