diff --git a/authentication/understanding-and-managing-pod-security-admission.adoc b/authentication/understanding-and-managing-pod-security-admission.adoc
index a64a065175..d62ce6968c 100644
--- a/authentication/understanding-and-managing-pod-security-admission.adoc
+++ b/authentication/understanding-and-managing-pod-security-admission.adoc
@@ -11,6 +11,9 @@ Pod security admission is an implementation of the link:https://kubernetes.io/do
 // About pod security admission
 include::modules/security-context-constraints-psa-about.adoc[leveloffset=+1]
 
+// Understanding pod security admission coexistence
+include::modules/security-context-constraints-psa-coexistence.adoc[leveloffset=+2]
+
 // About pod security admission synchronization
 include::modules/security-context-constraints-psa-synchronization.adoc[leveloffset=+1]
 
diff --git a/modules/security-context-constraints-psa-coexistence.adoc b/modules/security-context-constraints-psa-coexistence.adoc
new file mode 100644
index 0000000000..ba6caf3fbf
--- /dev/null
+++ b/modules/security-context-constraints-psa-coexistence.adoc
@@ -0,0 +1,15 @@
+// Module included in the following assemblies:
+//
+// * authentication/understanding-and-managing-pod-security-admission.adoc
+
+:_mod-docs-content-type: CONCEPT
+[id="security-context-constraints-psa-coexistence_{context}"]
+= Pod security admission and security context constraints
+
+Pod security admission standards and security context constraints are reconciled and enforced by two independent controllers. The two controllers work independently using the following processes to enforce security policies:
+
+. The security context constraint controller may mutate some security context fields per the pod's assigned SCC. For example, if the seccomp profile is empty or not set and if the pod's assigned SCC enforces `seccompProfiles` field to be `runtime/default`, the controller sets the default type to `RuntimeDefault`.
+
+. The security context constraint controller validates the pod's security context against the matching SCC.
+
+. The pod security admission controller validates the pod's security context against the pod security standard assigned to the namespace.
\ No newline at end of file