The check ocp4-cis-audit-profile-set is showing Fail state for a customer. When running the Instructions we receive the following content back.

$ oc get apiservers cluster -ojsonpath='{.spec.audit.profile}'
Default

This looks as desired and it's therefore not clear why the check is marked as Fail.

Customer is requesting clear reasoning why the check is set to fail and what is the mitigation action. That information should be part of the Instructions of the check