When considering a third-party cloud service provider, which of the following criteria would be the BEST to include in the security assessment process? (Choose two.) 

Answer options:

A. Use of performance analytics
B. Adherence to regulatory compliance
C. Data retention policies
D. Size of the corporation
E. Breadth of applications support

BC