Different Types of Security Controls

Security controls play an important role in defining the actions that cybersecurity professionals take to protect a company. We can say that there are three main types of IT security controls, including physical, technical and administrative.

The main purpose for implementing security controls can be preventive, detective or corrective. There are other literatures and approaches that also consider controls that act as deterrent and compensatory. In addition, controls are also used to protect people, as is the case with training or social engineering awareness policies.

Lack of security controls puts the confidentiality, integrity, and availability of information at risk. These risks also extend to the security of people and assets within an organization.

In the image below you can see the different types of basic security controls, focusing on their types and their purpose.

Different Types of Security Controls
Legend: Different Types of Security Controls

Physical Controls:

  • Preventive:
    • Fences
    • Gates
    • Locks
  • Detective:
    • CCTV
    • Surveillance Cameras
  • Corrective:
    • Repair a physical damage
    • Re-issue access cards

Technical Controls:

Administrative Controls:



Deixe uma resposta:

Seu endereço de e-mail não será publicado.

Esse site utiliza o Akismet para reduzir spam. Aprenda como seus dados de comentários são processados.