diff --git a/tasks/section_4/cis_4.1.2.x.yml b/tasks/section_4/cis_4.1.2.x.yml
index 0eec0b2..afad08b 100644
--- a/tasks/section_4/cis_4.1.2.x.yml
+++ b/tasks/section_4/cis_4.1.2.x.yml
@@ -5,6 +5,7 @@
       path: /etc/audit/auditd.conf
       regexp: "^max_log_file( |=)"
       line: "max_log_file = {{ rhel9cis_max_log_file_size }}"
+  register: rule_4_1_2_1
   notify: restart auditd
   when:
       - rhel9cis_rule_4_1_2_1
@@ -21,6 +22,7 @@
       path: /etc/audit/auditd.conf
       regexp: "^max_log_file_action"
       line: "max_log_file_action = {{ rhel9cis_auditd['max_log_file_action'] }}"
+  register: rule_4_1_2_2
   notify: restart auditd
   when:
       - rhel9cis_rule_4_1_2_2
@@ -37,6 +39,7 @@
       path: /etc/audit/auditd.conf
       regexp: "{{ item.regexp }}"
       line: "{{ item.line }}"
+  register: rule_4_1_2_3
   notify: restart auditd
   with_items:
       - { regexp: '^admin_space_left_action', line: 'admin_space_left_action = {{ rhel9cis_auditd.admin_space_left_action }}' }
diff --git a/tasks/section_4/cis_4.1.3.x.yml b/tasks/section_4/cis_4.1.3.x.yml
index 0c39267..c05b93c 100644
--- a/tasks/section_4/cis_4.1.3.x.yml
+++ b/tasks/section_4/cis_4.1.3.x.yml
@@ -1,10 +1,8 @@
 ---
 
 - name: "4.1.3.1 | PATCH | Ensure changes to system administration scope (sudoers) is collected"
-  debug:
-      msg: "Control being set via Handler 'update auditd' which writes to /etc/audit.d/99_auditd.rules"
-  changed_when: true
-  notify: update auditd
+  set_fact:
+      update_audit_template: true
   when:
       - rhel9cis_rule_4_1_3_1
   tags:
@@ -16,10 +14,8 @@
       - rule_4.1.3.1
 
 - name: "4.1.3.2 | PATCH | Ensure actions as another user are always logged"
-  debug:
-      msg: "Control being set via Handler 'update auditd' which writes to /etc/audit.d/99_auditd.rules"
-  changed_when: true
-  notify: update auditd
+  set_fact:
+      update_audit_template: true
   when:
       - rhel9cis_rule_4_1_3_2
   tags:
@@ -31,10 +27,8 @@
       - rule_4.1.3.2
 
 - name: "4.1.3.3 | PATCH | Ensure events that modify the sudo log file are collected"
-  debug:
-      msg: "Control being set via Handler 'update auditd' which writes to /etc/audit.d/99_auditd.rules"
-  changed_when: true
-  notify: update auditd
+  set_fact:
+      update_audit_template: true
   when:
       - rhel9cis_rule_4_1_3_3
   tags:
@@ -46,10 +40,8 @@
       - rule_4.1.3.3
 
 - name: "4.1.3.4 | PATCH | Ensure events that modify date and time information are collected"
-  debug:
-      msg: "Control being set via Handler 'update auditd' which writes to /etc/audit.d/99_auditd.rules"
-  changed_when: true
-  notify: update auditd
+  set_fact:
+      update_audit_template: true
   when:
       - rhel9cis_rule_4_1_3_4
   tags:
@@ -61,10 +53,8 @@
       - rule_4.1.3.4
 
 - name: "4.1.3.5 | PATCH | Ensure events that modify the system's network environment are collected"
-  debug:
-      msg: "Control being set via Handler 'update auditd' which writes to /etc/audit.d/99_auditd.rules"
-  changed_when: true
-  notify: update auditd
+  set_fact:
+      update_audit_template: true
   when:
       - rhel9cis_rule_4_1_3_5
   tags:
@@ -85,9 +75,8 @@
         register: priv_procs
 
       - name: "4.1.3.6 | PATCH | Ensure use of privileged commands is collected"
-        debug:
-            msg: "Control being set via Handler 'update auditd' which writes to /etc/audit.d/99_auditd.rules"
-        changed_when: true
+        set_fact:
+            update_audit_template: true
         notify: update auditd
   when:
       - rhel9cis_rule_4_1_3_6
@@ -100,10 +89,8 @@
       - rule_4.1.3.6
 
 - name: "4.1.3.7 | PATCH | Ensure unsuccessful unauthorized file access attempts are collected"
-  debug:
-      msg: "Control being set via Handler 'update auditd' which writes to /etc/audit.d/99_auditd.rules"
-  changed_when: true
-  notify: update auditd
+  set_fact:
+      update_audit_template: true
   when:
       - rhel9cis_rule_4_1_3_7
   tags:
@@ -115,10 +102,8 @@
       - rule_4.1.3_7
 
 - name: "4.1.3.8 | PATCH | Ensure events that modify user/group information are collected"
-  debug:
-      msg: "Control being set via Handler 'update auditd' which writes to /etc/audit.d/99_auditd.rules"
-  changed_when: true
-  notify: update auditd
+  set_fact:
+      update_audit_template: true
   when:
       - rhel9cis_rule_4_1_3_8
   tags:
@@ -130,10 +115,8 @@
       - rule_4.1.3.8
 
 - name: "4.1.3.9 | PATCH | Ensure discretionary access control permission modification events are collected"
-  debug:
-      msg: "Control being set via Handler 'update auditd' which writes to /etc/audit.d/99_auditd.rules"
-  changed_when: true
-  notify: update auditd
+  set_fact:
+      update_audit_template: true
   when:
       - rhel9cis_rule_4_1_3_9
   tags:
@@ -145,10 +128,8 @@
       - rule_4.1.3.9
 
 - name: "4.1.3.10 | PATCH | Ensure successful file system mounts are collected"
-  debug:
-      msg: "Control being set via Handler 'update auditd' which writes to /etc/audit.d/99_auditd.rules"
-  changed_when: true
-  notify: update auditd
+  set_fact:
+      update_audit_template: true
   when:
       - rhel9cis_rule_4_1_3_10
   tags:
@@ -160,10 +141,8 @@
       - rule_4.1.3.10
 
 - name: "4.1.3.11 | PATCH | Ensure session initiation information is collected"
-  debug:
-      msg: "Control being set via Handler 'update auditd' which writes to /etc/audit.d/99_auditd.rules"
-  changed_when: true
-  notify: update auditd
+  set_fact:
+      update_audit_template: true
   when:
       - rhel9cis_rule_4_1_3_11
   tags:
@@ -175,10 +154,8 @@
       - rule_4.1.3.11
 
 - name: "4.1.3.12 | PATCH | Ensure login and logout events are collected"
-  debug:
-      msg: "Control being set via Handler 'update auditd' which writes to /etc/audit.d/99_auditd.rules"
-  changed_when: true
-  notify: update auditd
+  set_fact:
+      update_audit_template: true
   when:
       - rhel9cis_rule_4_1_3_12
   tags:
@@ -190,10 +167,8 @@
       - rule_4.1.3.12
 
 - name: "4.1.3.13 | PATCH | Ensure file deletion events by users are collected"
-  debug:
-      msg: "Control being set via Handler 'update auditd' which writes to /etc/audit.d/99_auditd.rules"
-  changed_when: true
-  notify: update auditd
+  set_fact:
+      update_audit_template: true
   when:
       - rhel9cis_rule_4_1_3_13
   tags:
@@ -204,10 +179,8 @@
       - rule_4.1.3.13
 
 - name: "4.1.3.14 | PATCH | Ensure events that modify the system's Mandatory Access Controls are collected"
-  debug:
-      msg: "Control being set via Handler 'update auditd' which writes to /etc/audit.d/99_auditd.rules"
-  changed_when: true
-  notify: update auditd
+  set_fact:
+      update_audit_template: true
   when:
       - rhel9cis_rule_4_1_3_14
   tags:
@@ -219,10 +192,8 @@
       - rule_4.1.3.14
 
 - name: "4.1.3.15 | PATCH | Ensure successful and unsuccessful attempts to use the chcon command are recorded"
-  debug:
-      msg: "Control being set via Handler 'update auditd' which writes to /etc/audit.d/99_auditd.rules"
-  changed_when: true
-  notify: update auditd
+  set_fact:
+      update_audit_template: true
   when:
       - rhel9cis_rule_4_1_3_15
   tags:
@@ -234,10 +205,8 @@
       - rule_4.1.3.15
 
 - name: "4.1.3.16 | PATCH | Ensure successful and unsuccessful attempts to use the setfacl command are recorded"
-  debug:
-      msg: "Control being set via Handler 'update auditd' which writes to /etc/audit.d/99_auditd.rules"
-  changed_when: true
-  notify: update auditd
+  set_fact:
+      update_audit_template: true
   when:
       - rhel9cis_rule_4_1_3_16
   tags:
@@ -249,10 +218,8 @@
       - rule_4.1.3.16
 
 - name: "4.1.3.17 | PATCH | Ensure successful and unsuccessful attempts to use the chacl command are recorded"
-  debug:
-      msg: "Control being set via Handler 'update auditd' which writes to /etc/audit.d/99_auditd.rules"
-  changed_when: true
-  notify: update auditd
+  set_fact:
+      update_audit_template: true
   when:
       - rhel9cis_rule_4_1_3_17
   tags:
@@ -264,10 +231,8 @@
       - rule_4.1.3.17
 
 - name: "4.1.3.18 | PATCH | Ensure successful and unsuccessful attempts to use the usermod command are recorded"
-  debug:
-      msg: "Control being set via Handler 'update auditd' which writes to /etc/audit.d/99_auditd.rules"
-  changed_when: true
-  notify: update auditd
+  set_fact:
+      update_audit_template: true
   when:
       - rhel9cis_rule_4_1_3_18
   tags:
@@ -279,10 +244,8 @@
       - rule_4.1.3.18
 
 - name: "4.1.3.19 | PATCH | Ensure kernel module loading and unloading is collected"
-  debug:
-      msg: "Control being set via Handler 'update auditd' which writes to /etc/audit.d/99_auditd.rules"
-  changed_when: true
-  notify: update auditd
+  set_fact:
+      update_audit_template: true
   when:
       - rhel9cis_rule_4_1_3_19
   tags:
@@ -294,10 +257,8 @@
       - rule_4.1.3.19
 
 - name: "4.1.3.20 | PATCH | Ensure the audit configuration is immutable"
-  debug:
-      msg: "Control being set via Handler 'update auditd' which writes to /etc/audit.d/99_auditd.rules"
-  changed_when: true
-  notify: update auditd
+  set_fact:
+      update_audit_template: true
   when:
       - rhel9cis_rule_4_1_3_20
   tags:
@@ -321,3 +282,10 @@
       - patch
       - auditd
       - rule_4.1.3.21
+
+- name: Auditd | 4.1.3 | Auditd controls updated
+  debug:
+      msg: "Auditd Controls handled in POST using template - updating /etc/auditd/rules.d/99_auditd.rules"
+  changed_when: false
+  when:
+      - update_audit_template