I'm interested in finding out what other IT managers/admins are doing to enforce Network security policies when an employee violates a policy. For example; if our policy states not to use internet for personal usage and an employees is caught, what then? Do you give a warning? What is the response process that is recommended. My goal is to educate user as much as possible regarding the threats and vulnerabilities of our network, but they must play their part. I would evaluate each violation and then take displanary action. I just want some advice how to create a response process according to best practices. I appreciate your help.