Insiders

• Employees, board members, and other internal team members who have legitimate access to information and/or information technology.

• Complexity: Insiders typically have special knowledge of internal controls that are unavailable to outsiders, and they have some amount of access. In some cases, they perform only authorized actions - as far as the information systems have been told. They are typically trusted and those in control often trust them to the point where placing internal controls against their attacks are considered offensive.

Previous slide

Next slide

Back to first slide

View graphic version