diff --git a/doc/metadata/rhel7/RHEL-07-020840.rst b/doc/metadata/rhel7/RHEL-07-020840.rst
index e221d96f..0b71a0b7 100644
--- a/doc/metadata/rhel7/RHEL-07-020840.rst
+++ b/doc/metadata/rhel7/RHEL-07-020840.rst
@@ -1,7 +1,13 @@
 ---
 id: RHEL-07-020840
-status: not implemented
-tag: misc
+status: exception - manual intervention
+tag: file_perms
 ---
 
-This STIG requirement is not yet implemented.
+Although the STIG requires that all initialization files for interactive users
+have proper owners, group owners, and permissions, these changes are often
+disruptive for users. The tasks in the security role do not make any changes
+to user initialization files.
+
+Deployers should review the content and discretionary access controls applied
+to each user's initialization files in their home directory.
diff --git a/doc/metadata/rhel7/RHEL-07-020850.rst b/doc/metadata/rhel7/RHEL-07-020850.rst
index f8558815..ea1480cf 100644
--- a/doc/metadata/rhel7/RHEL-07-020850.rst
+++ b/doc/metadata/rhel7/RHEL-07-020850.rst
@@ -1,7 +1,13 @@
 ---
 id: RHEL-07-020850
-status: not implemented
-tag: misc
+status: exception - manual intervention
+tag: file_perms
 ---
 
-This STIG requirement is not yet implemented.
+Although the STIG requires that all initialization files for interactive users
+have proper owners, group owners, and permissions, these changes are often
+disruptive for users. The tasks in the security role do not make any changes
+to user initialization files.
+
+Deployers should review the content and discretionary access controls applied
+to each user's initialization files in their home directory.
diff --git a/doc/metadata/rhel7/RHEL-07-020860.rst b/doc/metadata/rhel7/RHEL-07-020860.rst
index 5f0b570e..7d1ee93e 100644
--- a/doc/metadata/rhel7/RHEL-07-020860.rst
+++ b/doc/metadata/rhel7/RHEL-07-020860.rst
@@ -1,7 +1,13 @@
 ---
 id: RHEL-07-020860
-status: not implemented
-tag: misc
+status: exception - manual intervention
+tag: file_perms
 ---
 
-This STIG requirement is not yet implemented.
+Although the STIG requires that all initialization files for interactive users
+have proper owners, group owners, and permissions, these changes are often
+disruptive for users. The tasks in the security role do not make any changes
+to user initialization files.
+
+Deployers should review the content and discretionary access controls applied
+to each user's initialization files in their home directory.