The Insider Risk Mitigation Framework will ensure proportionate spending on any measures posed and make the cost benefit argument to support recommendations for security. It will also support organisational security development through the best use of insider risk mitigation methods to further mature a protective security stance.
Foundation
Implementing Mitigations
Read More
Policies, Standards, Guidelines & Procedures
Ensuring proportionate policies, standards, guidelines and procedures are in place that are understood and consistently enforced is critical in any insider threat programme.
Read More
Employment Screening & Vetting
Employment screening comprises the procedures involved in deciding an individual's suitability to hold employment in a given job role.
Read More
Physical & Technical Measures
Physical and technical measures should be defined by operational requirements and should be applied alongside personnel security measures to deliver security in an integrated manner.
Read More
Security Education & Training
Effective education and training is necessary to ensure individuals know what policies, standards, guidelines and procedures are in place to maintain security.
Read More
Monitoring & Review
A programme of monitoring and review should be in place to enable potential security issues, or personal issues that may impact on an employee's work, to be recognised and dealt with effectively.
Read More
Investigation & Disciplinary
Appropriate investigation and disciplinary practices are essential in ensuring that disproportionate actions are minimised and adherence to security policies and processes are reinforced.