diff --git a/applications/openshift/authentication/idp_is_configured/rule.yml b/applications/openshift/authentication/idp_is_configured/rule.yml
index bc687b565d9..70231ea44be 100644
--- a/applications/openshift/authentication/idp_is_configured/rule.yml
+++ b/applications/openshift/authentication/idp_is_configured/rule.yml
@@ -64,6 +64,7 @@ identifiers:
 
 
 references:
+  bsi: APP.4.4.A3
   cis@ocp4: 3.1.1
   nerc-cip: CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1,CIP-007-3 R5.1.1,CIP-007-3 R5.1.2,CIP-007-3 R5.1.3,CIP-007-3 R5.2,CIP-007-3 R5.2.1,CIP-007-3 R5.2.3,CIP-007-3 R5.3.1,CIP-007-3 R5.3.2,CIP-007-3 R5.3.3
   nist: AC-2,AC-2(1),AC-2(2),AC-2(3),AC-2(4),AC-2(5),AC-2(6),AC-2(7),AC-2(8),AC-7,AC-12(1),IA-2(8),IA-2(9),SC-12(1)
diff --git a/controls/bsi_app_4_4.yml b/controls/bsi_app_4_4.yml
index 3ebd9a45d30..95126730e72 100644
--- a/controls/bsi_app_4_4.yml
+++ b/controls/bsi_app_4_4.yml
@@ -73,6 +73,7 @@ controls:
       - kubelet_anonymous_auth
       # Section 2
       - kubeadmin_removed
+      - idp_is_configured
       # Section 3-5
       - rbac_least_privilege
       - rbac_limit_cluster_admin