[{"data":1,"prerenderedAt":394},["ShallowReactive",2],{"nav":3,"page-\u002Fproduct\u002Fspecs\u002Fhuman-risk-score":75,"children-\u002Fproduct\u002Fspecs\u002Fhuman-risk-score":393},[4,8,30],{"title":5,"path":6,"stem":7},"Knowledge Base","\u002F","index",{"title":9,"path":10,"stem":11,"children":12},"Product","\u002Fproduct","product\u002Findex",[13,14,20],{"title":9,"path":10,"stem":11},{"title":15,"path":16,"stem":17,"children":18},"Roadmap","\u002Fproduct\u002Froadmap","product\u002Froadmap\u002Findex",[19],{"title":15,"path":16,"stem":17},{"title":21,"path":22,"stem":23,"children":24,"page":-1},"Specifications","\u002Fproduct\u002Fspecs","product\u002Fspecs\u002Findex",[25,26],{"title":21,"path":22,"stem":23},{"title":27,"path":28,"stem":29},"Human Risk Score — Technical Specification","\u002Fproduct\u002Fspecs\u002Fhuman-risk-score","product\u002Fspecs\u002Fhuman-risk-score",{"title":31,"path":32,"stem":33,"children":34,"page":-1},"Sales","\u002Fsales","sales",[35,37,47],{"title":31,"path":32,"stem":36},"sales\u002Findex",{"title":38,"path":39,"stem":40,"children":41},"Competitive Intelligence","\u002Fsales\u002Fcompetitors","sales\u002Fcompetitors\u002Findex",[42,43],{"title":38,"path":39,"stem":40},{"title":44,"path":45,"stem":46},"KnowBe4 Battlecard","\u002Fsales\u002Fcompetitors\u002Fknowbe4","sales\u002Fcompetitors\u002Fknowbe4",{"title":48,"path":49,"stem":50,"children":51,"page":-1},"Playbooks","\u002Fsales\u002Fplaybooks","sales\u002Fplaybooks\u002Findex",[52,53,63,69],{"title":48,"path":49,"stem":50},{"title":54,"path":55,"stem":56,"children":57,"page":-1},"AE Playbook","\u002Fsales\u002Fplaybooks\u002Fae","sales\u002Fplaybooks\u002Fae\u002Findex",[58,59],{"title":54,"path":55,"stem":56},{"title":60,"path":61,"stem":62},"Discovery Framework","\u002Fsales\u002Fplaybooks\u002Fae\u002Fdiscovery-framework","sales\u002Fplaybooks\u002Fae\u002Fdiscovery-framework",{"title":64,"path":65,"stem":66,"children":67},"Partners Playbook","\u002Fsales\u002Fplaybooks\u002Fpartners","sales\u002Fplaybooks\u002Fpartners\u002Findex",[68],{"title":64,"path":65,"stem":66},{"title":70,"path":71,"stem":72,"children":73},"SDR Playbook","\u002Fsales\u002Fplaybooks\u002Fsdr","sales\u002Fplaybooks\u002Fsdr\u002Findex",[74],{"title":70,"path":71,"stem":72},{"id":76,"title":27,"body":77,"description":387,"extension":388,"meta":389,"navigation":390,"path":28,"seo":391,"stem":29,"__hash__":392},"docs\u002Fproduct\u002Fspecs\u002Fhuman-risk-score.md",{"type":78,"value":79,"toc":373},"minimark",[80,84,88,93,192,196,225,229,236,240,245,257,261,271,275,285,289],[81,82,27],"h1",{"id":83},"human-risk-score-technical-specification",[85,86,87],"p",{},"The Human Risk Score (HRS) is a real-time, per-employee metric (0–100) that quantifies behavioural risk based on threat exposure, training response, and historical incident data. This document describes the calculation model, update cadence, and API surface.",[89,90,92],"h2",{"id":91},"score-composition","Score composition",[94,95,96,97,96,117],"table",{},"\n  ",[98,99,100,101,96],"thead",{},"\n    ",[102,103,104,108,111,114],"tr",{},[105,106,107],"th",{},"Signal",[105,109,110],{},"Weight",[105,112,113],{},"Data source",[105,115,116],{},"Update frequency",[118,119,100,120,100,136,100,150,100,164,100,178,96],"tbody",{},[102,121,122,123,122,127,122,130,122,133,100],{},"\n      ",[124,125,126],"td",{},"Phishing simulation performance",[124,128,129],{},"30%",[124,131,132],{},"Internal simulation engine",[124,134,135],{},"Per simulation event",[102,137,122,138,122,141,122,144,122,147,100],{},[124,139,140],{},"Real threat exposure (inbox)",[124,142,143],{},"25%",[124,145,146],{},"Email gateway integration",[124,148,149],{},"Real-time",[102,151,122,152,122,155,122,158,122,161,100],{},[124,153,154],{},"Training completion & retention",[124,156,157],{},"20%",[124,159,160],{},"LMS \u002F adaptive engine",[124,162,163],{},"Post-module",[102,165,122,166,122,169,122,172,122,175,100],{},[124,167,168],{},"Reported incidents",[124,170,171],{},"15%",[124,173,174],{},"Report-a-phish button \u002F SIEM",[124,176,177],{},"Per event",[102,179,122,180,122,183,122,186,122,189,100],{},[124,181,182],{},"Peer group benchmarking",[124,184,185],{},"10%",[124,187,188],{},"Department + role cohort",[124,190,191],{},"Weekly",[89,193,195],{"id":194},"score-interpretation","Score interpretation",[197,198,96,199,96,207,96,213,96,219],"ul",{},[200,201,202,206],"li",{},[203,204,205],"strong",{},"0–25"," — Low risk. Employee is engaged, responds well to training, rarely exposed to threats.",[200,208,209,212],{},[203,210,211],{},"26–50"," — Moderate risk. Some training gaps or irregular exposure. Monitor and target with relevant content.",[200,214,215,218],{},[203,216,217],{},"51–75"," — Elevated risk. Active threat exposure or poor simulation performance. Trigger adaptive training.",[200,220,221,224],{},[203,222,223],{},"76–100"," — Critical risk. Immediate intervention recommended. Escalate to security team.",[89,226,228],{"id":227},"decay-model","Decay model",[85,230,231,232,235],{},"Scores decay toward the cohort mean over time when no new signals are received. The decay half-life is ",[203,233,234],{},"90 days"," by default and is configurable per tenant between 30–180 days. This prevents stale high scores from persisting indefinitely.",[89,237,239],{"id":238},"api-reference","API reference",[241,242,244],"h3",{"id":243},"get-score-for-a-single-employee","Get score for a single employee",[246,247,248,252],"pre",{},[249,250,251],"code",{},"GET \u002Fv1\u002Femployees\u002F{employee_id}\u002Frisk-score\n",[85,253,254],{},[249,255,256],{},"Response:\n{\n\"employee_id\": \"usr_abc123\",\n\"score\": 67,\n\"band\": \"elevated\",\n\"last_updated\": \"2025-04-14T09:22:00Z\",\n\"signals\": {\n\"phishing_simulation\": 72,\n\"threat_exposure\": 81,\n\"training\": 44,\n\"incidents\": 0,\n\"peer_benchmark\": 58\n}\n}",[241,258,260],{"id":259},"get-department-risk-summary","Get department risk summary",[246,262,263,266],{},[249,264,265],{},"GET \u002Fv1\u002Fdepartments\u002F{department_id}\u002Frisk-summary\n",[85,267,268],{},[249,269,270],{},"Response:\n{\n\"department_id\": \"dept_finance\",\n\"name\": \"Finance\",\n\"employee_count\": 42,\n\"average_score\": 54,\n\"distribution\": {\n\"low\": 12,\n\"moderate\": 18,\n\"elevated\": 9,\n\"critical\": 3\n},\n\"trend\": \"improving\"\n}",[241,272,274],{"id":273},"export-for-board-reporting","Export for board reporting",[246,276,277,280],{},[249,278,279],{},"GET \u002Fv1\u002Freports\u002Fhuman-risk?format=pdf&period=monthly\n",[85,281,282],{},[249,283,284],{},"Returns a signed URL to a generated PDF report suitable for board or NIS2 audit presentation.",[89,286,288],{"id":287},"tenant-configuration","Tenant configuration",[94,290,96,291,96,307],{},[98,292,100,293,96],{},[102,294,295,298,301,304],{},[105,296,297],{},"Setting",[105,299,300],{},"Default",[105,302,303],{},"Range",[105,305,306],{},"Description",[118,308,100,309,100,325,100,341,100,357,96],{},[102,310,122,311,122,316,122,319,122,322,100],{},[124,312,313],{},[249,314,315],{},"score_decay_days",[124,317,318],{},"90",[124,320,321],{},"30–180",[124,323,324],{},"Half-life for score decay toward cohort mean",[102,326,122,327,122,332,122,335,122,338,100],{},[124,328,329],{},[249,330,331],{},"critical_threshold",[124,333,334],{},"76",[124,336,337],{},"50–90",[124,339,340],{},"Score at which employee is flagged as critical risk",[102,342,122,343,122,348,122,351,122,354,100],{},[124,344,345],{},[249,346,347],{},"auto_trigger_training",[124,349,350],{},"true",[124,352,353],{},"bool",[124,355,356],{},"Auto-assign adaptive training when score exceeds elevated threshold",[102,358,122,359,122,364,122,367,122,370,100],{},[124,360,361],{},[249,362,363],{},"webhook_on_critical",[124,365,366],{},"null",[124,368,369],{},"URL",[124,371,372],{},"POST to this URL when any employee enters critical band",{"title":374,"searchDepth":375,"depth":375,"links":376},"",2,[377,378,379,380,386],{"id":91,"depth":375,"text":92},{"id":194,"depth":375,"text":195},{"id":227,"depth":375,"text":228},{"id":238,"depth":375,"text":239,"children":381},[382,384,385],{"id":243,"depth":383,"text":244},3,{"id":259,"depth":383,"text":260},{"id":273,"depth":383,"text":274},{"id":287,"depth":375,"text":288},"How the Human Risk Score is calculated, updated, and exposed via API","md",{},true,{"title":27,"description":387},"31MBDIXa1U5WSp2vtuHXdnqWH4_fiVMrQzWBgZjZBWc",[],1776249558247]