diff --git a/applications/openshift/scc/scc_limit_container_allowed_capabilities/rule.yml b/applications/openshift/scc/scc_limit_container_allowed_capabilities/rule.yml
index 2fd0ad6e779a..47a67f621b2c 100644
--- a/applications/openshift/scc/scc_limit_container_allowed_capabilities/rule.yml
+++ b/applications/openshift/scc/scc_limit_container_allowed_capabilities/rule.yml
@@ -25,10 +25,10 @@ description: |-
     spec:
       description: Allows an additional scc
       setValues:
-      - name: upstream-ocp4-var-sccs-with-allowed-capabilities-regex
+      - name: ocp4-var-sccs-with-allowed-capabilities-regex
         rationale: Allow our own custom SCC
         value: ^privileged$|^hostnetwork-v2$|^restricted-v2$|^nonroot-v2$|^additional$
-      extends: upstream-ocp4-cis
+      extends: ocp4-cis
       title: Modified CIS allowing one more SCC
     </pre>
     <p>
@@ -65,7 +65,7 @@ ocil: |-
     check the variable value, e.g:
     <pre>$ oc get variable ocp4-var-sccs-with-allowed-capabilities-regex  -ojsonpath='{.value}' </pre>
     Then use following command to list the SCCs that would fail the test:
-    <pre>$ oc get scc -o json | jq '{{{ jqfilter }}}'</pre>
+    <tt>{{{ ocil_oc_pipe_jq_filter('scc', networkpolicies_for_non_ctlplane_namespaces_filter) }}}</tt>
     Please replace the regular expression in the test command with the value read from the variable
     <pre>ocp4-var-sccs-with-allowed-capabilities-regex</pre>. You can read the variable
     value with: