diff --git a/content/en/docs/tasks/policy-enforcement/enabling-policy/index.md b/content/en/docs/tasks/policy-enforcement/enabling-policy/index.md
index 917cf672e4..ee0752c484 100644
--- a/content/en/docs/tasks/policy-enforcement/enabling-policy/index.md
+++ b/content/en/docs/tasks/policy-enforcement/enabling-policy/index.md
@@ -10,7 +10,7 @@ This task shows you how to enable Istio policy enforcement.
 ## At install time
 
 In the default Istio installation profile, policy enforcement is disabled. To install Istio
-with policy enforcement on, use the `--set values.global.disablePolicyChecks=false` install option.
+with policy enforcement on, use the `--set values.global.disablePolicyChecks=false` and `--set values.pilot.policy.enabled=true` install option.
 
 Alternatively, you may [install Istio using the demo profile](/docs/setup/getting-started/),
 which enables policy checks by default.
@@ -26,13 +26,13 @@ which enables policy checks by default.
 
     If policy enforcement is enabled (`disablePolicyChecks` is false), no further action is needed.
 
-1. Edit the `istio` configmap to enable policy checks.
+1. Update the `istio` configuration to enable policy checks.
 
     Execute the following command from the root Istio directory:
 
     {{< text bash >}}
-    $ istioctl manifest apply --set values.global.disablePolicyChecks=false
-    configmap "istio" replaced
+    $ istioctl manifest apply --set values.global.disablePolicyChecks=false --set values.pilot.policy.enabled=true
+    configuration "istio" replaced
     {{< /text >}}
 
 1. Validate that policy enforcement is now enabled.