You are the security manager for a company that is currently undergoing its annual compliance check for a new data protection regulation. The auditors have requested evidence of ongoing compliance monitoring activities. Which of the following would BEST demonstrate the company's commitment to compliance monitoring?
Continuous monitoring with automated tools and regular reviews
Conducting post-incident analysis after each reported incident
Scheduling quarterly internal audits
Relying on yearly external third-party audits