Table 9. Insider threat scenario Domain... | Emerald Publishing

Table 9.

Insider threat scenario

Domain	Sub-metric	$s_{i}$	$w_{i}$	$s_{i} w_{i}$
Procedural alignment	Escalation path followed	4	5	20
	IRP referenced during incident	3	5	15
	Deviations justified	4	4	16
Operational execution	Containment-action timing	3	4	12
	Task coverage	2	4	8
	Execution accuracy	4	5	20
Infrastructure integration	Tool-usage effectiveness	3	4	12
	Tool alignment to IRP	2	3	6
	Inter-tool visibility	3	3	9
Coordination and comms	Role clarity	4	5	20
	Decision flow	3	5	15
	Communication logging	3	4	12
Post-incident follow-through	Root-cause analysis	3	3	9
	Lessons learned	2	3	6
	IRP updated post-simulation	1	3	3
Totals			Σ $w_{i}$ = 60	Σ $s_{i} w_{i}$ = 183

Domain	Sub-metric	$s_{i}$	$w_{i}$	$s_{i} w_{i}$
Procedural alignment	Escalation path followed	4	5	20
	IRP referenced during incident	3	5	15
	Deviations justified	4	4	16
Operational execution	Containment-action timing	3	4	12
	Task coverage	2	4	8
	Execution accuracy	4	5	20
Infrastructure integration	Tool-usage effectiveness	3	4	12
	Tool alignment to IRP	2	3	6
	Inter-tool visibility	3	3	9
Coordination and comms	Role clarity	4	5	20
	Decision flow	3	5	15
	Communication logging	3	4	12
Post-incident follow-through	Root-cause analysis	3	3	9
	Lessons learned	2	3	6
	IRP updated post-simulation	1	3	3
Totals			Σ $w_{i}$ = 60	Σ $s_{i} w_{i}$ = 183

Source(s): Authors’ own work