32 CFR § 2004.24 - Insider threat program.

§ 2004.24 Insider threat program.

(a) Responsible CSAs oversee and analyze entity activity to ensure entities implement an insider threat program in accordance with the National Insider Threat Policy and Minimum Standards for Executive Branch Insider Threat Programs (via requirements in the NISPOM or its equivalent) and guidance from the CSA. CSA oversight responsibilities include, but are not limited to:

(1) Verifying that entities appoint insider threat program SOs;

(2) Requiring entities to monitor, report, and review insider threat program activities and response actions in accordance with the provisions set forth in the NISPOM (or equivalent);

(3) Providing entities with access to data relevant to insider threat program activities and applicable reporting requirements and procedures;

(4) Providing entities with a designated means to report insider threat-related activity; and

(5) Advising entities on appropriate insider threat training for entity employees eligible for access to classified information.

(b) CSAs share with other CSAs any insider threat information reported to them by entities, as lawful and appropriate.