Human Risk Assessment Deck

Interactive Presentation for Initial Risk Assessments & Value Demonstration

20-Minute Interactive Presentation
For Security Assessment Meetings
7 Assessment Slides
Updated: January 2026
Back to Sales Materials
Slide 1

Current Human Risk Assessment

Understanding Your Organisation's Human Risk Exposure

"Traditional tools only measure click rates. We measure WHY people make risky decisions."

The Gap Analysis

Traditional Approach Limitations:

  • Measures completion rates, not behaviour change
  • Shows IF people click, not WHY they click
  • No connection to business outcomes
  • No measurable ROI beyond compliance
  • Annual training with 90-day knowledge decay

The Privci Approach

Behavioural Cybersecurity:

  • 30-day continuous behavioural assessment
  • Psychology-driven risk analysis
  • Measurable ROI and business impact
  • Real-time intervention and feedback
  • Sustainable behaviour change
1

What's Your Current Training Approach?

High Risk

Annual compliance training only

Medium Risk

Quarterly phishing tests + basic training

Low Risk

Continuous training + behavioural interventions

2

How Many Human-Caused Incidents Last Year?

10+ Incidents

Critical exposure level

5-9 Incidents

High exposure level

1-4 Incidents

Moderate exposure level

3

Do You Have Policy Violation Visibility?

No Visibility

No monitoring of policy violations

Limited Visibility

Basic monitoring, no real-time feedback

Full Visibility

Real-time violation detection + interventions

Interactive risk assessment tool - Select options above to see your initial risk score
Slide 2

Privci's 5 Engines

Comprehensive Human Risk Management Platform

Privci combines five powerful engines to measure, analyse, and transform human behaviour

Awareness Engine

Continuous, contextual training across 3 streams

Change Engine

10 Behaviour Change Agents using COM-B model

Phish Aware

800+ phishing templates + gamified challenges

Business Watch

Digital footprint + exposure monitoring

Policy Keeper

129 policy templates + automatic enforcement

How It Works Together

  • Awareness Engine delivers training at the moment of violation
  • Change Engine uses behavioural science to reshape habits
  • Phish Aware measures AND trains phishing detection
  • Business Watch monitors digital exposure in real-time
  • Policy Keeper ensures policy alignment and compliance

Key Differentiators

  • Browser-based Training Agents (Chrome, Edge, Firefox)
  • Real-time behavioural interventions
  • COM-B behaviour change model
  • 43 event monitoring capabilities
  • 30-day Human Vulnerability Scan
  • Automated policy enforcement

Unlike traditional tools that only measure click rates, Privci measures WHY people make risky decisions and provides targeted interventions to change behaviour.

The 5 Engines work together to provide comprehensive human risk management
Slide 3

30-Day Human Vulnerability Scan

Science-Based Behavioural Assessment

A comprehensive 30-day assessment that measures real-world behaviour without disrupting daily operations

Week 1

Baseline Assessment

Initial behavioural mapping, knowledge assessment, and current state analysis

Week 2

Real-World Simulation

Controlled threat simulations across all threat categories

Week 3

Intervention Testing

Targeted interventions based on behavioural archetypes

Week 4

Comprehensive Reporting

Final analysis, risk scoring, and customised roadmap

What We Measure During the Scan

43 Behavioural Events

Real-time monitoring of security-related behaviours

Policy Violations

Real-time detection and correction of policy breaches

Phishing Susceptibility

800+ template library + gamified challenges

Digital Footprint

Shadow IT, data exposure, dark web monitoring

Knowledge & Skill Gap

Identifies missing awareness, misunderstood policies, weak security concepts, and practical security skills.

Behaviour Consistency

Tracks how reliably users apply safe behaviours over time

Use Case Correlations

35 correlations between user activity, incidents, and behavioural engines

Key Benefits of the 30-Day Scan

Measurable Baseline

Establish quantifiable metrics for human risk before any investment

Targeted Insights

Identify specific vulnerabilities and high-risk user groups

ROI Projection

Calculate exact savings from risk reduction before implementation

Training Agent Technology

Browser-based agents (Chrome, Edge, Firefox) deliver personalised training, behavioural nudges, and real-time interventions directly to each user. No mail server whitelisting required.

30-day zero-risk assessment with full executive reporting and ROI analysis
Slide 4

Behavioural Archetype Analysis

Understanding WHY People Make Risky Decisions

Privci classifies users into four behavioural archetypes based on psychological patterns and risk profiles

Convenience-Seekers

35% of workforce

Prioritise speed and convenience over security. Will click links without verification, use weak passwords, and bypass security controls to save time.

Privci Intervention:

  • Reduce friction in secure processes
  • Automate security where possible
  • Provide quick-win security tools

Overconfident Users

25% of workforce

Believe they're "too smart to be phished" and bypass security measures they perceive as unnecessary. Often technical users with inflated risk perception.

Privci Intervention:

  • Challenge overconfidence with realistic simulations
  • Provide data-driven risk evidence
  • Gamification and competitive elements

Anxious Avoidant

20% of workforce

Users who avoid engaging with security tasks due to fear of making mistakes. They hesitate, delay decisions, and often ignore prompts, increasing exposure to threats.

Privci Intervention:

  • Confidence‑building micro‑training
  • Clear, low‑pressure guidance
  • Supportive nudges that reduce fear of error

Compliant

20% of workforce

Users who follow instructions reliably but lack deep understanding, leaving them exposed to unfamiliar threats. They require ongoing reinforcement to maintain secure habits.

Privci Intervention:

  • Reinforcement‑based micro‑learning
  • Scenario‑based training for unfamiliar threats
  • Consistent nudges to strengthen long‑term habits

The COM-B Behaviour Change Model

Capability

Does the user have the knowledge and skills?

Opportunity

Does their environment support secure behaviour?

Motivation

Are they motivated to behave securely?

Privci's 10 Behaviour Change Agents use the COM-B model to deliver targeted interventions that address the specific barriers to secure behaviour for each archetype.

Psychology-based user segmentation for targeted, effective security interventions
Slide 5

HVI & OHRP Score Calculation

Quantifying Human Risk with Science-Based Metrics

Privci provides measurable risk scores that translate human behaviour into actionable business intelligence

Your Human Risk Score

4.2
Medium Risk

Your organisation has moderate human risk exposure with several high-priority areas requiring attention

Human Vulnerability Index (HVI)

Measures individual susceptibility to security threats (0-10 scale, lower is better)

Current Score 4.2
0 (Low Risk) 10 (High Risk)
HVI Components:
  • Behavioural Risk Patterns: 4.8
  • Knowledge Gaps: 3.9
  • Habit Strength: 4.5
  • Environmental Factors: 3.6
  • Psychological Drivers: 4.1

Threat Exposure Index (TEI)

Quantifies organisational exposure to specific threats (0-100%)

Current Exposure 68%
0% (No Exposure) 100% (Maximum Exposure)
Top Threat Categories:
  • Phishing & Social Engineering: 82%
  • Data Handling & DLP: 71%
  • Password Hygiene: 65%
  • Cloud Application Security: 58%
  • Policy Awareness: 54%

Organisational Human Risk Posture (OHRP)

MEDIUM
Overall Risk Posture

OHRP Calculation:

OHRP = (HVI × 0.6) + (TEI × 0.4)
Combines individual vulnerability with organisational threat exposure

Low Risk (0-19%) Mature security culture
Medium Risk (20-49%) Your current category
High Risk (50-70%) Immediate action required
Critical Risk (71-100%) Severe exposure
Science-based risk quantification with industry benchmarking and trend analysis
Slide 6

From Current State to Target State

Your Journey with Privci

See how Privci transforms your organisation's human risk posture through measurable, sustainable behaviour change

Current State

  • Annual compliance training
  • Basic phishing simulations
  • No behavioural insights
  • Reactive incident response
  • Policy violations unknown
30-Day Scan

Assessment Phase

  • Human Vulnerability Scan
  • Behavioural archetype analysis
  • HVI & OHRP scoring
  • Gap identification
  • ROI projection

Target State

  • Continuous behavioural training
  • Real-time policy enforcement
  • Proactive risk reduction
  • Measurable ROI
  • Sustainable security culture

Key Milestones & Timelines

Week 1-2

Kick-off & Discovery
Technical Setup
Baseline Assessment

Week 3-6

30-Day Human Risk Scan
Real-time Monitoring
Initial Interventions

Week 7

Executive Report Delivery
Risk Score Presentation
Custom Roadmap

Week 8+

Full Platform Deployment
Continuous Improvement
Quarterly Reviews

Expected Outcomes After 90 Days

75% reduction in phishing clicks
60% reduction in policy violations
40% improvement in HVI scores
Measurable ROI within 3 months
Based on data from 500+ organisations: 75% reduction in human risk incidents within first 90 days
Slide 7

ROI Calculator & Next Steps

Quantifying Value and Implementation Roadmap

See the measurable business impact and ROI of reducing human risk in your organisation

1

Calculate Your Current Risk Cost

50 500 5000
500
Employees
2

Industry Average Risk Costs

Phishing Incident Cost (per employee) £3,200
Data Breach Cost (per record) £150
Productivity Loss (per incident) £2,800
Average Incidents per Year 12
3

Your Annual Risk Exposure

Ready for Your Free 30-Day Assessment?

Get your Human Risk Score and see measurable results in 30 days.

Start Free 30-Day Assessment
Based on industry averages: 75% reduction in human risk incidents within first 90 days