Description: The "Preserving Investigative and Operational Viability in Insider Threat" course equips Insider Threat Program Management and/or Operations personnel with the knowledge, skills, and abilities required to appropriately manage incident response and other Insider Threat Program actions within the scope of their authority; to properly handle evidence and apply chain of custody; to properly identify and report exculpatory information; to appropriately report and refer insider threat information; and to understand the consequences of poorly executed insider threat response.

Course Resources: Access this course's resources

Learning Outcomes: After completing this course, learners will be able to:

  • Indicate the responsibilities of an Insider Threat Program in preserving investigative and operational viability when taking Insider Threat Program actions
  • State the purpose and requirements of reporting and referring insider threat matters
  • Identify and define the actions counterintelligence and law enforcement take upon referral of insider threat matters
  • Describe the consequences of improperly handling insider threat response actions, referrals, or information
  • Explain the principles behind the proper handling of unclassified and classified evidentiary material

Delivery Method: eLearning

Length: 60 minutes

Target Audience: The target audience for this training is individuals working as Insider Threat Program Management and Operational Management. This includes the Insider Threat Program Manager and any of those subject matter experts designated to coordinate their support of the organization’s insider threat program.

Number of Students Per Course: N/A


  • Clearance Requirement: N/A
  • Attendance Requirement: N/A
  • Exam Requirements: Students must pass the exam with a score of 75% or greater to receive a certificate of completion.

Reference: Executive Order 13587, DoD Directive 5205.16, The DoD Insider Threat Program; and DoDM 5220.22-M, National Industrial Security Program Operating Manual, Change 2

Prerequisites: Insider Threat Awareness INT101.16 AND Establishing an Insider Threat Program for your Organization INT122.16

Credit Recommendations/Earned:

  • ACE Credit Recommendation: (What's this?): N/A
  • Continuing Education Units Per IACET: N/A
  • Professional Development Units per SPeD: N/A

Additional System Requirements: Check if your system is configured appropriately to use STEPP.

CDSE courses are intended for use by Department of Defense and other U.S. Government personnel and contractors within the National Industrial Security Program.