I work on the data analytics team for audit.  Can you help me fill the request possibly by explaining what is wrong with the data request? I want to try to narrow down the data to get the team what they need.  I really appreciate any help I can get with  this. 

Start by asking the team what they need.  "Everything" is a wrong answer.  "All rules" is another wrong answer because, strictly speaking, Splunk doesn't have rules.

A typical audit team has a checklist they use to verify compliance with some standard.  Ask them what artifacts are needed to confirm Splunk complies with each item.

For example, auditors may want to know that you are alerted when a particular event happens.  In that case, show them a screenshot of the configured alert.

Perhaps the audit team wants to verify certain data is scrubbed before it is stored.  Show them the props.conf and transforms.conf settings that do the scrubbing and a query results that show scrubbed data.

I suppose there is a naming problem somewhere. The OP's organization probably uses splunk to monitor logs and therefore if anyone asks about a SIEM solution, the response is "Splunk".

Since Splunk as such is not your typical SIEM (even with ES it's not a straightforwardly equal solution), the typical question about SIEM rules (and iI suspect that's what it's about) doesn't make much sense.

I'd suggest approaching this question from the functional point of view because otherwise you'll end up dumping all saved searches whereas they only, for example, needed the ones which generate material for your main dashboard or something like that.