An organization wishes to purchase an application and is undergoing a formal procurement process to evaluate and select a product. What documentation should the organization use to make sure that the application selected has the appropriate security-related characteristics?
a. Security guidelines
b. Security policies
c. Security requirements
d. Functional requirements