When developing a new system, detailed information security functionality should FIRST be addressed:
A . as part of prototyping.
B . during the system design phase.
C . when system requirements are defined.
D . as part of application development.
Answer: B