Configuring a way for users outside of outlook to report simulated phishing emails. At the very least configure the simulated phish emails to take note of the email that clicked it and send that to a list. Have that list able to be generated or accessed in the admin portal.