To protect your company from insider threat, you'll need to exceed minimum Conforming Change 2 compliance. Start by asking these 5 questions:

Source: Compliance Is For Suckers: 5 Questions DSS Won't Ask About Your Insider Threat Program (But You Should)