The goal of a security audit is to get an understanding of where the vulnerabilities are, how severe they are, and what needs to be done to fix them.