What do information security controls aim to accomplish?

Information security controls are designed with the primary goal of preventing unwanted events and reducing risk to information assets. This involves implementing various security measures, both technical and administrative, to protect data from unauthorized access, disclosure, modification, or destruction. By establishing controls such as firewalls, intrusion detection systems, and access management protocols, organizations can create a structured environment that mitigates potential threats to information security.

While enhancing productivity, automating processes, and training employees are important aspects of an organization's overall strategy, they do not directly align with the primary objective of information security controls. The focus is firmly on safeguarding information assets from risks, which is crucial in today’s digital landscape where data breaches and cyber threats are prevalent. Therefore, the correct answer highlights the central role that security controls play in protecting vital information and minimizing security risks.