U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

  1. Home
  2. Irmpo

Guide to Insider Risk Concerns & Considerations During Lapse in Appropriation

Guide to Insider Risk Concerns & Considerations During Lapse in Appropriation

The Insider Risk Management Program Office (IRMPO) is dedicated to enhancing our Department's resilience during periods of appropriation lapses by equipping our personnel with the necessary tools and knowledge to safeguard our organization against insider risks.

Unique circumstances surrounding a lapse in appropriation can create conditions conducive to potential compromise and exploitation of our staff. In an effort to mitigate these conditions, the IRMPO has developed a Guide to Insider Risks and Considerations During a Lapse in Appropriation to help ensure the integrity of our Department remains uncompromised during these challenging times.

Observable Potential Risk Indicators

  • Access Attributes
  • Professional Lifecycle and Performance
  • Security & Compliance
  • Technical Activity
  • Allegiance
  • Financial Considerations
  • Personal Conduct
  • Substance Abuse
  • Criminal Conduct
  • Foreign Considerations

Potential Risk Indictors: Individuals at risk of becoming insider threats, and those who ultimately cause significant harm, often exhibit warning signs, or indicators. Potential Risk Indicators include a wide range of individual predispositions, stressors, choices, actions, and behaviors. Some indicators suggest increased vulnerability to insider risk; others may be signs of an imminent and serious threat.

Financial Stress

The Concern: The financial strain caused by a lapse in appropriation can make our employees susceptible to external threats, including offers of bribes or financial incentives from entities seeking to exploit our vulnerabilities. Additionally, predatory payday lenders may target employees facing financial hardships.

Considerations: Be attentive to signs of financial stress among our colleagues and provide support where possible. Additionally, we must reinforce security awareness and the importance of reporting any suspicious financial offers or pressures.

Employee Assistance Program: The Employee Assistance Program (EAP) is designed to address individual, team, and organizational problems. Services include counseling and support services for a multitude of issues including financial and legal issues.

To Access the EAP: Employees can call 1-800-222-0364 to receive counseling services 24 hours a day, 7 days a week.
 

Frustration and Discontent

The Concern: A lapse in appropriations often breeds frustration and discontent among employees, particularly those on furlough. This dissatisfaction can escalate to risky or malicious behaviors thus increasing security risks to our Department.

Considerations: Prior to a lapse in appropriations occurring, open channels of communication are essential. Actively engage with team members, addressing their concerns and frustrations. It's crucial to foster an environment where employees feel heard and valued, reducing the likelihood of risky behaviors emerging.

Reduced Oversight

The Concern: The reduced staffing levels during a lapse in appropriations can lead to limited oversight, making it easier for insiders to engage in malicious activities without detection

Considerations: Prioritize supervisory control and monitoring during these times. It is vital to ensure robust access controls and vigilant monitoring are in place. 

Increased Access to Sensitive Information

The Concern: Some employees may gain temporary access to sensitive data or systems during a lapse in appropriations to maintain excepted functions. Inadequate access controls can increase the risk of unauthorized access and data breaches.


Considerations: Carefully manage access permissions during a lapse in appropriation, ensuring that only authorized personnel have access to sensitive data. Monitoring for unusual or unauthorized access attempts is essential.
 

Social Media and Recruitment Vulnerabilities

The Concern: Employees' social media profiles may reveal their financial hardships, creating opportunities for exploitation by foreign intelligence entities and the private sector.

Considerations: Promote responsible social media use among employees. Raise awareness about the potential for exploitation and encourage reporting of suspicious interactions

Additional Considerations for Addressing the Challenge

Automated Email Alerts: Implement automated email alerts from our OCIO/ESOC using data loss prevention(DLP) tools to identify emails with attachments, security classification markings, and access to cloud-based drives for outgoing data traffic to non-.gov/.mil accounts.

Employee Education: Provide clear guidance to our workforce on appropriate actions during a lapse in appropriations, emphasizing the importance of reporting financial hardships, foreign contacts, or outside employment. Educate employees about the risks of posting personal financial struggles on social media.

Report: (202) 482-1000 or [email protected]