Audits should ensure compliance with which category?

Audits are about verifying that an organization follows the laws, regulations, and external requirements that apply to its operations. The best fit is regulatory because audits are specifically designed to test compliance with those legal obligations and standards the organization must meet, including obligations related to third-party relationships, data protection, financial reporting, and security controls. This focus helps prevent penalties, fines, and reputational damage by showing the organization is exercising due care in staying within legal bounds. Marketing campaigns, product development, and employee training are important areas of business activity, but they are not the primary targets of audits for compliance. They can be reviewed for governance and process quality, but the core purpose of audits in this context is to confirm adherence to regulatory requirements.