Insider Threat Assessment Using NIST Cybersecurity Framework
February 18, 2026
Copyright Notice All content is protected by international copyright laws. By downloading, you agree to these terms.
As a starting point for building a work program, internal auditors may use an existing risk and control framework. This tool replicates NIST’s Cybersecurity Framework 2.0 as the criteria against which an insider threat program may be evaluated.
Additional resources to use with this IIA Audit Tool
Auditing Insider Threat Programs
Insider Threat Leading Practices