diff --git a/tasks/section_5/cis_5.3.x.yml b/tasks/section_5/cis_5.3.x.yml
index 823d142..fc62baf 100644
--- a/tasks/section_5/cis_5.3.x.yml
+++ b/tasks/section_5/cis_5.3.x.yml
@@ -48,8 +48,7 @@
       regexp: '^([^#|{% if system_is_ec2 %}ec2-user{% endif %}].*)NOPASSWD(.*)'
       replace: '\1PASSWD\2'
       validate: '/usr/sbin/visudo -cf %s'
-  with_items:
-      - "{{ rhel9cis_sudoers_files.stdout_lines }}"
+  loop: "{{ rhel9cis_sudoers_files.stdout_lines }}"
   when:
       - rhel9cis_rule_5_3_4
   tags:
@@ -65,8 +64,7 @@
       regexp: '^([^#].*)!authenticate(.*)'
       replace: '\1authenticate\2'
       validate: '/usr/sbin/visudo -cf %s'
-  with_items:
-      - "{{ rhel9cis_sudoers_files.stdout_lines }}"
+  loop: "{{ rhel9cis_sudoers_files.stdout_lines }}"
   when:
       - rhel9cis_rule_5_3_5
   tags:
@@ -98,8 +96,7 @@
             regexp: 'timestamp_timeout=(\d+)'
             replace: "timestamp_timeout={{ rhel9cis_sudo_timestamp_timeout }}"
             validate: '/usr/sbin/visudo -cf %s'
-        with_items:
-            - "{{ rhel9cis_5_3_6_timeout_files.stdout_lines }}"
+        loop: "{{ rhel9cis_5_3_6_timeout_files.stdout_lines }}"
         when: rhel9cis_5_3_6_timeout_files.stdout | length > 0
   when:
       - rhel9cis_rule_5_3_6
diff --git a/tasks/section_5/cis_5.5.x.yml b/tasks/section_5/cis_5.5.x.yml
index 51c18f9..64ecd18 100644
--- a/tasks/section_5/cis_5.5.x.yml
+++ b/tasks/section_5/cis_5.5.x.yml
@@ -7,7 +7,7 @@
             path: /etc/security/pwquality.conf
             regexp: ^{{ item.name }}
             line: "{{ item.name }} = {{ item.value }}"
-        with_items:
+        loop:
             - { name: minlen, value: "{{ rhel9cis_pam_password.minlen }}" }
             - { name: minclass, value: "{{ rhel9cis_pam_password.minclass }}" }
 
@@ -37,7 +37,7 @@
       path: /etc/security/faillock.conf
       regexp: "{{ item.regexp }}"
       line: "{{ item.line }}"
-  with_items:
+  loop:
       - { regexp: '^\s*deny\s*=\s*[1-5]\b', line: 'deny = 5' }
       - { regexp: '^\s*unlock_time\s*=\s*(0|9[0-9][0-9]|[1-9][0-9][0-9][0-9]+)\b', line: 'unlock_time = 900' }
   when:
diff --git a/tasks/section_5/cis_5.6.1.x.yml b/tasks/section_5/cis_5.6.1.x.yml
index 1f6b691..141c013 100644
--- a/tasks/section_5/cis_5.6.1.x.yml
+++ b/tasks/section_5/cis_5.6.1.x.yml
@@ -63,8 +63,7 @@
 
       - name: "5.6.1.4 | PATCH | Ensure inactive password lock is 30 days or less | Apply Inactive setting to existing accounts"
         ansible.builtin.shell: chage --inactive {{ rhel9cis_inactivelock.lock_days }} "{{ item }}"
-        with_items:
-            - "{{ rhel9cis_5_6_1_4_user_list.stdout_lines }}"
+        loop: "{{ rhel9cis_5_6_1_4_user_list.stdout_lines }}"
   when:
       - rhel9cis_rule_5_6_1_4
   tags:
@@ -108,8 +107,7 @@
         when:
             - rhel9cis_5_6_1_5_user_list.stdout | length > 0
             - rhel9cis_futurepwchgdate_autofix
-        with_items:
-            - "{{ rhel9cis_5_6_1_5_user_list.stdout_lines }}"
+        loop: "{{ rhel9cis_5_6_1_5_user_list.stdout_lines }}"
   vars:
       warn_control_id: '5.6.1.5'
   when:
diff --git a/tasks/section_5/cis_5.6.x.yml b/tasks/section_5/cis_5.6.x.yml
index 6100b0b..f03e213 100644
--- a/tasks/section_5/cis_5.6.x.yml
+++ b/tasks/section_5/cis_5.6.x.yml
@@ -6,8 +6,7 @@
         ansible.builtin.user:
             name: "{{ item.id }}"
             shell: /usr/sbin/nologin
-        with_items:
-            - "{{ rhel9cis_passwd }}"
+        loop: "{{ rhel9cis_passwd }}"
         when:
             - item.id != "root"
             - item.id != "sync"