diff --git a/src/SentinelARConverter.psd1 b/src/SentinelARConverter.psd1
index d92792a..def0297 100644
--- a/src/SentinelARConverter.psd1
+++ b/src/SentinelARConverter.psd1
@@ -12,7 +12,7 @@
     RootModule        = 'SentinelARConverter.psm1'
 
     # Version number of this module.
-    ModuleVersion     = '2.2.3'
+    ModuleVersion     = '2.2.4'
 
     # Supported PSEditions
     # CompatiblePSEditions = @()
diff --git a/src/public/Convert-SentinelARYamlToArm.ps1 b/src/public/Convert-SentinelARYamlToArm.ps1
index a652e1d..c69346e 100644
--- a/src/public/Convert-SentinelARYamlToArm.ps1
+++ b/src/public/Convert-SentinelARYamlToArm.ps1
@@ -42,6 +42,9 @@ Set the startTimeUtc property of the ARM template. Default is empty
 To successfully deploy the ARM template the startTimeUtc property must be set to a future date.
 Start time must be between 10 minutes and 30 days from now. This is not validated by the cmdlet.
 
+.PARAMETER DisableIncidentCreation
+If set, the incidentCreation property of the ARM template will be set to false. Default is to keep the value from the YAML file.
+
 .EXAMPLE
 Convert-SentinelARYamlToArm -Filename "C:\Temp\MyRule.yaml" -OutFile "C:\Temp\MyRule.json"
 
@@ -101,7 +104,10 @@ function Convert-SentinelARYamlToArm {
         [string]$Severity,
 
         [Parameter()]
-        [datetime]$StartRunningAt
+        [datetime]$StartRunningAt,
+
+        [Parameter()]
+        [switch]$DisableIncidentCreation
     )
 
     begin {
@@ -303,6 +309,15 @@ function Convert-SentinelARYamlToArm {
             Write-Warning "StartRunningAt parameter is only supported for scheduled rules. Ignoring parameter."
         }
 
+        # Disable incident creation if specified
+        if ($DisableIncidentCreation) {
+            # Remove existing createIncident property
+            if ("createIncident" -in $ARMTemplate.incidentConfiguration.Keys) {
+                $ARMTemplate.incidentConfiguration.Remove("createIncident")
+            }
+            $ARMTemplate.incidentConfiguration.Add("createIncident", $false)
+        }
+
         # Convert hashtable to JSON
         $JSON = $ARMTemplate | ConvertTo-Json -Depth 99
         # Use ISO8601 format for timespan values
diff --git a/tests/Convert-SentinelARYamlToArm.tests.ps1 b/tests/Convert-SentinelARYamlToArm.tests.ps1
index dc3bb06..b17da57 100644
--- a/tests/Convert-SentinelARYamlToArm.tests.ps1
+++ b/tests/Convert-SentinelARYamlToArm.tests.ps1
@@ -375,6 +375,24 @@ Describe "Convert-SentinelARYamlToArm" {
         }
     }
 
+    Context "Scheduled with disabled incident creation" {
+        BeforeAll {
+            Copy-Item -Path $exampleScheduledFilePath -Destination "TestDrive:/Scheduled.yaml" -Force
+            Convert-SentinelARYamlToArm -Filename "TestDrive:/Scheduled.yaml" -OutFile "TestDrive:/Scheduled.json" -DisableIncidentCreation
+            $armTemplate = Get-Content -Path "TestDrive:/Scheduled.json" -Raw | ConvertFrom-Json
+        }
+
+        AfterEach {
+            if ( -not $RetainTestFiles) {
+                Remove-Item -Path "TestDrive:/*" -Include *.json -Force
+            }
+        }
+
+        It "Should have the incident creation disabled" {
+            $armTemplate.resources[0].properties.incidentConfiguration.createIncident | Should -Be $false
+        }
+    }
+
     AfterAll {
         Remove-Module SentinelARConverter -Force
     }