diff --git a/pkg/printers/internalversion/describe.go b/pkg/printers/internalversion/describe.go
index c1b59cf96ef..467cb2b14cc 100644
--- a/pkg/printers/internalversion/describe.go
+++ b/pkg/printers/internalversion/describe.go
@@ -3530,6 +3530,12 @@ func describePodSecurityPolicy(psp *policy.PodSecurityPolicy) (string, error) {
 		if len(psp.Spec.AllowedFlexVolumes) > 0 {
 			w.Write(LEVEL_1, "Allowed FlexVolume Types:\t%s\n", flexVolumesToString(psp.Spec.AllowedFlexVolumes))
 		}
+		if len(psp.Spec.AllowedUnsafeSysctls) > 0 {
+			w.Write(LEVEL_1, "Allowed Unsafe Sysctls:\t%s\n", sysctlsToString(psp.Spec.AllowedUnsafeSysctls))
+		}
+		if len(psp.Spec.ForbiddenSysctls) > 0 {
+			w.Write(LEVEL_1, "Forbidden Sysctls:\t%s\n", sysctlsToString(psp.Spec.ForbiddenSysctls))
+		}
 		w.Write(LEVEL_1, "Allow Host Network:\t%t\n", psp.Spec.HostNetwork)
 		w.Write(LEVEL_1, "Allow Host Ports:\t%s\n", hostPortRangeToString(psp.Spec.HostPorts))
 		w.Write(LEVEL_1, "Allow Host PID:\t%t\n", psp.Spec.HostPID)
@@ -3589,6 +3595,10 @@ func flexVolumesToString(flexVolumes []policy.AllowedFlexVolume) string {
 	return stringOrDefaultValue(strings.Join(volumes, ","), "<all>")
 }
 
+func sysctlsToString(sysctls []string) string {
+	return stringOrNone(strings.Join(sysctls, ","))
+}
+
 func hostPortRangeToString(ranges []policy.HostPortRange) string {
 	formattedString := ""
 	if ranges != nil {
diff --git a/pkg/printers/internalversion/describe_test.go b/pkg/printers/internalversion/describe_test.go
index 284ece57972..73cae18fd64 100644
--- a/pkg/printers/internalversion/describe_test.go
+++ b/pkg/printers/internalversion/describe_test.go
@@ -2228,6 +2228,8 @@ func TestDescribePodSecurityPolicy(t *testing.T) {
 		"Required Drop Capabilities:\\s*<none>",
 		"Allowed Capabilities:\\s*<none>",
 		"Allowed Volume Types:\\s*<none>",
+		"Allowed Unsafe Sysctls:\\s*kernel\\.\\*,net\\.ipv4.ip_local_port_range",
+		"Forbidden Sysctls:\\s*net\\.ipv4\\.ip_default_ttl",
 		"Allow Host Network:\\s*false",
 		"Allow Host Ports:\\s*<none>",
 		"Allow Host PID:\\s*false",
@@ -2248,6 +2250,8 @@ func TestDescribePodSecurityPolicy(t *testing.T) {
 			Name: "mypsp",
 		},
 		Spec: policy.PodSecurityPolicySpec{
+			AllowedUnsafeSysctls: []string{"kernel.*", "net.ipv4.ip_local_port_range"},
+			ForbiddenSysctls:     []string{"net.ipv4.ip_default_ttl"},
 			SELinux: policy.SELinuxStrategyOptions{
 				Rule: policy.SELinuxStrategyRunAsAny,
 			},