![logolimanobkg-1.png]](https://help.easyllama.com/hs-fs/hubfs/logolimanobkg-1.png?height=40&name=logolimanobkg-1.png){kind=small}
What the Risk Analysis Report Analyzes
Organization profile inputs
- Current security awareness level
- Tooling and software in use across the company
- Industry and relevant risk context
Key risk dimensions
- Likelihood of phishing susceptibility across employee populations
- Potential impact and estimated cost of a single breach event
- Program maturity indicators and areas for improvement
How the Analysis is Tailored
Your results are generated from the variables you set during onboarding and in settings. Update tools, software, or profile details at any time under Settings and regenerate the report to keep insights current. This may also update the recommended email templates, depending on your updates.
Where to Find the Risk Analysis Report
The Risk Analysis Report can be found under Phishing Simulator > Campaigns. You can see a high-level overview of your organization’s risk factors on the Campaigns tab - to get an in-depth analysis, click View Full Analysis.
Inside the Risk Analysis Report
Organization Profile
- Company profile including employee count, communication tools, and industry
Risk Analysis
- Estimated percentage of employees likely to fall for phishing attempts
- Breach cost modeling to quantify potential business impact
Key Observations
- Risk observations based on your company’s profile
Human Risk Indicators
- Percentage of employees who may fall victim to phishing attacks
- Potential cost of a data breach
Business Impact of Ongoing Security Awareness Training
- Expected reductions in risk with recommended phishing awareness campaigns
- Evidence-backed outcomes sourced from credible research
Security Awareness Program Next Steps
- This section contains a a simple five-step rollout plan to launch and mature your phishing simulation program
Using the report with stakeholders
The Risk Analysis Report is designed to be shared and revisited as your program matures so you can communicate value and track progress. Use these features, found at the top-left of the analysis, to keep it current and share a report with stakeholders.
Shareable PDF
- Click Export to generate a polished PDF to share with executives, security leaders, and cross-functional partners
Track progress over time
- Click the ellipsis menu (⋮) > Re-generate to run the analysis after making changes to tooling, processes, or training cadence to measure improvement under the Settings tab
- Click Latest Version drop-down to view previously generated versions
Five-step rollout plan
- Set baseline
- Confirm current awareness level and key tools in use
- Adjust for any changes, as needed, under the Settings tab
- Launch foundational training
- Start with core phishing awareness and essential best practices
- Run targeted simulations
- Tailor campaigns by department and risk profile for realistic exposure
- Coach and reinforce
- Provide just-in-time guidance and follow-up microlearning
- Measure and iterate
- Review indicators quarterly and refine campaigns based on results
FAQs
Q: Who should use the Risk Analysis Report?
A: Security, IT, People Ops, and team leaders who need clear visibility into human risk and program impact
Q: How often should we regenerate the report?
A: At least quarterly, and any time you add or change critical tools or processes
Q: Can the analysis adapt to different industries?
A: Yes. Industry context is part of the inputs used to calibrate risk and recommendations
💡Remember: Keep your analysis current.
Any time your environment changes, update settings and regenerate the report to ensure your indicators and recommendations reflect your latest reality.