Corrective controls are implemented to minimize the damage and impact of a security incident once it has already taken place. These controls focus on restoring systems, recovering data, and ensuring business continuity. Examples of corrective controls include backup systems, incident response plans, and disaster recovery procedures. While preventive controls aim to stop incidents from occurring and detective controls identify incidents, corrective controls are specifically designed to limit the consequences of an incident after it has been detected.