There are a few ways to accomplish this. You can do a live read through any one of Ed Skoudis' scenarios (as outlined here on EH-Net) minus the entertaining themes (Brady Bunch, Simpsons, Matrix, etc). Ed has given permission and suggestion to do this in the SEC504 course.
You can also hire or have a skilled team member perform a penetration test to see how the team reacts/notices the test or just ignores it. You should probably only do this with a seasoned group who has worked together for awhile so everyone is not tripping over themselves.
CISSP, GCIH, GCIA, C|EH, Sec+, Net+, MCP