search menu icon-carat-right cmu-wordmark

Insider Threat Program Manager Certificate Examination

To ensure continued excellence in Insider Threat program development, implementation, and operation, the SEI objectively validates the student's understanding and eligibility to receive the Insider Threat Program Manager (ITPM) Certificate. The certificate exam evaluates the student's comprehension of insider threat planning, identification and responsibilities of internal and external stakeholders, components of an insider threat program, insider threat team development, strategies for effective communication of the program, and effective implementation and operation of the program within the organization.

Learners can begin the online exam at any time. Once the examination is started, the learner will have 6 total hours to complete the examination.


This validation exam is required for insider threat program managers who wish to pursue the following SEI credentials:

  • Insider Threat Program Manager Certificate


Participants must achieve a minimum passing score of 80% for the Insider Threat Program Manager Certificate.


The exam consists of 65 multiple choice questions. Each question has either four or five possible answers, only one of which is correct. The exam covers the following topic areas:

  • Insider Threat definitions, issues, and types
  • Severity and impact of insider threat activity
  • Fraud: examples, dynamics, technical aspects, and countermeasures
  • Theft of Intellectual Property: examples, dynamics, exfiltration, and mitigation
  • Unintentional Insider Threat
  • Insider Threat Prevention, Detection, and Mitigation Strategies
  • Components of an Insider Threat Program
  • Requirements for a formal program
  • Oversight of program compliance and effectiveness
  • Integration with enterprise risk management
  • Prevention, detention and response infrastructure
  • Confidential reporting procedures and mechanisms
  • Building the Insider Threat Program Framework
  • Developing an enterprise-wide approach and interdisciplinary project team
  • Building or enhancing policies and processes to include insider threat program considerations
  • Identifying critical asset and protection needs
  • Identifying risks to assets from insiders and enhancing any risk management program to take into account risks from insiders
  • Enhancing organizational training and awareness programs to include insider threat
  • Enhancing organizational infrastructures to support the Insider Threat Program by determining what defenses are needed, and where enhancements are necessary
  • Building the data collection and analysis function for both technical and behavioral data
  • Identifying data sources and priorities
  • Building a roadmap for implementation
  • Considerations for operations
  • Future improvements to the program


The exam is based on information found in the Overview of Insider Threat Concepts and Activities, Building an Insider Threat Program, and Insider Threat Program Manager: Implementation and Operation training courses. You may reference the course material as needed. Please keep in mind that the test will conclude after 6 total hours regardless of the number of questions answered.


Before registering for this exam, participants must complete the prerequisite courses: Overview of Insider Threat Concepts and Activities, Building an Insider Threat Program, and Insider Threat Program Manager: Implementation and Operation.

To access the SEI Learning Portal, your computer must have the following:

  • For optimum viewing, we recommend using the following browsers: Microsoft Edge, Mozilla Firefox, Google Chrome, Safari
  • These browsers are supported on the following operating systems: Microsoft Windows 8 (or higher), OSX (Last two major releases), Most Linux Distributions
  • Mobile Operating Systems: iOS 9, Android 6.0
  • Microsoft Edge, Firefox, Chrome and Safari follow a continuous release policy that makes difficult to fix a minimum version. For this reason, following the market recommendation we will support the last 2 major version of each of these browsers. Please note that as of January 2018, we do not support Safari on Windows.

This is an eLearning course.

Register Now

Course Fees [USD]

  • eLearning: $250.00


Once registered, learners can begin the examination at any time. Learners can proceed through the exam at their convenience over 6 total hours. Once answers are submitted, the exam will provide your score immediately and allow one opportunity to review and change responses to rescore, if necessary.

If you wish to purchase this course for a group of learners, please email or telephone at +1 412-268-7388 for group rate details.

Course Questions?

Phone: 412-268-7388

Related Courses

  • Building an Insider Threat Program


    This seven (7) hour online course provides a thorough understanding of the organizational models for an insider threat program, the necessary components to have an effective program, the key stakeholders who need to be involved in the process, and basic education on the implementation and guidance of the program. This training is based upon the...

    Learn More
  • Overview of Insider Threat Concepts and Activities


    This three (3) hour online course provides a thorough understanding of insider threat terminology, identifies different types of insider threats, teaches how to recognize both technical and behavioral indicators and outlines mitigation strategies. This instruction is based upon the research of the CERT National Insider Threat Center (NITC) of the...

    Learn More
  • Insider Threat Program Manager (ITPM) Certificate Package

    - Day Course

    Students who wish to purchase the certificate program package (two eLearning courses, instructor-led course, certificate exam) will receive a discount from the total cost. The program packages correspond with scheduled course dates, so select the program package that best meets your scheduling needs. The Insider Threat Program Manager Certificate...

    Learn More
  • Insider Threat Program Manager: Implementation and Operation

    3 - Day Course

    This three day course builds upon the initial concepts presented in the prerequisite courses Overview of Insider Threat Concepts and Activities and Building an Insider Threat Program. The course presents a process roadmap that can be followed to build the various parts of a robust Insider Threat Program. It discusses various techniques and methods...

    Learn More

Training courses provided by the SEI are not academic courses for academic credit toward a degree. Any certificates provided are evidence of the completion of the courses and are not official academic credentials. For more information about SEI training courses, see Registration Terms and Conditions and Confidentiality of Course Records.