Explain Security Journey and time metrics
Use this when a customer asks what an analytics card or timeline means.
Definitions
Section titled “Definitions”- Employee Security Journey: timeline of security-related events for an employee.
- Time to Report: time between message delivery/open/click context and the user reporting the message, depending on report definition.
- Time to Open: time between message delivery and first open event.
- Highest Risk People: users ranked by current product risk logic.
- Identify the exact page/card the customer is asking about.
- Confirm the customer organization.
- If available in ActiveAdmin, verify the employee or campaign context.
- Explain the metric using the public docs definition.
- If the customer is disputing a number, follow Investigate metric discrepancies.
Escalate when
Section titled “Escalate when”- The customer needs the formula behind a risk score.
- The number appears inconsistent across reports.
- You need raw events or query logic to explain the result.