Security Self-Assessment Toolkit for Nuclear Materials Facilities: Focus on Insider Threat Mitigation

Theft or sabotage of weapons-usable nuclear materials is a global concern. To minimize this threat, establishing and maintaining an effective nuclear security regime is required to protect against criminal or other negligent acts. Use of a formalized insider threat mitigation program is one such security measure. Individuals who have or held authorized access to an organization's critical assets, such as nuclear materials, are considered "insiders." Insider threats, or insider adversaries, are motivated individuals who possess access, authority, and knowledge to conduct a malicious act or facilitate that of an external party. To thwart insider threats (both intentional and unintentional), organizations can formalize an enterprise-wide approach to identify and mitigate the unique risks presented by insiders. This report provides an approach to evaluate an insider threat mitigation program at facilities with nuclear materials. Formal program evaluations serve many purposes and can be designed using several different methods and techniques. This report presents a self-assessment approach to program evaluation whereby an organization can assess its strengths, identify key gaps, and set priorities for ongoing improvement efforts to mitigate insider threats. Results of the self-assessment can provide critical information to contribute to the continuous improvement of an organization’s insider threat mitigation program within eight specific domain areas.