TriCorp is purchasing Meta Company. TriCorp uses a change management system for all IT processes, while Meta Company does not have one in place. Meta Company's IT staff needs to purchase a third-party product. What should be done to address the security impacts this product may cause?

A. Purchase the product, and test it in a lab environment before installing it on any live system.
B. Use the product that TriCorp uses for similar needs.
C. Use TriCorp's change management process during the evaluation of the new product.
D. Allow both companies' IT staffs to evaluate the new product prior to purchasing it.

C
Explanation: To address the security impacts this product may cause, Meta Company should use TriCorp's change management process during the evaluation of the new product. It is always best to use a formal change management process for security reasons.
None of the other choices offers the security protections as using the appropriate change management process.