A new legislation mandates that enterprises must report serious breaches of security to the relevant regulatory body within 12 hours of discovering the breach. Which of the following is the advice that the IS auditor believes would help promote compliance with the legislation the MOST?