diff --git a/file/audit/fortigate/remote-auth-timeout.yaml b/file/audit/fortigate/remote-auth-timeout.yaml
index b2538b9722..fdf19cbb5f 100644
--- a/file/audit/fortigate/remote-auth-timeout.yaml
+++ b/file/audit/fortigate/remote-auth-timeout.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   description: Lack of Inactivity Timeout gives the unauthorized user to act within that threshold if the administrator is away from the computer.
   reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
-  tags: fortigate,config,audit,firewall
+  tags: audit,config,file,firewall,fortigate
 
 file:
   - extensions:
@@ -24,4 +24,4 @@ file:
           - "config system"
           - "config router"
           - "config firewall"
-        condition: or
\ No newline at end of file
+        condition: or