top of page

Many great insider threat management programs, books, and guidance documents are available online or on Amazon. We've referenced some of the best and distilled their essence into something more accessible for most organizations.


At SRMBOK, we subscribe to the concept that “If I had more time, I would have written a shorter letter.” Well, this is as short as we could make it, but it provides a sound introduction to insider threat management.


The checklist has just ten high-level items, but we see these ten criteria as the key issues that senior managers must focus on. They are designed to be used in conjunction with the SRMBOK Risk Control Effectiveness Criteria, but they will work with almost any rating system.


Each of the criteria in the checklist will benefit from detailed checklists specific to your context. Organizations working in or with a government agency, for example, will have very different requirements from those of a startup or a transport or mining sector organization. Annex One provides a list of recommended readings to help develop these checklists.

Insider Threat Effectiveness Assessment Criteria

Sales Tax Included