Professional Documents
Culture Documents
Corrective, Detective, Preventative Controls
Corrective, Detective, Preventative Controls
Corrective controls are implemented in response to a security incident or a vulnerability that has been
identified. Their purpose is to minimize the damage caused by the incident, restore systems and services
to their normal state,
Detective Controls:
Detective controls are designed to identify and detect incidents, breaches, or unauthorized activities that
have already occurred. Their primary function is to monitor systems.
Preventive Controls: Preventive controls are proactive measures taken to minimize the likelihood of
security incidents, breaches, or unauthorized activities from occurring. These controls aim to prevent
threats and vulnerabilities from being exploited and reduce the overall risk exposure.
Example
firewalls, security awareness training, vulnerability management, and security policies and procedures.