An organization has decided to implement a policy-driven access control system to manage access to its resources. Access to resources differs greatly team by team. The IT security team wants to ensure compliance with company policies regarding data protection and user access. During a meeting, the discussion turns to how best to enforce these policies so that only authorized employees can access sensitive financial records. Which of the following access control models would best fit this scenario?
Mandatory Access Control (MAC)
Role-Based Access Control (RBAC)
Discretionary Access Control (DAC)
Attribute-Based Access Control (ABAC)