Certified Governance Risk and Compliance (CGRC) Practice Exam 2025 - Free CGRC Practice Questions and Study Guide

Physical controls are security measures that involve the use of physical barriers and safeguard mechanisms to protect an organization's assets and environment. These controls typically include elements that physically prevent unauthorized access to certain areas, equipment, or information.

Locking systems, such as key locks or electronic access controls, are quintessential examples of physical controls. They restrict entry based on authorization and help ensure that only permitted individuals can access sensitive areas or information. Environmental controls, which can encompass climate control systems like heating, ventilation, and air conditioning (HVAC), are also crucial for maintaining the security and integrity of physical assets, including hardware and sensitive equipment.

In contrast, the other choices primarily pertain to logical or administrative controls. Password management and resource management focus on user access and permissions through software means rather than physical barriers. Similarly, identification and authentication methods refer to procedures and technologies employed to verify the identity of a user or a system, which are largely digital and do not involve the physical safeguarding of equipment or locations.

Thus, the correct answer identifies the core aspects of physical controls, while the other options relate to different types of security measures not categorized under physical controls.