A useful exercise to foster organic interest in peer accountability through friendly competition.
How to run the program:
Do not record the “failure users” as doing so into your remedial accountability program. Why? The last thing you need is for your friendly gamified experience to result in animosity towards the participants.
Ensure templates still fall within your regular HR rules of engagement.
Your volunteers will be more phishing aware then they ever have been by 10x, guaranteed, just by participating in this fun and engaging learning experience. Additionally, you can expect them to be peer security awareness champions moving forward.
Additionally this gives you a chance to run even more campaigns without adding burden to the perception of too many tests.
Lastly, it is so much easier to view phishing campaigns as a fun and engaging learning opportunity when it is your friends doing the “fooling” and “failing.” I guarantee you significant internal chatter about how much fun this game is and how much competition it fosters.