This paper presents an assessment tool to help prevent or limit the damage of insider attacks to an organization’s systems, networks, and data. The paper builds on an important US Secret Service/CERT study that makes important recommendations for organizations. The paper also proposes use of the self-assessment as part of an empirical study to determine how well organizations are implementing technical and administrative solutions for addressing insider threats. Recommendations are made for IT, HR, and senior management.