First of all, your organization must have published policies. Training on policies is part of every supervisor, team leader and manager's job. Then, policy enforcement becomes possible.
No information security policy? You have some work to do before you attempt to train personnel. Best wishes, tmblweed AKA: tmblweed
