A communication plan is a document that outlines the objectives, strategies, tactics, and messages for communicating with a specific audience. A communication plan for disseminating information regarding the technical risks of BYOD should include the following elements12:

The purpose and goals of the communication

The target audience and their needs and preferences

The key messages and tone of the communication

The communication channels and methods

The roles and responsibilities of the communicators

The timeline and frequency of the communication

The evaluation and feedback mechanisms

The most important element to include in this communication plan is the key messages, which should convey the potential exposures and impacts of BYOD using common terms that the audience can understand. The key messages should explain what BYOD is, why it is important, what are the benefits and challenges, what are the risks and threats, how to protect the devices and data, and what are the best practices and policies. The key messages should also be consistent, clear, concise, relevant, and engaging12.

The other options are not as important as the key messages, as they are either supporting or secondary elements of the communication plan. A link on the corporate intranet to the BYOD policy is a communication channel, which is a means of delivering the message, but not the message itself. A schedule and content for mandatory training is a communication tactic, which is a specific action or activity to implement the strategy, but not the strategy itself. Disciplinary actions for violation of the BYOD policy is a message detail, which is a specific piece of information to support the message, but not the message itself.