Top Threats

Insider Risk Mitigation Program Evaluation (IRMPE) Tool

  • 1.  Insider Risk Mitigation Program Evaluation (IRMPE) Tool

    Posted Nov 26, 2021 01:11:00 AM
    Hi All,

    NIST recently published: Insider Risk Mitigation Program Evaluation (IRMPE)

    The tool is a downloadable PDF that asks users key questions about their existing enterprise, focusing on the domains of Program Management, Personnel and Training, and Data Collection and Analysis. The interactive PDF, from which CISA collects no data or personal information, will allow users to receive scores representing maturity indicators that objectively evaluate their immunity to insider threat incidents. The response also includes guidance to interpret the numbers and provides suggested measures. The Insider Risk Self-Assessment is one more way CISA is working with public and private stakeholders at the federal, state, local, and community levels to prevent and mitigate risk to our Nation's critical infrastructure.

    Insider Risk Mitigation Program Evaluation (IRMPE): Assessment Instrument
    https://www.cisa.gov/sites/default/files/publications/IRMPE_Assessment_v1_2021-10-12.pdf - Form to be completed

    Attached:
    IRMPE Question Set and Guidance
    IRMPE Quick Start Guide
    IRMPE User Guide
    IRMPE One-Pager

    ------------------------------
    Michael Roza CPA, CISA, CIA, MBA, Exec MBA
    ------------------------------