Your organization is in the process of selecting a cloud service provider. What is the BEST step to ensure that the provider's security posture aligns with your organization's security requirements?
Review the provider's most recent internal audit reports for indications of a strong security practice.
Ensure the contract includes a right-to-audit clause allowing for independent assessments of the vendor's environment.
Conduct a penetration test of the vendor's systems to establish a baseline for security.
Request a detailed supply chain analysis from the vendor to assess potential upstream risks.