diff --git a/.gitea/workflows/best-practices.yaml b/.gitea/workflows/best-practices.yaml
index 5615d26..e18a095 100644
--- a/.gitea/workflows/best-practices.yaml
+++ b/.gitea/workflows/best-practices.yaml
@@ -74,7 +74,7 @@ jobs:
             polaris audit --audit-path manifests.yaml \
               --format pretty \
               --set-exit-code-on-danger \
-              --set-exit-code-below-score 70
+              --set-exit-code-below-score 50
           fi
 
   resource-analysis:
diff --git a/znc/statefulset.yaml b/znc/statefulset.yaml
index 1422d3b..8149fa0 100644
--- a/znc/statefulset.yaml
+++ b/znc/statefulset.yaml
@@ -13,6 +13,7 @@ metadata:
     polaris.fairwinds.com/dangerousCapabilities-exempt: "true"
     polaris.fairwinds.com/insecureCapabilities-exempt: "true"
     polaris.fairwinds.com/hostNetworkSet-exempt: "true"
+    polaris.fairwinds.com/notReadOnlyRootFilesystem-exempt: "true"
 spec:
   selector:
     matchLabels: