diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_enforce_for_root/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_enforce_for_root/rule.yml
index 88d5c598982c..283cb34f314c 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_enforce_for_root/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_enforce_for_root/rule.yml
@@ -12,6 +12,8 @@ rationale: |-
     able to guess the password or use a compromised password.
 
 identifiers:
+    cce@rhel8: CCE-86734-1
+    cce@rhel9: CCE-86742-4
     cce@rhel10: CCE-87591-4
 
 severity: medium
diff --git a/products/rhel8/controls/cis_rhel8.yml b/products/rhel8/controls/cis_rhel8.yml
index baab83b1e371..f5c1ec29c0ea 100644
--- a/products/rhel8/controls/cis_rhel8.yml
+++ b/products/rhel8/controls/cis_rhel8.yml
@@ -1955,10 +1955,9 @@ controls:
       levels:
           - l1_server
           - l1_workstation
-      status: planned
-      notes: |-
-          A new rule needs to be created to check and remediate the enforce_for_root option in
-          /etc/security/pwhistory.conf. accounts_password_pam_enforce_root can be used as reference.
+      status: automated
+      rules:
+          - accounts_password_pam_pwhistory_enforce_for_root
 
     - id: 4.4.3.3.3
       title: Ensure pam_pwhistory includes use_authtok (Automated)
diff --git a/products/rhel9/controls/cis_rhel9.yml b/products/rhel9/controls/cis_rhel9.yml
index 517085dc3030..6c70e353f872 100644
--- a/products/rhel9/controls/cis_rhel9.yml
+++ b/products/rhel9/controls/cis_rhel9.yml
@@ -2000,10 +2000,9 @@ controls:
       levels:
           - l1_server
           - l1_workstation
-      status: planned
-      notes: |-
-          A new rule needs to be created to check and remediate the enforce_for_root option in
-          /etc/security/pwhistory.conf. accounts_password_pam_enforce_root can be used as reference.
+      status: automated
+      rules:
+          - accounts_password_pam_pwhistory_enforce_for_root
 
     - id: 5.3.3.3.3
       title: Ensure pam_pwhistory includes use_authtok (Automated)
diff --git a/shared/references/cce-redhat-avail.txt b/shared/references/cce-redhat-avail.txt
index 9c432438d23f..3e0119fa5fdd 100644
--- a/shared/references/cce-redhat-avail.txt
+++ b/shared/references/cce-redhat-avail.txt
@@ -73,8 +73,6 @@ CCE-86713-5
 CCE-86726-7
 CCE-86728-3
 CCE-86730-9
-CCE-86734-1
-CCE-86742-4
 CCE-86743-2
 CCE-86745-7
 CCE-86752-3
diff --git a/tests/data/profile_stability/rhel8/cis.profile b/tests/data/profile_stability/rhel8/cis.profile
index e6bbde1a9106..703abee08311 100644
--- a/tests/data/profile_stability/rhel8/cis.profile
+++ b/tests/data/profile_stability/rhel8/cis.profile
@@ -14,6 +14,7 @@ accounts_password_pam_maxrepeat
 accounts_password_pam_maxsequence
 accounts_password_pam_minclass
 accounts_password_pam_minlen
+accounts_password_pam_pwhistory_enforce_for_root
 accounts_password_pam_pwhistory_remember_password_auth
 accounts_password_pam_pwhistory_remember_system_auth
 accounts_password_pam_unix_no_remember
diff --git a/tests/data/profile_stability/rhel8/cis_server_l1.profile b/tests/data/profile_stability/rhel8/cis_server_l1.profile
index c895ad5238d0..e147d96cb4d6 100644
--- a/tests/data/profile_stability/rhel8/cis_server_l1.profile
+++ b/tests/data/profile_stability/rhel8/cis_server_l1.profile
@@ -14,6 +14,7 @@ accounts_password_pam_maxrepeat
 accounts_password_pam_maxsequence
 accounts_password_pam_minclass
 accounts_password_pam_minlen
+accounts_password_pam_pwhistory_enforce_for_root
 accounts_password_pam_pwhistory_remember_password_auth
 accounts_password_pam_pwhistory_remember_system_auth
 accounts_password_pam_unix_no_remember
diff --git a/tests/data/profile_stability/rhel8/cis_workstation_l1.profile b/tests/data/profile_stability/rhel8/cis_workstation_l1.profile
index 3f536cde777f..698d5e9436f4 100644
--- a/tests/data/profile_stability/rhel8/cis_workstation_l1.profile
+++ b/tests/data/profile_stability/rhel8/cis_workstation_l1.profile
@@ -14,6 +14,7 @@ accounts_password_pam_maxrepeat
 accounts_password_pam_maxsequence
 accounts_password_pam_minclass
 accounts_password_pam_minlen
+accounts_password_pam_pwhistory_enforce_for_root
 accounts_password_pam_pwhistory_remember_password_auth
 accounts_password_pam_pwhistory_remember_system_auth
 accounts_password_pam_unix_no_remember
diff --git a/tests/data/profile_stability/rhel8/cis_workstation_l2.profile b/tests/data/profile_stability/rhel8/cis_workstation_l2.profile
index 2bcf95b9a595..1f6898850905 100644
--- a/tests/data/profile_stability/rhel8/cis_workstation_l2.profile
+++ b/tests/data/profile_stability/rhel8/cis_workstation_l2.profile
@@ -14,6 +14,7 @@ accounts_password_pam_maxrepeat
 accounts_password_pam_maxsequence
 accounts_password_pam_minclass
 accounts_password_pam_minlen
+accounts_password_pam_pwhistory_enforce_for_root
 accounts_password_pam_pwhistory_remember_password_auth
 accounts_password_pam_pwhistory_remember_system_auth
 accounts_password_pam_unix_no_remember
diff --git a/tests/data/profile_stability/rhel9/cis.profile b/tests/data/profile_stability/rhel9/cis.profile
index e7ba04ad19af..df872cb8c981 100644
--- a/tests/data/profile_stability/rhel9/cis.profile
+++ b/tests/data/profile_stability/rhel9/cis.profile
@@ -15,6 +15,7 @@ accounts_password_pam_maxrepeat
 accounts_password_pam_maxsequence
 accounts_password_pam_minclass
 accounts_password_pam_minlen
+accounts_password_pam_pwhistory_enforce_for_root
 accounts_password_pam_pwhistory_remember_password_auth
 accounts_password_pam_pwhistory_remember_system_auth
 accounts_password_pam_unix_no_remember
diff --git a/tests/data/profile_stability/rhel9/cis_server_l1.profile b/tests/data/profile_stability/rhel9/cis_server_l1.profile
index c8101f3586c9..b37f620ab667 100644
--- a/tests/data/profile_stability/rhel9/cis_server_l1.profile
+++ b/tests/data/profile_stability/rhel9/cis_server_l1.profile
@@ -14,6 +14,7 @@ accounts_password_pam_maxrepeat
 accounts_password_pam_maxsequence
 accounts_password_pam_minclass
 accounts_password_pam_minlen
+accounts_password_pam_pwhistory_enforce_for_root
 accounts_password_pam_pwhistory_remember_password_auth
 accounts_password_pam_pwhistory_remember_system_auth
 accounts_password_pam_unix_no_remember
diff --git a/tests/data/profile_stability/rhel9/cis_workstation_l1.profile b/tests/data/profile_stability/rhel9/cis_workstation_l1.profile
index 35e41ca4603d..bbc5d880730c 100644
--- a/tests/data/profile_stability/rhel9/cis_workstation_l1.profile
+++ b/tests/data/profile_stability/rhel9/cis_workstation_l1.profile
@@ -14,6 +14,7 @@ accounts_password_pam_maxrepeat
 accounts_password_pam_maxsequence
 accounts_password_pam_minclass
 accounts_password_pam_minlen
+accounts_password_pam_pwhistory_enforce_for_root
 accounts_password_pam_pwhistory_remember_password_auth
 accounts_password_pam_pwhistory_remember_system_auth
 accounts_password_pam_unix_no_remember
diff --git a/tests/data/profile_stability/rhel9/cis_workstation_l2.profile b/tests/data/profile_stability/rhel9/cis_workstation_l2.profile
index a9b64c307ab8..2189ba1a4e42 100644
--- a/tests/data/profile_stability/rhel9/cis_workstation_l2.profile
+++ b/tests/data/profile_stability/rhel9/cis_workstation_l2.profile
@@ -15,6 +15,7 @@ accounts_password_pam_maxrepeat
 accounts_password_pam_maxsequence
 accounts_password_pam_minclass
 accounts_password_pam_minlen
+accounts_password_pam_pwhistory_enforce_for_root
 accounts_password_pam_pwhistory_remember_password_auth
 accounts_password_pam_pwhistory_remember_system_auth
 accounts_password_pam_unix_no_remember