The first part of the template demonstrates outlines the purpose, policies, and demonstrates the contractor understands the ITP requirements. The organization identifies themselves by name and lists the responsibilities of the ITP and positions within that organization. The remainder of the plan should spell out the ITP logistics:
A. Written designation of ITPSO.
B. The ITPSO responsibilities as addressed in NISPOM Change 2. Responsibilities include:
C. Insider Threat Training.
D. Insider Threat Training Records Management.
E. Insider Threat Reporting Requirements. Develop reporting requirements that capture:
You may notice that the above summarization follows the DSS Template, requirements in the NISPOM Change 2, pattern in the Self-Inspection Handbook for NISP Contractors, and other resources. Though not required in particular format, the information DSS is looking for remains consistent. Using the above format may suffice with proper documentation of compliance. Refer to the strategically placed hyperlinks for NISPOM, publications, and downloadable training that can help meet NISPOM and DSS requirements.