Which of the following is the PRIMARY safeguard for securing software and data within an
information processing facility?

A.
Security awareness

B.
Reading the security policy

C.
Security committee

D.
Logical access controls

Explanation:
To retain a competitive advantage and meet basic business requirements, organizations must
ensure that the integrity of the information stored on their computer systems preserve the
confidentiality of sensitive data and ensure the continued availability of their information systems.
To meet these goals, logical access controls must be in place. Awareness (choice A) itself does
not protect against unauthorized access or disclosure of information. Knowledge of an information
systems security policy (choice B), which should be known by the organization’s employees, would
help to protect information, but would not prevent the unauthorized access of information. A security
committee (choice C) is key to the protection of information assets, butwould address security
issues within a broader perspective.