Anti Phishing Training Program

Design, govern, and report on enterprise-grade anti-phishing training programs and simulation metrics.

Install
cmdop skills install agensi-anti-phishing-training-program

Anti Phishing Training Program is a skill aimed at security awareness coordinators and CISOs who need to build and document structured phishing simulation and awareness programs. Rather than generating phishing templates or running simulations directly, it produces governance artifacts that support defensible, audit-ready programs aligned with corporate and regulatory requirements.

The skill covers four main areas. For program design, it drafts annual program lifecycles, role-based training curricula, and simulation governance plans. For metrics and analytics, it takes raw simulation data and reporting rates and converts them into executive-ready KPI dashboards and risk summaries. For remediation planning, it generates privacy-preserving coaching plans targeting repeat clickers and high-risk departments. For maturity assessment, it maps existing activities against industry standards and identifies gaps in phishing resilience.

Outputs are described as platform-agnostic, structured documents intended for stakeholders: quarterly executive reports covering organizational resilience trends, departmental action trackers, and governance documentation suitable for audits.

This skill is not a simulation platform and does not send phishing emails or track live click rates. It is focused on the documentation and analysis layer of a security awareness program. Developers or security teams looking for tooling to execute simulations directly will need a separate platform; this skill supports the governance and reporting work that sits around that execution.

Use cases

  • Draft an annual anti-phishing program lifecycle and governance plan for a security team
  • Convert raw phishing simulation click and reporting data into an executive KPI dashboard
  • Build privacy-preserving remediation and coaching plans for repeat clickers or high-risk departments
  • Produce a quarterly organizational resilience report ready for executive stakeholders
  • Assess current phishing awareness activities against industry standards and document gaps
  • Generate audit-ready documentation for HR and regulatory compliance around phishing training

When to use it

  • When a security team needs governance documentation for an existing phishing awareness program
  • When preparing executive or board-level reports on phishing simulation metrics
  • When developing role-based curricula and remediation plans that must comply with HR and privacy policies
  • When a CISO needs to map program maturity against industry standards and identify gaps

When not to use it

  • When the requirement is to actually send phishing simulation emails to employees — this skill does not execute simulations
  • When real-time click tracking or live campaign analytics are needed
  • When the goal is to generate phishing lure content or credential-harvesting templates
  • When a fully automated, hands-off security awareness platform is expected rather than document generation