System and application access control is to prevent （ ）access to systems and applications. Access to information and application system functions shall be restricted in accordance with the access control policy.