Insider Threat Program Evaluator
This three-day, instructor-led, classroom-based course presents strategies for measuring and evaluating an operational insider threat program within an organization. Using scenario-based exercises, this course takes participants through the steps to conduct an insider threat program evaluation. This training is for insider threat program managers, evaluators, and team members and for those interested in licensing the CERT methodology and tools to perform an insider threat program evaluation. This course may also benefit those working in auditing or risk management.
This training is based upon the research of the CERT Insider Threat Center of the Software Engineering Institute. The CERT Insider Threat Center has been researching this problem since 2001 in partnership with the Department of Defense, the Department of Homeland Security, the U.S. Secret Service, other federal agencies, the intelligence community, private industry, academia, and the vendor community. This training course supports organizations implementing and managing insider threat detection and prevention programs based on various government mandates or guidance including: Presidential Executive Order 13587, the National Insider Threat Policy and Minimum Standards, and proposed changes set forth in the National Industrial Security Program Operating Manual (NISPOM).
Submitting this registration will register you for the Insider Threat Program Evaluator course only. Successful completion of this course is a required component for the Insider Threat Program Evaluator Certificate. To register for the Insider Threat Program Evaluator (ITPE) Certificate Package, please visit Insider Threat Program Evaluator (ITPE) Certificate Package
- Insider Threat Program Team Members
- Insider Threat Program Managers
- Insider Threat Program Evaluators
*Please note that in order to perform evaluations using CERT tools, candidate evaluators must be sponsored by an approved SEI Partner organization. For more information on the process and associated fees, please contact firstname.lastname@example.org
Participants who complete the course will be able to
- Design an evaluation plan for working with an organization
- Build a team of experts to perform the evaluation
- Use the workbooks and templates to assess capabilities, components, and processes of an insider threat program
- Score capabilities based on evidence-driven assessment of a set of specific indicators
- Highlight key gaps within a program and recommend improvements or mitigations
Topics of exercises and discussions include:
- Techniques and templates for performing evaluation preparation and execution tasks
- Processes for engagement, planning, data collection, scoring, and report development
- Group discussions and summarized lessons learned for each exercise
Course methods include lecture, group exercises, and scenario completion. Participants will receive a course notebook, case studies and a downloadable copy of the course materials.
Participants completing the Insider Threat Program Evaluator Certificate Program must take the prerequisite courses: Insider Threat Overview: Preventing, Detecting, and Responding to Insider Threats and Building an Insider Threat Program.
Students are strongly recommended to also take the Insider Threat Program Manager: Implementation and Operation course to provide additional background knowledge for the course, but this is not required.
Training courses provided by the SEI are not academic courses for academic credit toward a degree. Any certificates provided are evidence of the completion of the courses and are not official academic credentials. For more information about SEI training courses, see Registration Terms and Conditions and Confidentiality of Course Records.