It is great to see that you have done an audit for Firmware and Hardware.
When I have done company audits, the management was given a chance to response to each issue and provide a high-level action plan to mitigate the risk or fix the issue. So I wonder what was the NK responses to each of the findings ?
Some of the findings are critical, while others maybe less “important” but quick wins to fix during a next release.
Maybe I overlooked a document - at least the search function inside the forum has not thrown out any type of responses. Are the responses/plan to the audit findings available ?