Our consultancy practice helps organisations design, implement and strengthen their insider risk management programme. The correct programme set-up is key to the sustainability and effectiveness of the programme as well as its acceptance by employees. We emphasise an approach that is holistic in its coverage, preventative in its focus, and efficient in its implementation.
We provide you with tailored advice to your organisation’s specific context from our insider risk experts:
Insider Risk Management
We approach insider risk management as a journey with four different stages:
Assessment: To understand where you need to go, you must first know where you stand. This is why the first step in establishing an insider risk programme starts with an insider risk assessment, including a maturity assessment of countermeasures as they are implemented in the organisation. The risk assessment can provide a tool for presentation to the board and function as a starting point for the roll out of the strategy and road map of the insider risk management programme. Gaining the explicit support of one or more members of senior leadership is critical, enabling resources and wider organisational adoption.
Strategy and Roadmap: The correct programme set-up is key to the sustainability and effectiveness of the programme as well as its acceptance by employees. We help you find a stakeholder and governance model appropriate for your organisation. This requires a cross-functional solution and the communication and embedding process needs to start early.
Programme implementation: The cross-functional and holistic nature of the insider risk programme will impact numerous processes, policies and people. Some will resist the change, jeopardising the gains earned from its establishment elsewhere. Based on our experiences with these dynamics in setting up insider risk programmes we can support you in different ways to ensure a successful implementation.
Continued guidance: Once the insider risk programme has been implemented, insider risk management needs to be embedded within the regular business processes. We help equip organisations to work towards this stage in all steps of the way. Some organisations prefer external expertise to manage their insider risks. In such situations we offer this ‘insider risk management as-a-service’.
Apart from developing an insider risk programme with you, we can help you with the following specific solutions:
Case management support: We can help youdevelop runbooks for case management in order to have a standardised unbiased process in place, provide case management training to professionals (see also our training section) or assist professionals in the management options and processes throughout the case management process.
Coaching for insider risk professionals: The role of insider risk manager is not without its challenges. Our cross industry, organisation and departmental experience and insider risk management expertise can help you along your journey through our coaching offering. This can be organised on a recurring or ad hoc basis, whatever is needed for you to be able to progress in your role.