Deviations from the baseline should be investigated and ________.

When deviations from the baseline occur, it is essential to document them for several reasons. Documentation provides a clear record of what the deviation was, why it occurred, and the context surrounding it. This is crucial for performing a thorough analysis, as it allows organizations to assess the impact of the deviations on security posture and compliance with policies.

Furthermore, documenting deviations helps in identifying trends over time, which can be useful for improving baseline measures, enhancing security practices, and ensuring accountability. It also supports ongoing compliance checks and audits, offering a tangible reference that can be reviewed as necessary.

The other options do not fulfill the necessity of establishing a formal record. Revealing deviations without context or proper documentation does not contribute to understanding or learning from the incident, while encouraging deviations could lead to a lack of control over security measures. Lastly, enforcing inconsistencies would undermine the very principles behind the baseline, which is to maintain a defined standard for security operations.