Which control is established to prevent unauthorized access to internal systems?

The correct answer focuses on physical controls, specifically access codes, which are essential mechanisms in safeguarding internal systems from unauthorized access. Physical controls are tangible measures designed to restrict entry and ensure that only authorized personnel can access sensitive data or systems. Access codes, for instance, serve as a barrier that must be crossed before someone is permitted entry or usage of these systems, thereby directly contributing to the overall security framework.

In the context of internal systems, having robust physical controls like access codes is vital to mitigate risks associated with data breaches and unauthorized access. This measure not only protects valuable information but also reinforces a culture of security within the organization. Organizations often implement multifactor authentication systems that may include physical controls to further enhance security.

In contrast, other options such as leading reporting lines and independent reviews pertain more to organizational structure and oversight rather than directly restricting access to systems. Employee training is essential, but without the physical controls in place, training alone may not effectively secure an organization's internal systems. Thus, the use of access codes represents a fundamental practice in preventing unauthorized access, underscoring its importance in a comprehensive security strategy.