This GTAG helps internal auditors understand insider threats and related risks by providing an overview of common dangers, key risks, and potential impacts. Additionally, the guide defines key terms in the insider threat universe, and presents security frameworks, techniques, considerations, and resources that can help during the planning and execution of audit engagements.
By becoming aware of insider threats and the associated risks and by learning about insider threat programs, internal auditors have a tremendous opportunity to add value by helping their organizations strengthen governance, risk management, and control processes.
Topics include:
- How to better understand insider threats and guidance for practical audit considerations.
- Ways to assess and prioritize insider threats in audit planning.
- How to increase collaboration with management.
- Ways to champion the communication of insider threats to management and the board.