Hey Ged,
I think the best place for this would be bugzilla. You can group the full audit in one bug.
Done, filed under bug #1307.
I don't see any reason to store information which is going to be fixed. Bugzilla and SVN will take care of the history for us. However if there is general audit information in there, then I think is should be treated in the same manner as the rest and stored in the respective directory accordingly.
Some people thought it might be a good idea. Perhaps including a little text file detailing the date of a the last audit of the code and references to any bugs in bugzilla? It's just to keep track and show new auditors what has been done and when.
I'm way too busy at the moment to manage bugzilla, but it is something that someone should do really.
Cheers, Martin