So as security professionals, most are overly paranoid about external hackers, leaks, etc. I'm looking for ideas on how one would go about testing their own systems, without signs that they were testing them> To give a more concrete example, If i was working in an area with highly sensitive information (government data, Banking data, medical records), and was asked to design the system securing such data, knowing that it needs to be shared among people working in the department. How would I (sneakily) go about exploiting my role, by taking the data and work of the other people and leaking it for instance, all while keeping my job and not getting caught. Ideally I would like it to appear as though someone else was responsible for the testing than me.
Ideas I have:
Bribe someone else to do it for me.
Steal credentials
Some social engineering(Starting rumours that someone is thinking about doing this)
Leave some backdoor in the system (IE using a broken algorithm, or rolling my own crypto and leaving an issue in it) that I can exploit.
All these are fairly obvious methods, are there any more that I'm missing?
I've noticed on rereading this that this came across badly. This is homework, and there's no homework tag on security.stackexchange