During the audit of an acquired software package, an IS auditor learned that the software purchase was based on information obtained through the Internet, rather than from responses to a request for proposal (RFP). The IS auditor should FIRST:
A、test the software for compatibility with existing hardware.
B、perform a gap analysis.
C、review the licensing policy.
D、ensure that the procedure had been approved.