If you set a setting higher than CIS recommends, it is marked as noncompliant. It should be marked as compliant. For example, auditing. If CIS requires only failures, but you audit Successes and failures, it should be set to compliant.