diff --git a/Controller/CircularNoticesController.php b/Controller/CircularNoticesController.php
index 176c647..f7f9b8a 100644
--- a/Controller/CircularNoticesController.php
+++ b/Controller/CircularNoticesController.php
@@ -347,6 +347,7 @@ public function add() {
  * edit action
  *
  * @return void
+ * @SuppressWarnings(PHPMD.CyclomaticComplexity)
  */
 	public function edit() {
 		$userId = Current::read('User.id');
@@ -359,6 +360,12 @@ public function edit() {
 			return $this->throwBadRequest();
 		}
 
+		// フレームから取得したCircularNoticeSetting.keyとコンテンツのcircular_notice_setting_keyが一致しない場合はBadRequest
+		$settingKey = $this->viewVars['circularNoticeSetting']['CircularNoticeSetting']['key'] ?? null;
+		if ($content['CircularNoticeContent']['circular_notice_setting_key'] !== $settingKey) {
+			return $this->throwBadRequest();
+		}
+
 		if ($this->CircularNoticeContent->canEditWorkflowContent($content) === false) {
 			return $this->throwBadRequest();
 		}
diff --git a/Test/Case/Controller/CircularNoticesController/EditTest.php b/Test/Case/Controller/CircularNoticesController/EditTest.php
index 5c48253..0f52d19 100644
--- a/Test/Case/Controller/CircularNoticesController/EditTest.php
+++ b/Test/Case/Controller/CircularNoticesController/EditTest.php
@@ -93,6 +93,7 @@ public function dataProviderEdit() {
 		$results[0] = array(
 			'urlOptions' => Hash::insert($data, 'frame_id', ''),
 			'assert' => null,
+			'exception' => 'BadRequestException'
 		);
 		$results[1] = array(
 			'urlOptions' => Hash::insert($data, 'key', 'A'),
@@ -105,7 +106,8 @@ public function dataProviderEdit() {
 		);
 		$results[3] = array(
 			'urlOptions' => Hash::insert($data, 'key', 'circular_notice_content_4'),
-			'assert' => array('method' => 'assertNotEmpty'),
+			'assert' => null,
+			'exception' => 'BadRequestException'
 		);
 
 		return $results;