Skip Ribbon Commands
Skip to main content

Global Technology Audit Guide: Auditing Insider Threat Programs
Recommended Guidance

GTAG Auditing Insider Threat ProgramsThis GTAG helps internal auditors understand insider threats and related risks by providing an overview of common dangers, key risks, and potential impacts. Additionally, the guide defines key terms in the insider threat universe, and presents security frameworks, techniques, considerations, and resources that can help during the planning and execution of audit engagements.

By becoming aware of insider threats and the associated risks and by learning about insider threat programs, internal auditors have a tremendous opportunity to add value by helping their organizations strengthen governance, risk management, and control processes.

Topics include:

  • How to better understand insider threats and guidance for practical audit considerations.
  • Ways to assess and prioritize insider threats in audit planning.
  • How to increase collaboration with management.
  • Ways to champion the communication of insider threats to management and the board.

Downloads and Links

Non-members may purchase this GTAG from the IIA Bookstore.

An updated edition of the International Professional Practices Framework (IPPF) guide, more commonly known as the Red Book, is now available. Visit the IIA Bookstore for more information.