Software Engineering Institute

This seven (7) hour online course provides a thorough understanding of the organizational models for an insider threat program, the necessary components to have an effective program, the key stakeholders who need to be involved in the process, and basic education on the implementation and guidance of the program.

This training is based upon the research of the CERT Insider Threat Center of the Software Engineering Institute. The CERT Insider Threat Center has been researching this problem since 2001 in partnership with the U.S. Department of Defense (DoD), the Department of Homeland Security, the U.S. Secret Service, other federal agencies, the intelligence community, private industry, academia, and the vendor community. This training course supports organizations implementing and managing insider threat detection and prevention programs based on various government mandates or guidance including: Presidential Executive Order 13587, the National Insider Threat Policy and Minimum Standards, and proposed changes set forth in the National Industrial Security Program Operating Manual (NISPOM).

Please note that successful completion of this course is a required component of the Insider Threat Program Manager and Insider Risk Management Measures of Effectiveness Certificate Programs. To learn more about these certificates and package pricing for the courses, please go to: SEI Certificates.

To ensure continued excellence in identifying security posture, measuring the capabilities of formal insider threat and insider risk management programs, and characterizing processes and practices that mature insider risk management programs, the SEI objectively validates the student's understanding and eligibility to receive the CERT Insider Risk Management Measures of Effectiveness (IRM-MoE) Certificate.

The certificate examination evaluates the student's comprehension of insider threat definitions, issues, and types, as well as prevention, detection, and response strategies. In particular, the examination assesses the student's understanding of how to measure the effectiveness of a formal insider threat program, how to design and implement an insider risk management assessment methodology, and how to develop a system to capture traceable measurements back to the strategic goal of the organization to show the effectiveness of the insider risk program.

Learners can begin the online exam at any time. Once the examination is started, the learner will have 6 total hours to complete the examination.

After completing the certificate, participants may choose to be listed on the SEI website as an SEI Certificate Holder.

Students who wish to purchase the certificate program package (two eLearning courses, instructor-led course, certificate exam) will receive a discount from the total cost. The program packages correspond with scheduled course dates, so select the program package that best meets your scheduling needs.

The Insider Risk Management Measures of Effectiveness Certificate Package consists of the following courses:

• Overview of Insider Threat Concepts and Activities
• Building an Insider Threat Program
• Insider Risk Management: Measures of Effectiveness
• Insider Risk Management Measures of Effectiveness Certificate Examination

Please note that the two eLearning courses will be assigned immediately upon the purchase of a certificate package. The eLearning courses must be completed prior to the delivery date of the instructor-led course delivery that you chose to attend.

This three-day, instructor-led course develops the skills and competencies needed to assess an organization's insider threat prevention, detection, and response capabilities; evaluate the effectiveness of formal insider threat and insider risk management programs; identify the maturity of an organization's insider risk management processes and practices; and develop tailored metrics for various aspects of insider threat and insider risk management program operation.

This training is based on the work of CERT Division researchers at the Software Engineering Institute (SEI). SEI researchers have been studying insider threats since 2001 in partnership with the U.S. Department of Defense (DoD), the Department of Homeland Security (DHS), the U.S. Secret Service (USSS), other federal agencies, the intelligence community, private industry, academia, and the vendor community.

Course participants will learn how to apply the SEI's Insider Threat Vulnerability Assessment (ITVA), Insider Threat Program Evaluation (ITPE), Insider Risk Management Program Evaluation (IRMPE), and Goal, Question, Indicator, Metric (GQIM) methodologies to achieve their insider threat and insider risk management measurement objectives. This suite of methodologies provides reference models derived from over 20 years of research, experience building insider threat programs across both public and private sectors, and detailed knowledge of the strategies that can be used to develop customized metrics for numerous applications within insider risk management.

Successful completion of this course is a requirement for earning the Insider Risk Management Measures of Effectiveness (IRM-MoE) Certificate. (To learn more about the certificate and package pricing for its required courses, please visit this page: Insider Risk Management Measures of Effectiveness (IRM-MoE) Certificate.)

NOTE: If you have previously completed the prerequisite eLearning courses and wish to earn the IRM-MoE professional certificate, you must register for the IRM-MoE Examination. Online registration for the exam is available at Insider Risk Management Measures of Effectiveness Certificate Examination