An enterprise is evaluating new servers from various vendors for a high-security environment. Which of the following criteria should be prioritized to BEST ensure the hardware provider meets the company's stringent security policies and risk management?
Ensuring the hardware provider has no direct affiliations with foreign governments
Validating the security of the server's firmware at the time of delivery
Obtaining comprehensive documentation for all hardware components
Choosing hardware providers that the enterprise has worked with in the past