After a recent security audit by a third party consultancy, it was determined that several security systems were not configured according to the organization's documented security policies. Which of the following actions would be the BEST to take to ensure the effectiveness and alignment of security configurations with the organizational requirements moving forward?
Implement additional technical controls to mitigate any operational gaps while maintaining the existing policies and procedures.
Increase the frequency of security audits to identify discrepancies without modifying the existing documentation.
Conduct an immediate review and update of the relevant security policies and procedures to reflect the current state of the security environment and technology.
Schedule additional security training for IT staff to improve their adherence to the existing documented policies without reviewing the policies.