![logolimanobkg-1.png]](https://help.easyllama.com/hs-fs/hubfs/logolimanobkg-1.png?height=40&name=logolimanobkg-1.png){kind=small}
What the Risk Analysis Report Analyzes
Organization profile inputs
- Current security awareness level
- Tooling and software in use across the company
- Industry and relevant risk context
Key risk dimensions
- Likelihood of phishing susceptibility across employee populations
- Potential impact and estimated cost of a single breach event
- Program maturity indicators and areas for improvement
How the Analysis is Tailored
Results are generated from the variables set during onboarding and in settings.
Tools, software, or profile details may be updated at any time under Settings, then regenerate the report to keep insights current.
Depending on the updates made, updating the settings may also update the recommended email templates.
Where to Find the Risk Analysis Report
The Risk Analysis Report is available under Phishing Simulator > Campaigns. It provides a high-level overview of organizational risk factors on the Campaigns tab, and a full, in-depth analysis is available by clicking. View Full Analysis.
Inside the Risk Analysis Report
Organization Profile
- Company profile, including employee count, communication tools, and industry
Risk Analysis
- Estimated percentage of employees likely to fall for phishing attempts
- Breach cost modeling to quantify potential business impact
Key Observations
- Risk observations based on your company’s profile
Human Risk Indicators
- Percentage of employees who may fall victim to phishing attacks
- Potential cost of a data breach
Business Impact of Ongoing Security Awareness Training
- Expected reductions in risk with recommended phishing awareness campaigns
- Evidence-backed outcomes sourced from credible research
Security Awareness Program Next Steps
- This section contains a simple five-step rollout plan to launch and mature your phishing simulation program
Using the report with stakeholders
As the program matures, the Risk Analysis Report is designed to be shared and revisited to communicate value and track progress. Use these features to keep a current report that can be shared with stakeholders.
Shareable PDF
- Click Export to generate a polished PDF to share with executives, security leaders, and cross-functional partners
Track progress over time
- Click the ellipsis menu (⋮) > Re-generate to run the analysis after making changes to tooling, processes, or training cadence to measure improvement under the Settings tab
- Click Latest Version drop-down to view previously generated versions
Five-step rollout plan
- Set baseline
- Confirm current awareness level and key tools in use
- Adjust for any changes, as needed, under the Settings tab
- Launch foundational training
- Start with core phishing awareness and essential best practices
- Run targeted simulations
- Tailor campaigns by department and risk profile for realistic exposure
- Coach and reinforce
- Provide just-in-time guidance and follow-up microlearning
- Measure and iterate
- Review indicators quarterly and refine campaigns based on results
FAQs
Q: Who should use the Risk Analysis Report?
A: Security, IT, People Ops, and team leaders who need clear visibility into human risk and program impact
Q: How often should we regenerate the report?
A: At least quarterly, and any time you add or change critical tools or processes
Q: Can the analysis adapt to different industries?
A: Yes. Industry context is part of the inputs used to calibrate risk and recommendations
💡Remember: Keep your analysis current.
Any time your environment changes, update settings and regenerate the report to ensure your indicators and recommendations reflect your latest reality.