Skip to content
English
  • There are no suggestions because the search field is empty.

User does not meet security awareness requirements

Associated with

Inboxes

Underlying signals

Awareness User Untrained (RS36), Awareness High Risk user (RS37)

Reasonings

  • Regular user, and
    • Any user that is present in a security awareness connection
  • RS36: Has training results within the last 6 months, and
    • Any user that does not have training results would be ignored, as we base “undertrained” as failing or not completing assigned trainings
  • RS36: Has failed to complete more than 33% of assigned trainings, or
    • Example: If a user has been assigned 6 trainings and has failed to complete more than 2, the event would be present
  • RS36: Has completed and failed more than 0% of assigned trainings, or
    • Example: If a user has been assigned 6 trainings and has completed and failed at least one of them, the event would be present
  • RS37: Has recent phishing simulation tests, and
  • RS37: Has failed at least one of the phishing tests
    • The user would have to click a phishing link in a phishing simulation test

Resolutions

  • Assign additional trainings to reduce the percentage of incompletions or failures

Additional Considerations

  • If RS36 or RS37 is present it will trigger the event, some compliance events take input from multiple risk signals
  • For clients not associated with a warranty, the Cork Partner can request Cork to change the thresholds for:
    • Training lookback period (default is 6 months)
    • Incomplete training percentage (default is 33%)
    • Failed training percentage (default is 0%)