"One of the key factors in having a successful effort is being able to prove that your effort is successful. The only way to do this is to collect metrics prior to initiated new awareness efforts," according to Ira Winkler and Samantha Manke of Secure Mentem.
As the team outlines in the recent article The 7 elements of a successful security awareness program, these metrics can include surveys on attitudes. They could also include the use of phishing simulation tools to include pre and post awareness training. You can also examine the number of security related incidents, such as attempted visits to banned websites.