An insider is any person holding authorised access to or knowledge of an organisation’s resources, including personnel, facilities, information, equipment, networks, and systems. Access and knowledge may stem from a current or past relationship with the organisation.

Examples of an insider may include a person:

• the organisation trusts, including employees and other organisation stakeholders e.g. Part-time employee

• supplied a computer and/or network access e.g. Charity Volunteer

• active in the development of an organisation’s products and services e.g. Marketing Agency

• who is knowledgeable about the organisation’s fundamentals e.g. Auditor

• who is knowledgeable about the organisation’s business strategy, goals and future plans e.g. Director