Dealing with false positives for CIS policy scans for Debian 10

Recently i scanned a server that was hardened by our sysadmins for Debian 10 image. Post sharing the reports,they fixed a lot of vulnerabilities/findings. Now i rescanned and found that it was showing compliance of only 60%. Obviously our admins arent happy with the results but neither am i. I tried fixing the template and doing all sorts of things but no luck. Anyone faced similar issue?Any tips? :confused: