Hi all,

I would like to do an assessment on our control environment to mitigate risk associated with insider threats. 

Can someone recommend a control framework to use for this or have a template they are willing to share?

Thanks