Barracuda PhishLine includes a Risk Assessment survey you can distribute to your users to see how they feel about online security and safety. Based on the results, you can make decisions on how to best address areas with the highest risk.
Some organizations choose to distribute the Risk Assessment survey when they first purchase Barracuda PhishLine to get baseline values for their organization. Then, they will distribute it again periodically to small groups, to see how their organization's risk profile has changed.
For instructions on creating your own Survey, see Creating a Risk Analysis Survey.
The survey is called Risk Assessment Survey - 25, and you can access it from the Training Content or Content Center.
It contains a series of questions, asking the user about their feelings on a variety of online security questions, based on their own thoughts and experiences.
Here are some of the questions included:
The information technology department is solely responsible for protecting our critical data and information systems.
- Strongly agree
- Neither agree nor disagree
- Strongly disagree
Do you copy files or data from the office to your home computer?
Which item is NOT considered Personally Identifiable Information?
- Social Security Number
- Birth Date
- Employee Badge Number
- Driver's License Number
The results help you to weigh the impact and likelihood for risks based on various factors.
Locate the survey results under Education > Risk Analysis.
You can view results based on:
- Element Groups
You can then tailor your training materials to the results. For example, if you see that there are more problems with awareness than with procedures, you can start the training focus on awareness.