When considering a third-party cloud service provider, which of the following criteria would be the BEST to include
in the security assessment process? (Select two.)
A. Use of performance analytics
B. Adherence to regulatory compliance
C. Data retention policies
D. Size of the corporation
E. Breadth of applications support