Business reports and user reports

A business report includes campaign statistics for the modules (training, phishing) for which an organization has a subscription. Reports include data for in-progress and completed campaigns.

Business reports are generated monthly and quarterly. Monthly reports are generated the first three days of the following month and quarterly reports are generated the first three days of the following quarter.

The months included in each quarterly report are:

• Q1: January, February, and March
• Q2: April, May, and June
• Q3: July, August, and September
• Q4: October, November, and December

The type of information included in the monthly and quarterly reports is the same, the only difference is the time frame the data represents. The sections that comprise each report are described below.

Summary

The Summary section shows Phishing Simulation campaign statistics on the left side and Training & Awareness campaign statistics on the right side.

The Phishing Simulation campaign heading identifies the number of phishing campaigns that were conducted and the number of emails that were sent during the report time frame.

The Training & Awareness campaign heading indicates the number of training campaigns that were conducted and the number of trainings that were assigned during the report time frame.

Below each heading, the percentage for each status is conveyed. Statistics for the current time frame are presented in the top bar for each status, while the bottom bar shows results from the previous time frame. The amount the status has changed (percentage) from the last monthly or quarterly report is shown as well.

The legend at the bottom of the section indicates the months in the current time frame and the months from the previous time frame.

EXAMPLE  Monthly business report example

EXAMPLE  Quarterly business report

Status descriptions

The phishing status values are described below:

• No Action taken: The percentage of users who did not open the phishing campaign emails they received.
• Opened Email: The percentage of users who opened the phishing campaign emails but did not click any links (i.e., landing page link, attachment).
• Clicked Link: The percentage of users who opened the phishing campaign emails and clicked a link (i.e., landing page link, attachment).
• Submitted Data: The percentage of users who opened the phishing campaign emails, clicked the link to the landing page, and submitted data (e.g., login credentials).

NOTE  On the phishing landing page, if a user clicks any link other than the submit button, the status of the clicked link is not tracked. The submit button is the only link tracked.

The training status values are described below:

• No Action taken: The percentage of users who did not open the training campaign emails they received.
• Incomplete: The percentage of users who did not complete the training course.
• Failed: The percentage of users who finished the training course but failed.
• Passed: The percentage of users who finished the training course and passed.

Phishing Simulation Details

The data in the Phishing Simulation Details section helps your organization identify and measure the phishing attack vulnerability level within your organization.

In addition to displaying the percentage for each status, the graph identifies the number of users for each status, as shown in this monthly report example.

In this section, status statistics are broken down and displayed at the campaign level. The Campaigns column lists the campaign name and kit name for each campaign. Also, the groups for which the campaign applies are identified.

Phished Users

The Phished Users section lists the users that either opened the phishing email, clicked a link, or submitted data.

Training & Awareness Details

The information in the Training & Awareness Details section helps your organization track training compliance and identify courses where employees may have had difficulty.

In addition to displaying the percentage for each status, the graph identifies the number of users for each status, as illustrated in this quarterly report example.

Status statistics are broken down and displayed at the campaign level. The Campaigns column lists the campaign name and course name for each campaign. The groups for which the campaign applies are identified as well.

Users by Risk Level

This section lists each user by status.

A user report contains campaign status information for each user to which a campaign applies. The report data is based on campaigns that were in progress or completed during a selected date range. Separate phishing and training user reports can be generated and downloaded as a CSV file.

The first and second columns in a user report identify the names and email addresses of each target, respectively. The user's role in the organization is displayed in the Position column. A column is displayed for each campaign in the report. Each campaign column heading identifies the name of the phishing kit or training course, the campaign name, and the date & time the campaign was created. The time zone is abbreviated (e.g., PST) if an abbreviation exists. If there is not an abbreviation, the full name of the time zone is displayed.

EXAMPLE  User report

NOTE  The training user report includes a Completion Rate column, described in the Training report section below.

Phishing report

Campaign status values

A phishing report includes the campaign status for each target. The status values are:

• Sent: The phishing campaign email was sent to the user but the user did not open it.
• Email Opened: The user opened the phishing campaign email but did not click any links (i.e., landing page link, attachment).
• Clicked Link: User opened the phishing campaign email and clicked a link (i.e., landing page link, attachment).
• Submitted Data: User opened the phishing campaign email, clicked the link to the landing page, and submitted data (e.g., login credentials)

NOTE  A hyphen (-) indicates the user was not a target in the campaign.

EXAMPLE  Phishing user report

Training report

Campaign status values

A training report contains the campaign status for each target. The status values are:

• Sent: The training campaign email was sent to the user but the user did not open it.
• Opened Email: The user opened the training campaign email but did not click the link to the training portal.
• Opened Training: The user opened the training campaign email, clicked the link to the training portal, and opened the training course.
• Completed Training: The user opened the training campaign email, clicked the link to the training portal, and finished the training course with a Completed or Failed status.

Completion Rate column

The Completion Rate column displays the percentage of training courses a user has completed out of the total number of courses for which the user has participated.

A course is considered completed when the user has passed or failed the course.

A user is considered to have participated in a training course under the following statuses: Not Sent (user can still access the course in the portal), Sent, Opened Email, Opened Training, Pending Resend.

A user's completion rate is calculated by dividing the total number of courses completed by the total number of courses participated, then multiplying the result by 100%.
Completion rate = (# of courses completed / # of courses participated) * 100

EXAMPLE  Tom is assigned 10 training courses. He passes seven courses, fails two, and has one incomplete course. Tom has completed a total of nine courses out of the total of 10 in which he has participated. The formula to calculate his completion rate is (9 / 10) * 100.

9/10 = .9
.9 * 100 = 90
Tom's completion rate is 90%.

NOTE  A hyphen (-) indicates the user was not a target in the campaign.

EXAMPLE  Training user report

In the Reporting module, you can automate the creation and delivery of reports. For more information, see the article Automate business reports and user reports

1. In the navigation menu, select Reporting > Export Report.
2. The Business tab is selected automatically.
3. In the SMB organization list, select an organization.
   
   
4. If necessary, click the navigation arrows to select the year desired.
   
   
5. To download a monthly or quarterly report, click its Download link.
   
   

NOTE  Business reports are exported in PDF format only.

1. In the navigation menu, select Reporting > Export Report.
2. Click the User tab.
3. In the User Reports section:
   1. In the Organization list, select the applicable organization.
      
      
   2. In the Date Range field, do one of the following:
      • Select From and To dates on the calendar or enter the dates manually.
        
        
      • Select a Date within option.
        
        
        
        

      NOTE  The user report will include data for all campaigns that were in progress or completed during the selected date range.

   3. Click Apply.
      
      
4. In the Report Contents section, select the check box for the type of user report, Phishing and/or Training, you want to export.
   
   

NOTE  If you select Phishing and Training, a separate user report will be generated for each.

5. Click the Generate button.

6. The reports are listed in the Report Log table. The Status field shows the report is Generating.
   
   
   
   
7. Click the Refresh button or reload the page and the Status field should indicate Completed.
   
   
8. Hover in the far right column for the report and click the Download icon.
   
   

NOTE  A user report is available exclusively to the user that generates it. Six months after a report is generated, it is automatically deleted.