For more information on Infosec IQ grades in general, see Learner Grades.
When a learner is added to Infosec IQ they start out in the middle with a C letter grade. As a learner participates in training campaigns their grade will change depending on actions taken. For example if a learner reports a PhishSim email their grade will go up, but if they click the link in a PhishSim email their grade will go down.
Infosec IQ allows the grading system to be customized so that specific actions can have more or less impact on learner grades. It is typically recommended to make adjustments to the grading scale after running a few campaigns in order to better understand what adjustments are needed. When you make changes to the grading scale, all learner grades will be adjusted retroactively.
Follow these steps to modify your Learner Grading configuration.
- Navigate to Learners > Grades and click the Configure Grading button.
- You’ll be taken to a page that has a list of training actions along with an adjustment slider. Each slider has a scale ranging from -2 to +2. Each whole number represents one whole letter grade change that could occur as a result of the event. If a value is set to 0 then the spcified action will have no impact on the learner’s grade.
- Adjust the sliders for the learner events you wish to change.
- Click Save to update the configuration. Note that it may take up to one hour for grading changes to be reflected on learner records.
- If you previously made changes to the grading configuration, a button will be available labeled Revert to Default. Clicking this will restore all actions to the default values.
Grading Criteria
| Criteria | Definition |
|---|---|
| Most Recent Visit Within 30 Days | Learner has interacted with IQ within the last 30 days. An interaction could be a dashboard visit, module view, phishing education, etc. |
| Most Recent Visit Not Within 30 Days | Learner has not interacted with IQ in the last 30 days. |
| Number of Phished Events | Number of times learner has been phished by clicking a link in or replying to a PhishSim email. |
| Number of Data Entry Events | Number of times learner has entered data into a PhishSim data entry page. |
| Number of Attachments Opened | Number of times learner has opened a PhishSim file attachment. |
| Last PhishNotify Connection Within 30 Days | A learner’s PhishNotify connects to IQ when Outlook is opened or when the PhishNotify Gmail add-on is used. |
| Last PhishNotify Connection Not Within 30 Days | A learner’s PhishNotify has not connected to IQ in more than 30 days. |
| Reported Simulation | A PhishSim email has been reported within the last 30 days. |
| Reported Suspicious | A non-PhishSim email has been reported within the last 30 days. |
| Number of PhishSim Trainings Started | After being phished the learner is prompted to perform follow-up PhishSim training; this tracks how many of these trainings a learner has started. |
| Number of PhishSim Trainings Completed | Tracks how many PhishSim trainings have been completed. |
| Number of AwareEd Training Modules Started | Number of AwardEd modules the leaner has started. |
| Number of AwareEd Training Modules Completed | Number of AwardEd modules the leaner has completed. |
| Number of Module Exercises Completed | Some legacy AwareEd modules contain interactive exercises; this tracks how many of those exercises the learner has completed. |
| Time In Training Less Than 30 Minutes | Lifetime total training time is less than 30 minutes. |
| Time In Training 30 Minutes or Greater | Lifetime total training time is greater or equal to 30 minutes |
| Number of Macros Enabled | Tracks the number of times a learner has enabled macros; only used in PhishSim campaigns created before March 2020. |
| Number of Assessments Passed | Number of AwareEd assessments where the learner completed with a passing score. |
| Number of Assessments Failed | Number of AwareEd assessments the learner completed with a failing score. |
| Number of Replied Emails | Number of times a learner has replied to a PhishSim email. |
| Number of Replied and Matched Emails | The number of times a learner has replied to a PhishSim email with a pattern match (e.g. social security number, credit card number, etc.) Applies only when reply tracking is enabled. |