diff --git a/Changelog.md b/Changelog.md
index 4d9dc7c..d4b1b78 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -6,7 +6,7 @@
 - addressed issue #393 thank you to @fragglexarmy
 - addressed issue #394 thank you to @dbeuker
 - addressed issues #390 and #391 thanks to @polski-g
-- addressed issue #398 thanks to trumbaut
+- addressed issue #398 & #399 thanks to trumbaut
 - Added max-concurrent options for audit
 - work flow updates
 - audit logic improvements
diff --git a/tasks/section_5/cis_5.1.x.yml b/tasks/section_5/cis_5.1.x.yml
index 42ca036..dc450ea 100644
--- a/tasks/section_5/cis_5.1.x.yml
+++ b/tasks/section_5/cis_5.1.x.yml
@@ -41,8 +41,8 @@
       ansible.builtin.file:
         path: "{{ item.path }}"
         owner: root
-        group: root
-        mode: 'u-x,go-rwx'
+        group: "{{ 'ssh_keys' if (item.gr_name == 'ssh_keys') else 'root' }}"
+        mode: "{{ 'u-x,g-wx,o-rwx' if (item.gr_name == 'ssh_keys') else 'u-x,go-rwx' }}"
       loop: "{{ discovered_ssh_private_host_key.files }}"
       loop_control:
         label: "{{ item.path }}"