Insider Risk Mitigation Program Evaluation (IRMPE)

CISA created the IRMPE tool in collaboration with Carnegie Mellon University’s Software Engineering Institute to help stakeholders gauge their readiness for a potential insider threat incident. The tool pulls from insider threat planning and preparedness resources to allow users to evaluate the maturity of their insider threat program in one convenient and easy-to-navigate fillable PDF. CISA urges its partners to share and use the new self-assessment tool to assist in increasing their own organizational security and resilience. The protective measures organizations incorporate into their security practices today can pay for themselves many times over by preventing an insider threat or mitigating the impacts of an attack in the future. You can find the tool and more information under the “Resources” section.