What’s the biggest pain point you’ve faced during a smart contract audit?

Every team hits different roadblocks when preparing for or going through a smart contract audit.
For some it’s documentation, for others it’s test coverage, architecture decisions, upgradeability, or unexpected security issues that show up late.
Curious to hear from other devs what’s been the most challenging part of the audit process for you, and what would’ve made it easier?