In your initial post, using your independent research, compare and contrast factors that are critical to successful security awareness programs. How would an Information Security Manager approach the implementation of such a program? Think across the organization? Address the following questions:

What are the components of a properly designed program?

How would you implement such a program for an organization?

How would the program be managed? Will it be required, and if so$,$ how will you enforce these requirements? This will determine how you measure effectiveness. For example, if the program is required, then $100\%$ compliance is needed. If not required, then what does the success of the program look like?

How will you communicate the program requirements politically so it is best accepted?

Will there be consequences for non$-$compliance, and if so$,$ how will you handle these?

What other stakeholders from your organization need to be involved?

How will you measure the success of the program?$$ What metrics will you use to measure effectiveness?