I made a list of ways to have a successful security policy
Identify your risks. What are your risks from inappropriate use.
Learn from others.
Make sure the policy conforms to legal requirements.
Level of security = level of risk.
Include staff in policy development.
Train your employees.
Get it in writing.
Set clear penalties and enforce them