Increase your maturity
Audits are rarely binary, where an organization needs to score 100% on all controls to pass. The Secure Control Framework CMM for example has a 6 stage maturity model, ranging from CMM 0 - Not Performed to CMM 5 - Continuously Improving. HITRUST also combines a maturity aspect based on documentation of policies where maturity levels range from non-compliant, somewhat compliant, and partially compliant to mostly compliant and fully compliant. So to "pass" an audit it is typically only required to get above a certain threshold, which infers at least some level of failure and as such an opportunity for further improvement. These issues will usually be included within the audit report findings as areas that need to be addressed. Some of these may be critical, and must be addressed prior to receiving a pass certificate. Others may simply be noted in the final report, with the assumption the organization will commit to address them within a particular timeline.