What is the difference between preventive mitigation controls and detective mitigation controls?

Sharad Jaiswal
Sharad Jaiswal

Posted On: Feb 22, 2018

 

Difference between preventive mitigation controls and detective mitigation controls

Preventive Mitigation ControlsDetective Mitigation Controls
Preventive mitigation control measures are basically used to lessen the effect of risk even before the risk actually occurs.Detective Mitigation Controls measures are used when an alert of a risk is already generated which means when the risk occurs.
Various activities to be performed under this process are: Configuration, user exits, security, defining workflow and custom objects.Various activities to be performed under this process are activity reports, alert information, budget reviews and comparisons between plans made and reviews generated.
Preventive mitigation helps in releasing strategies and authorization limits.Detective Mitigation Controls help in deducing and analyzing various risks.
It also contributes to preventing future risks and encourages the development of the company.It also helps in analyzing the sole reason for risk and measures of preventing it in the future for the sake of the organization.

    Related Questions

    Please Login or Register to leave a response.

    Related Questions

    GRC Interview Questions

    What is the SAP GRC?

    SAP GRC abbreviated as System, Applications, and Products (SAP), Governance, Risk and Compliance (GRC) which is an integrated body combining of various activities which unite help the organizations to...

    GRC Interview Questions

    What is UME and how it works?

    UME stands for the user management system. When A user tries to access a tab whose access is not with them, the tab will not display when the user tries to access that tab. A user can only access a fu...

    GRC Interview Questions

    What are the key activities that Process control shares with Access control in GRC?

    Risk control needs to be performed as a part of compliance and regulation practice, it is required to mitigate risk in an organization. A critical part of managing risk in an organization is to defin...