PM-12-727 Insider Threat Program

Insider Threat Program

PM-12-727
Insider Threat Program
Program Management
Identify
Information Security Risk Management
NOT SELECTED
P1
No
Lack of consistent process to manage insider threats may result in an inability to respond to (detect and prevent) malicious insider activity.
The organization implements an insider threat program that includes a cross-discipline insider threat incident handling team.
The organization has an active insider threat program.
State implementation of this standard is incorporated into TAC 202.
Obtain procedures addressing insider threat program and ascertain if: (i) insider threat programs are implemented to detect and prevent malicious insider activity (ii) a cross-discipline insider threat incident handling team is active (iii) insider threat policies and implementation plans are established