The Cybersecurity and Infrastructure Security Agency (CISA) has just published an assessment guide, the Insider Risk Mitigation Program Evaluation (IRMPE): Assessment Instrument, for critical infrastructure operators, local governments, and other organizations to gauge their vulnerability to an insider threat attack. The tool is a fitting addition to the resources highlighted during National Insider Threat Awareness Month, which concludes today. Insider threats pose a significant risk for every organization and therefore utilizing this tool is a proactive way to mitigate your organization’s risk exposure. The self-assessment tool is a downloadable PDF with a questionnaire for users to complete, focusing on the areas of Program Management, Personnel and Training, and Data Collection and Analysis. After completing the assessment, users receive scores representing maturity indicators that assess their enterprises vulnerability to insider threats. Additionally, the tool provides recommendations organizations can use to improve their resiliency against insider threats. CISA does not collect any data or personal information entered in the assessment tool. Access the tool at CISA.