diff --git a/helm/csi-isilon/templates/csidriver.yaml b/helm/csi-isilon/templates/csidriver.yaml
index cb4da50a..bf7078d1 100644
--- a/helm/csi-isilon/templates/csidriver.yaml
+++ b/helm/csi-isilon/templates/csidriver.yaml
@@ -5,6 +5,7 @@ metadata:
 spec:
     attachRequired: true
     podInfoOnMount: true
+    fsGroupPolicy: {{ .Values.fsGroupPolicy }}
     volumeLifecycleModes: 
     - Persistent
     - Ephemeral
diff --git a/helm/csi-isilon/values.yaml b/helm/csi-isilon/values.yaml
index 3663eb93..2c4c4374 100644
--- a/helm/csi-isilon/values.yaml
+++ b/helm/csi-isilon/values.yaml
@@ -59,6 +59,16 @@ kubeletConfigDir: /var/lib/kubelet
 # Default value: false
 enableCustomTopology: false
 
+# fsGroupPolicy: Defines if the underlying volume supports changing ownership and permission of the volume before being mounted.
+# Allowed values:
+#   ReadWriteOnceWithFSType: supports volume ownership and permissions change only if the fsType is defined
+#   and the volume's accessModes contains ReadWriteOnce.
+#   File: kubernetes may use fsGroup to change permissions and ownership of the volume 
+#   to match user requested fsGroup in the pod's security policy regardless of fstype or access mode.
+#   None: volumes will be mounted with no modifications.
+# Default value: ReadWriteOnceWithFSType
+fsGroupPolicy: ReadWriteOnceWithFSType
+
 # controller: configure controller pod specific parameters
 controller:
   # controllerCount: defines the number of csi-powerscale controller pods to deploy to