Get instant support with our search!
Department-Level Phish Reporting with Anonymous Responses
Overview
Anonymous Responses help protect employee privacy during phishing simulations by removing user-level details from reports. Department-Level Reporting gives you the option to see high-level trends by department without revealing individual identities.
This feature is configured once at the company level to ensure privacy settings are applied consistently across all phishing simulations.
Privacy-First by Default
Department-Level Reporting is OFF by default, ensuring maximum privacy unless departmental insight is deliberately enabled. When enabled:
- Individual users remain fully anonymous — names, email addresses, and other user-level details are never shown
- Department names can appear in reports
- Small departments are automatically anonymised based on a configurable threshold
Who Can Configure This
Admins and business users with access to Company Edit can configure this setting.
How to Enable Department-Level Reporting
- Go to Settings → Company Edit
- Turn on Allow Department-Level Phish Reporting
- Set the Minimum Department Size Threshold — Departments with this number of users or fewer will remain anonymised in reports (default: 10)
- Review the privacy guidance shown in the UI
- Save your changes
Once enabled, department-level data will appear automatically in reports across all past and future anonymised phishing simulations.
What You’ll See in Reports
User-level identifiers remain anonymised in all cases.
| Setting | What Appears in Reports |
|---|---|
| Department-Level Reporting OFF | No department data shown |
| Department-Level Reporting ON | Department data shown in reports |
| Department-Level Reporting ON, department at or below threshold | Shown as "Anonymised" automatically |
When to Enable This
Department-Level Reporting is particularly valuable for organisations with strict privacy requirements that still need departmental insight for targeted remediation. It's useful when you want to:
- Compare phishing risk trends between teams
- Track improvement at a department level
- Identify training gaps between teams
FAQs
Q: Why is a department showing as “Anonymised”?
A: Its active user count is less than or equal to the configured Department Size Threshold.
Q: Does enabling this affect historical campaigns?
A: Reporting reflects the active company configuration at time of viewing/export. If the setting is turned on, the department name will be displayed in all historic anonymised phish reports when the threshold is exceeded.
Q: I've changed the threshold, what happens to the reports?
A: All current and historic reports where the phish was anonymised will show or anonymise the Department name based on the new threshold.
Q: What happens to the threshold if a user is deleted or disabled?
A: When a user is deleted or disabled, this will reduce the count of the total number of employees in a department. If the new total <= the configured threshold, the department will be anonymised in reports.
Q: I can see disabled and deleted users in reports, does that mean they are included in the department count?
A: No - whilst you can configure to show Disabled and Deleted users in reporting, even if those users are visible they will not count towards the total number of employees in a department when determining if the threshold has been exceeded.
Q: What happens to the threshold if a user moves departments?
A: If a user moves department, this will increase the count of employees in the new department and reduce the count of employees in their previous department. If the new department size > the configured threshold, the department will be visible in reports. If the old department size <= the configured threshold, the department will be anonymised in reports.