Can I issue a cert for an internal awareness phishing campaign?

I would also hazard a guess that the answer is "yes", because:

1. It doesn't seem to be prohibited in the subscriber agreement (as long as you're not breaking the law)
2. We have this official-ish statement to go on: