Establish an Insider Threat Program under NISPOM: What the ITPSO, FSO and NISP Contractors Need to Know

Establish an Insider Threat Program Under NISPOM focuses on protecting classified information. It also answers the question that so many people have asked,

• If we have the NISPOM, why do we need an insider threat program?
• If the NISPOM is so thorough, what would an additional insider threat program look like?

Most organizations attack the problem with either an employee tracking or online activity reporting goal.

After asking the above questions, we recommend a different solution. Of course the employee reporting and activity tracking solutions are important and part of the solution, but they should not be the end goal.

This book recommends a different application that can easily be implemented to both resolve insider threat issues and demonstrate compliance.

Establishing an Insider Threat Program Under NISPOM is written primarily for cleared defense contractors to meet Insider Threat Program requirements under the cognizance of the U.S. Government (Defense Counterintelligence and Security Agency (DCSA)).

Our recommended approach and practices help reduce vulnerabilities without negatively impacting the work force. You will learn to be innovative in your approach as well as leverage industry best practices for a more effective ITP. These solutions incorporate a systems-based approach that meets the following criteria:

• Document what needs to be protected
• Establish countermeasures to limit access
• Meet reporting requirements for unauthorized access
• Train the workforce

This book provides tools and templates that you can use immediately to document your progress and demonstrate program during reviews.

• Insider Threat Program Templates, tools and products
• Sample training certificates
• Spreadsheets for documenting risk