Skip to main content
One-Time Run · 30 Days

One-Time Phishing Simulation & Security Awareness Training

A complete 30-day awareness sprint — simulate, train, measure — ending in an audit-ready report your assessors will accept. No subscription required. For Indian teams of 501,000.

SEBI CSCRFISO 27001DPDP ActRBI expectationsCustomer audits
Why a single run

When one run is the right call

Annual compliance evidence

SEBI CSCRF, ISO 27001 and DPDP expectations all come down to one question from the assessor: show us the training happened. The run ends in exactly that document.

A customer or auditor asked

An enterprise client or certification audit wants proof of security awareness training — get defensible evidence inside 30 days, without procuring a platform.

A baseline before you budget

Measure your real phish-prone rate first. The before/after risk score gives you the number that justifies (or right-sizes) a full programme.

Try before you subscribe

Run the whole platform once. If you upgrade within 90 days, 50% of the run is credited to your annual plan.

The 30 days

How the run works

Week 1

Set up & baseline

Users onboarded, first simulation sent — your baseline phish-prone rate is measured before anyone is trained.

Weeks 2–3

Simulate & train

Up to 5 campaigns from the full template library (including AI-generated lures), with industry-specific and cross-industry training assigned to everyone.

Week 4

Measure the change

A final simulation captures the after picture: click rate, report rate and risk score, individual completion records.

Day 30

Audit-ready report

Before/after risk score and complete evidence pack — signed, when we run it for you (Managed).

Every run includes

  • 30 days of full platform access
  • All templates, including AI-generated
  • Up to 5 phishing simulation campaigns
  • 1 industry-specific training assignment
  • 1 cross-industry training assignment
  • Audit-ready compliance report + before/after risk score
Audit evidence

Evidence your assessor can accept

SEBI CSCRF asks regulated entities to run security awareness training and keep proof. ISO 27001 (control 6.3) and the DPDP Act’s reasonable-safeguards expectation point the same way, and enterprise customers increasingly ask their vendors for it. The run exists to produce that proof — in one month, without buying a platform.

Add the optional retest (+40%) after 60–90 days for a delta report that shows the improvement, not just the baseline.

The closing report documents

  • Every simulation campaign: templates used, send dates, who clicked, who reported
  • Individual training completion records for all enrolled users
  • Organisation-wide phish-prone risk score — before and after
  • Signed by our team on Managed runs
One-off pricing

One run, one price. No subscription.

Per-user rates improve with team size. Configure your exact price — team size, Self-Service or Managed, optional retest — on the pricing page.

Self-Service

your team runs it, report auto-generated
85–₹110 /user, one-off

By team size (501,000 users) · minimum order ₹15,000 · excl. GST

Managed

we run it end-to-end, signed report
125–₹165 /user, one-off

By team size (501,000 users) · minimum order ₹25,000 · excl. GST

50% back

Upgrade within 90 days and half your run is credited toward any annual plan. Your sprint funds your rollout.

Optional retest after 60–90 days adds 40%. Self-Service is limited to 2 runs per organisation per 12 months.

FAQ

One-time run questions

What is a one-time phishing simulation run?

A productised 30-day sprint: we set up your team on the Knowspams platform, run up to 5 phishing simulation campaigns and 2 training assignments, and close with an audit-ready report showing your before/after risk score. There is no subscription — one run, one price, for teams of 50–1,000.

Is one run enough for annual security awareness compliance?

Most Indian frameworks — SEBI CSCRF, ISO 27001 (control 6.3), the DPDP Act's reasonable-safeguards expectation and typical customer audits — ask for evidence that awareness training actually happened. One run produces that evidence for the year. Add the optional retest for a delta report, or repeat the run annually.

What audit evidence does the run produce for SEBI CSCRF or ISO 27001?

The closing report documents every simulation campaign, individual training completion records, and your organisation's before/after phish-prone risk score — the artefacts assessors ask for when they check awareness-training requirements. Managed runs include a signed report.

How much does a one-time run cost?

Self-Service is ₹85–₹110 per user (minimum order ₹15,000); Managed is ₹125–₹165 per user (minimum ₹25,000) — the per-user rate improves with team size. An optional retest after 60–90 days adds 40%. Prices exclude GST.

What happens after the run?

If you upgrade to any annual plan within 90 days, 50% of what you paid for the run is credited toward it — your sprint funds your rollout. Otherwise, keep the report and re-run whenever you need fresh evidence (Self-Service is limited to 2 runs per organisation per 12 months).

30 days from now, you have the evidence.

Pick your team size on the pricing page and start your run — or talk to us first.