DOE facilities rely increasingly on computerized systems to manage nuclear materials accountability data and to protect against diversion of nuclear materials or other malevolent acts (e.g., hoax due to falsified data) by insider threats. Aspects of modern computerized material accountability (MA) systems including powerful personal computers and applications on networks, mixed security environments, and more users with increased knowledge, skills and abilities help heighten the concern about insider threats to the integrity of the system. In this paper, we describe a methodology for assessing MA applications to help decision makers identify ways of and compare options for preventing or mitigating possible additional risks from the insider threat. We illustrate insights from applying the methodology to local area network materials accountability systems
