diff --git a/defaults/main.yml b/defaults/main.yml
index 29da1c4..353bf87 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1305,17 +1305,17 @@ deb12cis_auditd_extra_conf:
 # Section 7 Vars
 
 # 7.1.12 Ensure no files or directories without an owner and a group exist
-deb12cis_exclude_unowned_search_path: '! -path "/run/user/*" -a ! -path "/proc/*" -a ! -path "*/containerd/*" -a ! -path "*/kubelet/pods/*" -a ! -path "*/kubelet/plugins/*" -a ! -path "/sys/fs/cgroup/memory/*" -a ! -path "/var/*/private/*"'
+deb12cis_exclude_unowned_search_path: '\( ! -path "/run/user/*" -a ! -path "/proc/*" -a ! -path "*/containerd/*" -a ! -path "*/kubelet/pods/*" -a ! -path "*/kubelet/plugins/*" -a ! -path "/sys/fs/cgroup/memory/*" -a ! -path "/var/*/private/*" \)'
 
 # Control 7.1.12
 # The value of this variable specifies the owner that will be set for unowned files and directories.
 deb12cis_unowned_owner: root
 deb12cis_ungrouped_group: root
 # This variable is a toggle for enabling/disabling the automated
-# setting of an owner (specified in variable `deb12cis_unowned_owner`)
-# for all unowned files and directories.
+# setting of an owner or group (specified in variable `deb12cis_unowned_owner`)
+# for all unowned or ungrouped files and directories.
 # Possible values are `true` and `false`.
-deb12cis_ownership_adjust: true
+deb12cis_ownership_adjust: false
 
 ## Control 7.1.13
 # This variable is a toggle for enabling/disabling the automated removal
diff --git a/tasks/section_5/cis_5.2.x.yml b/tasks/section_5/cis_5.2.x.yml
index aa70032..1452172 100644
--- a/tasks/section_5/cis_5.2.x.yml
+++ b/tasks/section_5/cis_5.2.x.yml
@@ -41,9 +41,8 @@
     - NIST800-53R5_AU-12
   ansible.builtin.lineinfile:
     path: /etc/sudoers
-    regexp: ^(Defaults\s*)logfile=
-    line: \1logfile="{{ deb12cis_sudolog_location }}"
-    backrefs: true
+    regexp: ^Defaults\s*logfile=
+    line: Defaults logfile="{{ deb12cis_sudolog_location }}"
     validate: '/usr/sbin/visudo -cf %s'
 
 - name: "5.2.4 | PATCH | Ensure users must provide password for escalation"
diff --git a/tasks/section_7/cis_7.1.x.yml b/tasks/section_7/cis_7.1.x.yml
index 93e4ed9..4d1a490 100644
--- a/tasks/section_7/cis_7.1.x.yml
+++ b/tasks/section_7/cis_7.1.x.yml
@@ -209,7 +209,7 @@
     warn_control_id: '7.1.12'
   block:
     - name: "7.1.12 | AUDIT | Ensure no files or directories without an owner and a group exist | Get list files or directories"
-      ansible.builtin.command: find ({{ deb12cis_exclude_unowned_search_path }}) {{ item.mount }} -xdev \( -nouser -o -nogroup \) -not -fstype nfs
+      ansible.builtin.command: find {{ item.mount }} -xdev -type f {{ deb12cis_exclude_unowned_search_path }} \( -nouser -o -nogroup \) -not -fstype nfs
       changed_when: false
       failed_when: false
       check_mode: false
@@ -240,7 +240,7 @@
       ansible.builtin.file:
         path: "{{ item }}"
         owner: "{{ deb12cis_unowned_owner }}"
-        group: "{{ deb12cis_unowned_group }}"
+        group: "{{ deb12cis_ungrouped_group }}"
       with_items:
         - "{{ discovered_unowned_files_flatten }}"