Scope bypass_settings related audit events to security policy project

The following discussion from !196249 (merged) should be addressed:

• @mc_rocha started a discussion: (+1 comment)

  I'm unsure if it is also applicable here, but from discussions related to audit events, we concluded that we should scope the audit events to the security policy project. We are currently working on a MR to update some of these events. From this MR description, we have the summary of our discussion:

  However, the goal of the security policy audit events is to scope the audit events to the security policy project for easier tracking of security policy violations by admins.