diff --git a/src/public/Test-MtCaHasDeviceCompliance.ps1 b/src/public/Test-MtCaHasDeviceCompliance.ps1
index a5193f2f..c4d33237 100644
--- a/src/public/Test-MtCaHasDeviceCompliance.ps1
+++ b/src/public/Test-MtCaHasDeviceCompliance.ps1
@@ -23,7 +23,7 @@ Function Test-MtCaHasDeviceCompliance {
 
   $policies = Get-MtConditionalAccessPolicies
 
-  $result = & { Set-StrictMode -Off; $policies.value.grantcontrols.builtincontrols -contains 'compliantDevice' }
+  $result = & { Set-StrictMode -Off; $policies.value.grantcontrols.builtincontrols -contains 'compliantDevice' -and $pol.value.state -eq 'enabled' }
   return $result
 
 }
\ No newline at end of file
diff --git a/tests/Identity/Test-ConditionalAccessBaseline.Tests.ps1 b/tests/Identity/Test-ConditionalAccessBaseline.Tests.ps1
index ec837d78..020cddca 100644
--- a/tests/Identity/Test-ConditionalAccessBaseline.Tests.ps1
+++ b/tests/Identity/Test-ConditionalAccessBaseline.Tests.ps1
@@ -3,11 +3,11 @@ BeforeDiscovery {
 }
 
 BeforeAll {
-
+    $policies = Get-MtConditionalAccessPolicies
 }
 
 Describe "Conditional Access Baseline Policies" -Tag "CA", "Security", "All" {
     It "ID1001: At least one Conditional Access policy is configured with device compliance" {
-        Test-MtCaHasDeviceCompliance | Should -Be $true
+        Test-MtCaHasDeviceCompliance $policies | Should -Be $true
     }
 }