diff --git a/linux_os/guide/system/selinux/selinux-booleans/group.yml b/linux_os/guide/system/selinux/selinux-booleans/group.yml
index b252e476d6e..0215d5ba37c 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/group.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/group.yml
@@ -2,7 +2,7 @@ documentation_complete: true
 
 title: 'SELinux - Booleans'
 
-platform: not osbuild
+platform: not osbuild and selinux
 
 description: |-
     Enable or Disable runtime customization of SELinux system policies
diff --git a/shared/applicability/oval/selinux_is_enabled.xml b/shared/applicability/oval/selinux_is_enabled.xml
new file mode 100644
index 00000000000..4c972c687af
--- /dev/null
+++ b/shared/applicability/oval/selinux_is_enabled.xml
@@ -0,0 +1,32 @@
+<def-group>
+  <definition class="inventory" id="selinux_is_enabled" version="1">
+    <metadata>
+      <title>SELinux status check</title>
+      <affected family="unix">
+        <platform>multi_platform_all</platform>
+      </affected>
+      <description>Check if System has SELinux enabled.</description>
+      <reference ref_id="cpe:/a:selinux" source="CPE" />
+    </metadata>
+    <criteria operator="AND">
+      <criterion comment="enforce is disabled" test_ref="test_etc_selinux_configured" />
+    </criteria>
+  </definition>
+
+  <ind:textfilecontent54_test check="all" check_existence="all_exist"
+  comment="/selinux/enforce is 1" id="test_etc_selinux_configured" version="1">
+    <ind:object object_ref="object_etc_selinux_configured" />
+    <ind:state state_ref="state_etc_selinux_configured" />
+  </ind:textfilecontent54_test>
+
+  <ind:textfilecontent54_object id="object_etc_selinux_configured" version="1">
+    <ind:filepath>/etc/selinux/config</ind:filepath>
+    <ind:pattern operation="pattern match">^SELINUX=(.*)$</ind:pattern>
+    <ind:instance datatype="int">1</ind:instance>
+  </ind:textfilecontent54_object>
+
+  <ind:textfilecontent54_state id="state_etc_selinux_configured" version="1">
+    <ind:subexpression datatype="string"
+      operation="pattern match">^(enforcing|permissive)$</ind:subexpression>
+  </ind:textfilecontent54_state>
+</def-group>
diff --git a/shared/applicability/selinux.yml b/shared/applicability/selinux.yml
new file mode 100644
index 00000000000..286b30e228b
--- /dev/null
+++ b/shared/applicability/selinux.yml
@@ -0,0 +1,3 @@
+name: cpe:/a:selinux
+title: SELinux enabled on system
+check_id: selinux_is_enabled