Lack of consistent process to manage insider threats may result in an inability to respond to (detect and prevent) malicious insider activity.
The organization implements an insider threat program that includes a cross-discipline insider threat incident handling team.
The organization has an active insider threat program.
State implementation of this standard is incorporated into TAC 202.
Obtain procedures addressing insider threat program and ascertain if:
(i) insider threat programs are implemented to detect and prevent malicious insider activity
(ii) a cross-discipline insider threat incident handling team is active
(iii) insider threat policies and implementation plans are established