The correct answer is 'Conducting a security review of the vendor and their products', because ensuring the security of computing resources begins with a thorough evaluation of the vendors and their offerings. This evaluation should cover the vendor's security policies, compliance with relevant standards, and the security features of the products they are providing. Reviewing vendor security practices mitigates the risk of introducing vulnerabilities into the network through third-party products or services. 'Checking compatibility with current systems' is also a step in the process, but it does not directly strengthen security. 'Choosing products with the newest features' or 'Negotiating the lowest cost for products' may be important from a functionality or budget perspective, but they do not necessarily reflect the security posture of the products or the vendor.