diff --git a/content/en/docs/concepts/security/security-checklist.md b/content/en/docs/concepts/security/security-checklist.md
index 026683ff4c404..bcdacde86e2e8 100644
--- a/content/en/docs/concepts/security/security-checklist.md
+++ b/content/en/docs/concepts/security/security-checklist.md
@@ -38,9 +38,8 @@ evaluated on its merits.
   years in the future.
 - [ ] A process exists for periodic access review, and reviews occur no more
   than 24 months apart.
-
-See the [Role Based Access Control Good Practices](/docs/concepts/security/rbac-good-practices/)
-for guidance related to authentication and authorization.
+- [ ] The [Role Based Access Control Good Practices](/docs/concepts/security/rbac-good-practices/)
+  is followed for guidance related to authentication and authorization.
 
 After bootstrapping, neither users nor components should authenticate to the
 Kubernetes API as `system:masters`. Similarly, running all of