@Aran Billen, Thanks for posting in Q&A. From the information you provided, it seems the devices are stuck or having issue when apply security policy. To check this, you can collect Windows Autopilot MDM logs and analyze DeviceManagement-Enterprise-Diagnostic-Provider Event log to see if any related error can be found.
For such log analysis issue, you can open case to troubleshoot the issue.
https://learn.microsoft.com/en-us/mem/get-support
Hope the above information can help.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.