diff --git a/src/Models/CrossOriginEmbedderPolicy.cs b/src/Models/CrossOriginEmbedderPolicy.cs
index 0d2d15d..9124876 100644
--- a/src/Models/CrossOriginEmbedderPolicy.cs
+++ b/src/Models/CrossOriginEmbedderPolicy.cs
@@ -70,4 +70,28 @@ public string BuildHeaderValue()
                 return RequireCorp;
         }
     }
+
+    /// <summary>
+    /// Used to calculate whether the current header value is valid
+    /// </summary>
+    /// <param name="useCrossOriginResourcePolicy">
+    /// Whether the CORP header is included in the outer setup
+    /// </param>
+    /// <remarks>
+    /// The value for this header is only invalid if the CORP (Cross-Origin-Resource-Policy) header
+    /// is enabled and the current value for the COEP (Cross-Origin-Embedder-Policy) hedaer is set to
+    /// <see cref="RequireCorp"/>
+    /// </remarks>
+    public bool HeaderValueIsValid(bool useCrossOriginResourcePolicy)
+    {
+        if (OptionValue == CrossOriginEmbedderOptions.RequireCorp)
+        {
+            if (!useCrossOriginResourcePolicy)
+            {
+                return false;
+            }
+        }
+
+        return true;
+    }
 }
diff --git a/src/SecureHeadersMiddleware.cs b/src/SecureHeadersMiddleware.cs
index 48641d8..22e9af0 100644
--- a/src/SecureHeadersMiddleware.cs
+++ b/src/SecureHeadersMiddleware.cs
@@ -134,7 +134,7 @@ private FrozenDictionary<string, string> GenerateRelevantHeaders()
 
         if (_config.UseCrossOriginEmbedderPolicy)
         {
-            if (!_config.UseCrossOriginResourcePolicy)
+            if (!_config.CrossOriginEmbedderPolicy.HeaderValueIsValid(_config.UseCrossOriginResourcePolicy))
             {
                 BoolValueGuardClauses.MustBeTrue(_config.UseCrossOriginResourcePolicy, nameof(_config.UseCrossOriginResourcePolicy));
             }
diff --git a/tests/OwaspHeaders.Core.Tests/CustomHeaders/CrossOriginOptionsTests.cs b/tests/OwaspHeaders.Core.Tests/CustomHeaders/CrossOriginOptionsTests.cs
index 3d6d484..5a13574 100644
--- a/tests/OwaspHeaders.Core.Tests/CustomHeaders/CrossOriginOptionsTests.cs
+++ b/tests/OwaspHeaders.Core.Tests/CustomHeaders/CrossOriginOptionsTests.cs
@@ -135,5 +135,36 @@ public async Task When_UseCrossOriginEmbedderPolicyNotCalled_Header_Not_Present(
         Assert.False(headerNotPresentConfig.UseCrossOriginEmbedderPolicy);
         Assert.False(_context.Response.Headers.ContainsKey(Constants.CrossOriginEmbedderPolicyHeaderName));
     }
+
+    [Theory]
+    [InlineData(CrossOriginEmbedderPolicy.CrossOriginEmbedderOptions.RequireCorp)]
+    [InlineData(CrossOriginEmbedderPolicy.CrossOriginEmbedderOptions.UnsafeNone)]
+    public void CrossOriginEmbedderPolicy_HeaderValueIsValid_Returns_True_When_HeaderIsValid(CrossOriginEmbedderPolicy.CrossOriginEmbedderOptions headerValue)
+    {
+        // Arrange
+        var header = new CrossOriginEmbedderPolicy(headerValue);
+        const bool useCorp = true;
+        
+        // Act
+        var valid = header.HeaderValueIsValid(useCorp);
+
+        // Assert
+        Assert.True(valid);
+    }
+    
+    [Fact]
+    public void CrossOriginEmbedderPolicy_HeaderValueIsValid_Returns_False_When_HeaderIsInvalid()
+    {
+        // Arrange
+        var header = new CrossOriginEmbedderPolicy(CrossOriginEmbedderPolicy.CrossOriginEmbedderOptions.RequireCorp);
+        var useCorp = false;
+        
+        // Act
+        var valid = header.HeaderValueIsValid(useCorp);
+
+        // Assert
+        Assert.False(valid);
+    }
+    
 }