Confidentiality means that information is protected from unauthorized disclosure or availability. The correct statement is option A because it expresses the essential confidentiality concept: information must not be made available or disclosed to unauthorized individuals, entities, or processes. ISO/IEC 27002 supports confidentiality through controls such as information classification, labelling, access control, identity management, authentication, cryptography, data masking, information transfer rules, and data leakage prevention. The purpose is to ensure that only approved users, systems, or processes can view or receive information according to business need and authorization. Option B describes integrity, because accuracy and completeness relate to whether information remains correct and unaltered. Option C describes availability, because accessibility and usability on demand relate to authorized access when needed. In ISO/IEC 27002, many controls are mapped to confidentiality, integrity, and availability through control attributes. A confidentiality breach can occur through excessive internal access, accidental disclosure, lost media, weak access permissions, exposed credentials, or insecure transfer. References/Chapters: ISO/IEC 27002:2022, Clause 4 control attributes; Control 5.12 Classification of information; Control 5.15 Access control; Control 8.24 Use of cryptography.
==========
