diff --git a/tasks/section_3/cis_3.1.x.yml b/tasks/section_3/cis_3.1.x.yml
index 98ca671..3a8e745 100644
--- a/tasks/section_3/cis_3.1.x.yml
+++ b/tasks/section_3/cis_3.1.x.yml
@@ -62,8 +62,7 @@
             mode: "0600"
             owner: root
             group: root
-        with_items:
-            - tipc
+        loop: tipc  # note the item used in the template
 
       - name: "3.1.3 | PATCH | Ensure TIPC is disabled | blacklist"
         ansible.builtin.lineinfile:
diff --git a/tasks/section_3/cis_3.4.1.x.yml b/tasks/section_3/cis_3.4.1.x.yml
index 684d0a5..e028734 100644
--- a/tasks/section_3/cis_3.4.1.x.yml
+++ b/tasks/section_3/cis_3.4.1.x.yml
@@ -21,8 +21,7 @@
         ansible.builtin.systemd:
             name: "{{ item }}"
             masked: true
-        with_items:
-            - firewalld
+        loop: firewalld
         when:
             - item in ansible_facts.packages
             - rhel9cis_firewall == 'nftables'
@@ -31,8 +30,7 @@
         ansible.builtin.systemd:
             name: "{{ item }}"
             masked: true
-        with_items:
-            - nftables
+        loop: nftables
         when:
             - item in ansible_facts.packages
             - rhel9cis_firewall == 'firewalld'
diff --git a/tasks/section_3/cis_3.4.2.x.yml b/tasks/section_3/cis_3.4.2.x.yml
index 60e769a..38c1efa 100644
--- a/tasks/section_3/cis_3.4.2.x.yml
+++ b/tasks/section_3/cis_3.4.2.x.yml
@@ -102,7 +102,7 @@
       - name: "3.4.2.3 | PATCH | Ensure nftables base chains exist | Create chains if needed"
         ansible.builtin.shell: "{{ item }}"
         failed_when: false
-        with_items:
+        loop:
             - nft create chain inet "{{ rhel9cis_nft_tables_tablename }}" input { type filter hook input priority 0 \; }
             - nft create chain inet "{{ rhel9cis_nft_tables_tablename }}" forward { type filter hook forward priority 0 \; }
             - nft create chain inet "{{ rhel9cis_nft_tables_tablename }}" output { type filter hook output priority 0 \; }
diff --git a/tasks/section_4/cis_4.3.yml b/tasks/section_4/cis_4.3.yml
index ac0078c..0038b34 100644
--- a/tasks/section_4/cis_4.3.yml
+++ b/tasks/section_4/cis_4.3.yml
@@ -23,7 +23,7 @@
             path: "{{ item.path }}"
             regexp: '^(\s*)(daily|weekly|monthly|yearly)$'
             replace: "\\1{{ rhel9cis_logrotate }}"
-        with_items:
+        loop:
             - "{{ log_rotates.files }}"
             - { path: "/etc/logrotate.conf" }
         loop_control: