Navigate

CCI-002996

CCI-002996 Definition

Implement an insider threat program that includes a cross-discipline insider threat incident handling team.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed documents and implements an insider threat program that includes a cross-discipline insider threat incident handling team.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented insider threat program to ensure the organization being inspected/assessed implements an insider threat program that includes a cross-discipline insider threat incident handling team.

Compelling Evidence

1.) Signed and dated documentation of organization's insider threat program.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002996.

Control	Description
PM-12	The organization implements an insider threat program that includes a cross-discipline insider threat incident handling team.