Functions of Security Controls
                     C
CF
YuBARn
EcRtSEERio
EnCsU RoIfT Y
PSAETCH URITY
CONTROLS
www. infosectra in .com SWIPE LEFT
01
Directive
Controls
Directive Controls are the mandatory
controls that are implemented to monitor 
the regulations. It provides guidance
primarily aligned with the organizations 
required to follow, like policies, regulations, 
etc.
@infosectra in
02
Deterrent
Controls
Deterrent Controls are deployed to
discourage the violation of a security
function, and it helps to reduce the
chances of a deliberate attack. Deterrent 
Controls help to make intelligent decisions 
and deter the way that is not secure to use.
@infosectra in
03
Preventive
Controls
Preventive Controls are used to prevent or 
avoid security incidents in the organization. 
It helps to mitigate unauthorized activities 
by indulging preventive methods in the
organization.
@infosectra in
04
Compensating
Controls
Compensating Controls are the alternative 
methods that support the requirement of 
actual security control implemented.
The role of the compensating Control is to 
provide a similar level of assurance even if 
the attacker has compromised the actual 
security control.
@infosectra in
05
Detective
Controls
Detective controls are used to detect and 
alert unauthorized or unwanted activities 
within the organization. It helps to detect 
and react to security violations using tools, 
processes, and best practices.
@infosectra in
05 06
Corrective
Controls
Corrective Controls are used to remediate 
or mitigate the effect of a security incident. 
It includes measures to mitigate and
prevent the same security incident from 
recurrence.
@infosectra in
07
Recovery
Controls
Recovery Controls are deployed to recover 
and restore the operating system to 
normal condition after the security
incident.
@infosectra in