Control Types for AI Risk

In LR-201c we covered the four mitigation responses: avoid, mitigate, transfer, and accept. At the 301 level, we focus on the "mitigate" response — designing controls that reduce either the probability or the impact of identified risks. Controls come in four types, and effective mitigation layers multiple types for the same risk. Preventive controls stop the risk from materializing. Detective controls identify when the risk has materialized. Corrective controls limit the damage after materialization. Compensating controls provide alternative protection when primary controls are not feasible.

1. Preventive Controls Controls that reduce the probability of risk materialization. Input validation that blocks prompt injection attempts. Access controls that prevent unauthorized data access. Contract provisions that allocate liability before it is triggered. Preventive controls are the first line of defense — they stop the event from happening. [CLEARED]: Preventive controls are the most cost-effective when they work. They are insufficient alone because prevention eventually fails.
2. Detective Controls Controls that identify when a risk has materialized. Monitoring systems that detect data exfiltration. Audit processes that identify compliance gaps. Anomaly detection that flags unusual AI behavior. Detective controls do not prevent the event — they ensure you know it happened. Speed of detection determines the blast radius.
3. Corrective Controls Controls that limit damage after the risk has materialized. Incident response plans that contain breaches. Insurance that covers financial losses. Remediation processes that fix the root cause. Corrective controls assume prevention failed and detection succeeded — they manage the consequences.