CISA recently released the “2024 U.S. Federal Elections: The Insider Threat Guide,” which includes two “Insider Threat Reporting Templates” that are widely applicable across the critical infrastructure community. CISA is releasing these templates as standalone products, to help organizations manage the risk of insider threats.

The “Insider Threat Reporting Templates” are two fillable-PDF forms that stakeholders can incorporate into their organizations’ insider threat mitigation program, with the intent of helping streamline reports of suspicious activity in the workplace, which may be indicative of a potential insider threat.

• Workplace Reporting Form: Allows individuals to report concerns related to a potential insider threat to the appropriate point of contact within their organization. This form features a “submit” button that stakeholders can edit to auto-generate an email to an inbox in their organization which they designate, such as a security office or human resources.
• Workplace Investigative Form: Designed to help organizations document possible insider threat incidents and determine appropriate next steps, including, but not limited to, review by an organization’s Threat Management Team, referral to law enforcement, or other follow-on actions as necessary to protect the organization and its employees.

The “User Guide” provides additional information on the functionality and use of the forms, including how to edit the “submit” function on the Workplace Reporting Form. This function should be set up before an organization makes the form available to its employees to ensure reports are routed to the appropriate inbox. CISA notes, these forms are designed for an organization's internal use. CISA does not collect any information from stakeholders who use these forms, and they are not for reporting information to CISA. Access the full templates and the User Guide at CISA.