Final answer:
Discretionary Access Control (DAC) is the method that allows operational managers to have personal choice in determining employee access to systems/data, through the discretion given to the owner of the resource.
Step-by-step explanation:
The method that Handel should select to ensure operational managers have personal choice in determining employee access to systems/data is B) Discretionary Access Control (DAC). DAC is an access control model in which the owner of the information or system resource has the discretion to set access permissions for other users. This allows managers, in a business environment for example, to have control over who can access certain information based on their judgment and understanding of the employee's need for that information. An important point about DAC is that it relies heavily on the decision of the user who has control over the resources, which in this case are the operational managers.
In contrast, Role-Based Access Control (RBAC) assigns access rights based on roles within an organization, and Mandatory Access Control (MAC) refers to a set of security policies that is centrally controlled by a security policy administrator. The Least Privilege Principle is a concept where users are given the minimum levels of access – or permissions – needed to perform their job functions. While these can all be part of an overall security strategy, DAC provides the most personal control for operational managers over system access decisions.