Which of the following is the PRIMARY safeguard for securing software and data within an information
processing facility?

A.
Security awareness

B.
Reading the security policy

C.
Security committee

D.
Logical access controls

Explanation:
To retain a competitive advantage and meet basic business requirements, organizations must ensure that the
integrity of the information stored on their computer systems preserve the confidentiality of sensitive data and
ensure the continued availability of their information systems. To meet these goals, logical access controls
must be in place. Awareness (choice A) itself does not protect against unauthorized access or disclosure of
information. Knowledge of an information systems security policy (choice B), which should be known by theorganization’s employees, would help to protect information, but would not prevent the unauthorized access of
information. A security committee (choice C) is key to the protection of information assets, but would address
security issues within a broader perspective.