# Monthly reports ### Data Sources | File | Key Fields | | -------------- | ------------------------------------------------------------------------------------------------------- | | `applications` | `status`, `accountsUsed`, `accountsDetected`, `category`, `classificationId`, `sources`, `lastActivity` | | `users` | `status`, `vendorsUsed`, `vendorsDetected`, `emails` | *** ### 1. Application Status Distribution Each application is bucketed by its `status` field: | Status | Filter | | ---------------- | ------------------------------- | | Approved | `status == 'approved'` | | Discovered | `status == 'discovered'` | | Security Concern | `status == 'security-concern'` | | In Review | `status == 'in-review'` | | Evaluation | `status == 'evaluation-period'` | | Closed | `status == 'closed'` | Each is displayed as a count and percentage of `total_apps`. *** ### 2. Security Threat Metrics | Metric | Formula | | --------------------------- | -------------------------------------------------------- | | **Total Security** | Count of apps where `status == 'security-concern'` | | **Contained** | Subset where `accountsUsed == 0` (no active users) | | **Active** | Subset where `accountsUsed > 0` (still in use) | | **Active Security Users** | Sum of `accountsUsed` across all active security threats | | **Threat Containment Rate** | `contained / total_security × 100` | A security threat is considered **contained** when it has been driven to zero active users. *** ### 3. Shadow IT Metrics Shadow IT includes apps with status in: `discovered`, `security-concern`, `in-review`. | Metric | Formula | | ------------------------- | ----------------------------------- | | **Total Shadow** | Count of apps with shadow IT status | | **Eliminated** | Subset where `accountsUsed == 0` | | **Active Shadow** | Subset where `accountsUsed > 0` | | **Shadow Reduction Rate** | `eliminated / total_shadow × 100` | *** ### 4. Governance Coverage Governed statuses: `approved`, `in-review`, `evaluation-period`, `closed`. | Metric | Formula | | ------------------- | ------------------------------------ | | **Governed Apps** | Count of apps with a governed status | | **Governance Rate** | `governed_apps / total_apps × 100` | *** ### 5. User Metrics #### User Segmentation | Segment | Filter | | -------------------------- | ---------------------------------------------------------------- | | **Active Users** | `status == 'live'` AND `vendorsUsed > 0` | | **Offboarding with Usage** | `status in ['offboarding', 'deactivated']` AND `vendorsUsed > 0` | | **Inactive Users** | `vendorsUsed == 0` (any status) | #### User Compliance Rate A user is **compliant** if they use fewer than **30 vendors** (`compliance_threshold`). | Metric | Formula | | ------------------- | -------------------------------------- | | **Compliant Users** | Active users where `vendorsUsed < 30` | | **Compliance Rate** | `compliant_users / active_users × 100` | #### Usage Efficiency | Metric | Formula | | -------------------- | --------------------------------------------- | | **Avg Detected** | Average `vendorsDetected` across active users | | **Avg Used** | Average `vendorsUsed` across active users | | **Usage Efficiency** | `avg_used / avg_detected × 100` | #### User Distribution Active users are bucketed by `vendorsDetected` into ranges: 0–20, 21–50, 51–100, 101–150, 150+. *** ### 6. AI Metrics #### AI App Detection An app is classified as **AI** if: * Its category is "Artificial Intelligence and Automation" #### AI Indicators | Metric | Filter | | --------------------- | ------------------------------------------------------------ | | **AI Total** | All AI-classified apps | | **AI Security** | AI apps with `status == 'security-concern'` | | **AI Active Threats** | AI security apps with `accountsUsed > 0` | | **AI Active Users** | Sum of `accountsUsed` on active AI threats | | **AI Discovered** | AI apps with `status == 'discovered'` and `accountsUsed > 0` | | **AI Approved** | AI apps with `status == 'approved'` | | **AI Pending** | AI apps with `status in ['in-review', 'discovered']` | *** ### 7. Report Tables #### Active Security Threats Top 15 `security-concern` apps with `accountsUsed > 0`, sorted by active users descending. Shows a conversion percentage: `accountsUsed / accountsDetected × 100`. #### High-Risk Discoveries `discovered` apps with `accountsUsed >= 10` (`high_risk_user_threshold`), sorted by active users descending, top 15. #### Remediation Priority Active security threats are assigned a priority based on `accountsUsed`: | Priority | Condition | | ----------------- | -------------------- | | **P1 — Critical** | `accountsUsed >= 15` | | **P2 — High** | `accountsUsed >= 5` | | **P3 — Medium** | `accountsUsed < 5` | #### Pending Governance `discovered` apps with `accountsUsed >= 20`, sorted by active users descending, top 10. *** ### Key Concepts * An app is **contained/eliminated** when `accountsUsed == 0` — no one is actively using it. * An app is an **active risk** when `accountsUsed > 0`. * User **compliance** is based on keeping vendor usage below 30 apps per user. * **Usage efficiency** measures what fraction of detected apps are actually used. * **Governance coverage** tracks how many apps have moved beyond the "discovered" stage into a managed status. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.avanoo.ai/public-knowledge-base/monthly-reports.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.