1. Help Center
  2. Reporting & Analytics

What's included in my Executive Summary?

The executive summary provides an overall program grade, a trending direction, and quick stats to back it all up. It is the best place to view a quick summary of your security training program.

Summary

A brief explanation of any change in your company's security training progress. This explanation will include letter grade changes from last month, reasons for any grade adjustments, and some information about how many people were actively trained during this last period. 

Detailed Report Card

This section breaks down phishing simulation and training content into subsections, each with its own grades. Each subsection highlights a key area of the platform that factors into your company's security training program's health.

Phishing

Phishes Reported*—is the number of phishing attempts reported over the last month for monthly campaigns or month-to-date in the case of weekly campaigns. The fraction listed here is the number of phishing attempts reported/number of phishing attempts sent. The more phishing attempts reported, the better the grade.

Phishes Clicked — is the number of phishes clicked over the last month for monthly, or month-to-date in the case of weekly campaigns. The fraction listed here is the number of phish clicks/number of phishes sent. The lower the clicks the better the grade.

Learning Moments Completed — is the number of clicked phishes that have been reviewed by the users that clicked them. This fraction is the number of reviewed phishes/number of phishes that have been clicked. While it isn't great that users are clicking phishes this is a moment for them to learn from their mistakes. The more reviewed phishes the better the grade.

* Phin's Outlook phishing button is now available to all Phin Partners!

Training

Courses Completed — is the number of courses that have been completed over the last month for monthly, or month-to-date in the case of weekly campaigns. This fraction is the number of courses completed / the number of courses that were sent out. The more complete courses, the better the grade.

Overall Program Grade

This grade combines the grades assigned to each of your company's security training program subcategories. This overall grade indicates the health of your program along with its trending direction.

Note: N/A scores do not affect the overall grading.

Executive Summary Grades

Throughout the month, the subsection grades are considered in progress and will display an NA. However, while in progress, ongoing analytics will show the current status of your company's running campaigns. You'll see this data in our Weekly Performance Report Executive Summary.

After each month, these subsection grades are officially stored and used to calculate the overall program grade for that month. This data provides a quick glance into your SAT program and is then populated into our Monthly Performance Report Executive Summary (example above).

Grading Rubric

Currently, we use a basic grading rubric for the three available subsections on our detailed report card, Courses Completed, Phishes Reported*, Phishes Clicked, and Learning Moments Completed. The table below shows the ranges for each subsection grade. Descriptions of these subsections can be found in this article under Detailed Report Card.

Subsection Subsection Grade Min % Max %
Courses A 90 100
Courses B 80 89.99
Courses C 70 79.99
Courses D 60 69.99
Courses F 0

59.99

Reported Phishes A 90 100
Reported Phishes B 80 89.99
Reported Phishes C 70 79.99
Reported Phishes D 60 69.99
Reported Phishes F 0 59.99
Reported Phishes* NA 0

0

Clicked Phishes

A 0 10
Clicked Phishes B 10.01 20
Clicked Phishes C 21.01 30
Clicked Phishes D 30.01 40
Clicked Phishes F 40.01 100
Learning Moments A 90 100
Learning Moments B 80 89.99
Learning Moments C 70 79.99
Learning Moments D 60 69.99
Learning Moments F 0 59.99


These scores are based on industry averages and Phin Security analytics. As these things continue to evolve, so will our grading rubric. Our goal is to continue providing insights that help improve your program performance, as well as your overall experience.

Executive Summary Edge Cases

Phishes Clicked Edge Case — Sometimes, you might see a positive number in the "Phishes Clicked" or "Learning Moments Completed" sections of the Executive Summary Report Card when no phishing emails were sent (example in the screenshot below) or a number that is higher than what was sent in the current month. Any stat in which the number representing a completed activity is higher than the number representing an assigned activity (phishing and training sent) means the stat includes activities completed in the current month that were originally sent during a previous month.

Exec_Summ_Edge_Case

Phishes Reported Edge Case #1 —When the Report-a-Phish Button Integration is not set up for a company, the "Phishes Reported" section of the Executive Summary Report Card will always return the grade NA. This does not impact your Overall Company grade. To see monthly grades, follow the steps to connect your Outlook phishing button here

Screenshot 2024-08-01 at 12-55-59 PM-png

Phishes Reported Edge Case #2 —When the "Phishes Reported" number shows more reported phishes than the number of phishes sent, ex: Phishes Reported 15/11, this is due to simulated phishing emails sent in the previous month being reported during the month of the report is aligned to.

  • To re-use the example, if 11 phishing emails were sent in July and all of them were reported in July, as well as 4 phishing emails from June were also reported during the month of July, the July report would show 15 phishing emails reported when only 11 were sent during the month of July.