Have you ever heard the idiom “You can’t see the forest for the trees“? It means that a person can’t see the bigger picture because they are focusing too much on the small details.
Security audits don’t always focus on the right things, it's all about perspective.
A humorous take on this idiom was captured in this scene from a New Zealand mockumentary, What We Do in The Shadows:
This scene is a metaphor of what can sometimes happen with software based security audits, where the focus is on items that may have little to do with the security of the software.
Something else not to gloss over in this scene is the empathy which the officers show throughout the process, making it a helpful experience rather than a negative one.