2. Insider Threat Practitioners & Stakeholders
In addition to Board level engagement supplementary structures will be required to translate the strategic vision for the insider threat programme into practice.
Stakeholders will need to be engaged across business areas to provide specialist insight and ensure successful implementation.
- A Director should oversee the implementation of the Board level insider threat strategy, linking it to policies across the organisation.
- Senior members of staff from across business areas should be given responsibility for informing the role based risk assessment and managing the implementation of programme requirements in their areas of responsibility.
- A Senior Stakeholder Group for and insider threat programme (Insider Threat Working Group) may comprise representatives from the following areas: Physical Security; Information Security; Information Technology; Operational Technology; HR; Vetting; Facilities Management; Contract Management; Procurement; Finance; Counter Fraud; Legal; Training; Communications; Staff/Trade Union rep.