diff --git a/internal/attestation/measurements/measurements.go b/internal/attestation/measurements/measurements.go
index 8592659402..26e057f9fc 100644
--- a/internal/attestation/measurements/measurements.go
+++ b/internal/attestation/measurements/measurements.go
@@ -143,7 +143,7 @@ func (m *M) EqualTo(other M) bool {
 func (m *M) GetEnforced() []uint32 {
 	var enforced []uint32
 	for idx, measurement := range *m {
-		if !measurement.ValidationOpt {
+		if measurement.ValidationOpt == Enforce {
 			enforced = append(enforced, idx)
 		}
 	}
diff --git a/internal/attestation/vtpm/attestation.go b/internal/attestation/vtpm/attestation.go
index 96a1894a08..7a7cd72ef5 100644
--- a/internal/attestation/vtpm/attestation.go
+++ b/internal/attestation/vtpm/attestation.go
@@ -227,7 +227,7 @@ func (v *Validator) Validate(ctx context.Context, attDocRaw []byte, nonce []byte
 	}
 	for idx, pcr := range v.expected {
 		if !bytes.Equal(pcr.Expected[:], attDoc.Attestation.Quotes[quoteIdx].Pcrs.Pcrs[idx]) {
-			if !pcr.ValidationOpt {
+			if pcr.ValidationOpt == measurements.Enforce {
 				return nil, fmt.Errorf("untrusted PCR value at PCR index %d", idx)
 			}
 			v.log.Warnf("Encountered untrusted PCR value at index %d", idx)