Which control type aims to restore systems to their operational state after an incident?

The control type that aims to restore systems to their operational state after an incident is corrective control. Corrective controls are designed to remedy the problems that occur as a result of security incidents, system failures, or other unexpected disruptions. Their primary objective is to ensure that services and systems return to normal functioning as quickly as possible following an incident.

These controls often involve measures such as patching vulnerabilities, restoring data from backups, or implementing techniques to recover systems. By focusing on remediation and restoration, corrective controls are essential in minimizing downtime and mitigating the impact that incidents can have on an organization’s operations and services.

In contrast, preventive controls are aimed at stopping incidents before they occur, deterrent controls aim to discourage potential threats, and managerial controls involve administrative aspects of systems management and security policy. Each of these control types plays a distinct role in an overall security framework, but corrective controls specifically target the recovery aspect following an incident.