diff --git a/pkg/security/risks/builtin/missing_hardening_rule.go b/pkg/security/risks/builtin/missing_hardening_rule.go
index ccacb4a7..8ff057e5 100644
--- a/pkg/security/risks/builtin/missing_hardening_rule.go
+++ b/pkg/security/risks/builtin/missing_hardening_rule.go
@@ -47,11 +47,13 @@ func (r *MissingHardeningRule) GenerateRisks(input *types.Model) ([]*types.Risk,
 	risks := make([]*types.Risk, 0)
 	for _, id := range input.SortedTechnicalAssetIDs() {
 		technicalAsset := input.TechnicalAssets[id]
-		if !technicalAsset.OutOfScope {
-			if technicalAsset.RAA >= float64(r.raaLimit) || (technicalAsset.RAA >= float64(r.raaLimitReduced) &&
+		if technicalAsset.OutOfScope {
+			continue
+		}
+		if technicalAsset.RAA >= float64(r.raaLimit) ||
+			(technicalAsset.RAA >= float64(r.raaLimitReduced) &&
 				(technicalAsset.Type == types.Datastore || technicalAsset.Technologies.GetAttribute(types.IsHighValueTarget))) {
-				risks = append(risks, r.createRisk(input, technicalAsset))
-			}
+			risks = append(risks, r.createRisk(input, technicalAsset))
 		}
 	}
 	return risks, nil
diff --git a/pkg/security/risks/builtin/missing_hardening_rule_test.go b/pkg/security/risks/builtin/missing_hardening_rule_test.go
index 84df176f..f6a98959 100644
--- a/pkg/security/risks/builtin/missing_hardening_rule_test.go
+++ b/pkg/security/risks/builtin/missing_hardening_rule_test.go
@@ -16,6 +16,22 @@ func TestMissingHardeningRuleGenerateRisksEmptyModelNotRisksCreated(t *testing.T
 	assert.Empty(t, risks)
 }
 
+func TestMissingHardeningRuleGenerateRisksOutOfScopeNoRisksCreated(t *testing.T) {
+	rule := NewMissingHardeningRule()
+	risks, err := rule.GenerateRisks(&types.Model{
+		TechnicalAssets: map[string]*types.TechnicalAsset{
+			"ta1": {
+				Title:      "Test Technical Asset",
+				OutOfScope: true,
+				RAA:        100,
+			},
+		},
+	})
+
+	assert.Nil(t, err)
+	assert.Empty(t, risks)
+}
+
 type MissingHardeningRuleNoRisksTest struct {
 	raa                int
 	technicalAssetType types.TechnicalAssetType