Preventive
What you are trying to do is prevent some form of security breach/incident.
Change management: Making sure that there or no outages that were not planned. Being as I work as an IT administrator, it's easy to want to make changes on the fly. The first step in this process is to submit the change plan and get approval. These changes can be network configuration changes or changing to a more current operating system. We need to plan, test, and practice before attempting the changes to reduce the chances of downtime on a production network.
Security awareness and training: Make users aware of social engineering attacks, email, and social network best practices. Once the users are aware of the tactics a social engineer might use, the less chance of them being fooled into revealing the passwords. For example, Microsoft is not going to call you and ask for your password, which is a threat actor attempting to social engineer you.
Disabling Accounts: Having an account disablement policy when an employee leaves the organization can help prevent the former employee from access their old account and possibly causing a security breach.