Insider Threat Specialization
Definitions
SEI-Authorized Insider Threat Vulnerability Assessor is a person who (i) has successfully completed the
applicable SEI authorization process described at
http://www.sei.cmu.edu/certification/opportunities/ITVA, and (ii) is sponsored by an SEI Partner for the
Insider Threat specialization 1.
Assessment Team Member is an Insider Threat Vulnerability Assessment (ITVA) assessor provided by
the SEI Partner organization who will conduct or participate in the assessment activities.
Assessment Client is the organization being assessed. Assessment client staff includes those helping
coordinate the organizational components of the assessment activity and staff who are being
interviewed as part of the assessment.
Assessment Participant is an individual who is participating in an ITVA. This includes both assessment
team members and the assessment client personnel.
Insider Threat Services and Materials
SEI Partner may tailor the Insider Threat Vulnerability Assessment templates, logistic forms , and preassessment instructions as instructed in the ITVA Assessor Training course. SEI Partner shall not change
any other Insider Threat materials, printed or electronic, unless agreed to by the SEI in advance. SEI
Partner may add supplementary, SEI Partner‐developed materials clearly designated as such.
Supplementary material should not be used to replace SEI-supplied material. SEI Insider Threat materials
and templates are provided in the download file (ITVA Toolkit) on the Partner Resource Center at
https://partner-resources.sei.cmu.edu/.
Any materials marked as “Licensed materials for Insider Threat Vulnerability Assessment Assessor use
only” may be shared only with Authorized or Candidate ITVA Assessors.
Materials and Use Restrictions
1
Materials
Present, display or share
with Assessment Team
Members
Present, Display or
share with Assessment
Client
Tailor in support
of conducting the
ITVA Process
Planning and Participant
Briefing Slides
May present, display or
share (electronic and
hard copies of)
completed briefings
and raw templates
May present, display
or share (electronic
and hard copies of)
completed briefings
but not raw templates
Per the
Instructions
provide in ITVA
Training
Sponsored by an SEI Partner means the person completing the ITVA Assessor training certificate program is a
member of the SEI Partner organization or is sponsored by them to do the assessment work.
Materials
Present, display or share
with Assessment Team
Members
Present, Display or
share with Assessment
Client
Tailor in support
of conducting the
ITVA Process
7 Workbooks
May provide electronic
and hard copies of
workbooks
May present, display or
share (electronic and
hard copies of)
completed form and
raw templates
No
No
May present, display
or share (electronic
and hard copies of)
form but not raw
templates
Per the
Instructions
provide in ITVA
Training
May present, display or
share (electronic and
hard copies of)
completed form and
raw templates
May present, display
or share (electronic
and hard copies of)
form but not raw
templates
Per the
Instructions
provide in ITVA
Training
ITVA Data Collection Plan May present, display or
Template
share (electronic and
hard copies of)
completed form and
raw templates
No
Per the
Instructions
provide in ITVA
Training
Initial List of Documents
to be Sent Template
May present, display
or share (electronic
and hard copies of)
completed form
including raw
templates
May present, display
or share (electronic
and hard copies of)
form but not raw
templates
Per the
Instructions
provide in ITVA
Training
Pre-Assessment Package
 Pre-assessment
Worksheet
 Instructions Template
 Cover page template
May present, display or
share (electronic and
hard copies of) forms
and documents but not
raw templates
May present, display
or share (electronic
and hard copies of)
form and documents
but not raw templates
Per the
Instructions
provided in ITVA
Training—only
cover page and
instructions can
be tailored, not
the preassessment
worksheet.
References
 Assessment Task List
 Assessment
Workflow Diagram
 ITVA Roles,
Responsibilities, KSA
May present, display or
share (electronic and
hard copies of) But not
raw templates
No
No
Logistics Form
ITVA Schedule Template
Materials
Present, display or share
with Assessment Team
Members
Present, Display or
share with Assessment
Client
Tailor in support
of conducting the
ITVA Process
Joint Assessment Tool
(JAT)
May provide electronic
version of the JAT—to
each assessment team
member.
No
No
ITVA Toolkit Readme
May present, display or
share (electronic and
hard copies of) But not
raw templates
May provide electronic
or hard copy of report
template for textual
information. SEI creates
the report matrix
containing all scores for
each capability. Raw
template for matrix and
scores is not provided.
No
No
May provide
electronic or hard
copy of completed
report but not raw
templates
Per the
Instructions
provide in ITVA
Training
ITVA Final Report in
Adobe PDF format
Data Submission Requirements
SEI Partners must follow the Insider Threat Data Submission procedures provided in the download files on
the Partner Resource Center at https://partner-resources.sei.cmu.edu/.
Quality Assurance
The SEI may perform random reviews of SEI Partner-delivered services at the discretion of the SEI. The
SEI shall notify the SEI Partner if an on-site review will be performed and schedule with the SEI Partner a
time for such review to occur. SEI Partner shall not be responsible for any expenses incurred by SEI in
performing any review. After an on-site review, the SEI shall provide a written evaluation to SEI Partner,
which may include recommended actions and mitigation plan. The SEI may perform subsequent random
reviews in its discretion.
The SEI may provide an action and mitigation plan for SEI Partner’s SEI-Authorized Insider Threat
Vulnerability Assessors. If the action and mitigation plan indicates that an additional SEI onsite review is
required, the SEI Partner is responsible for any expenses incurred by SEI performing such review.