Setting the Risk Score Calculation Time Period

The Risk Score Calculation Time Period feature allows administrators to define the period of time considered when calculating user risk scores. This feature ensures that valuable historical user behaviour data (risk factors) can be factored into employee risk scores. By extending the calculation window, organisations gain more accurate and comprehensive insights into user risk.

Key Benefits

  • Gain Deeper Insights: By including historical data (up to 3 years), you can uncover long-term trends and behaviours, providing a clearer understanding of user risk.

  • Improve Decision-Making: More accurate risk scores enable you to make better-informed decisions on training, compliance strategies, and risk mitigation.

  • Address Unrecognised Risks: Ensure long-term non-compliant users and repeated risky behaviours are no longer overlooked.

  • Customise to Your Needs: Choose the time frame that aligns best with your organisation's risk policies and goals.

  • Enhance Accuracy and Relevance: Use more comprehensive data to identify users needing intervention, and track progress over time.


How to Configure the Risk Score Time Period

As an admin, you can customise the time period for risk score calculations by following these steps:

  1. Log in as Admin: Ensure you are logged into the MyCompliance platform as an admin user.

  2. Navigate to Company Edit > System Settings > Risk Score Settings.

  3. Access the Time Period Option.

    • Locate the drop-down option titled "Risk Score Calculation Time Period".

  4. Select a Time Period.

    • Choose from the following available options:

      • 1 Year (Default)

      • 2 Years

      • 3 Years

  5. Save Changes.

    • Once the desired time period is selected, click Save to apply the setting.

Note: Risk scores will update nightly based on the newly configured time period.


Default Behaviour (1-Year Time Period)

If no time period is set:

  • Risk scores will consider data targeted to users from the last 12 months.

  • This remains the system's default behaviour.

Scenario

  • Admin does not set a time period.

    • When no option is selected, the risk score will default to using data from the past year.


Handling Historical Data

When a new time period is set:

  • Pre-existing Data: Historical risk factors (e.g. phishing clicks, quiz performance, and incomplete content) from 2 or 3 years will be included in the risk score calculations.

  • Updated Risk Scores: Scores will automatically update during the nightly refresh cycle.

Back to all articles