Directors and senior management seem to get into a mindset where they believe in a them and us style mentality where 'them' represents the other staff who are dangerous and need to be led and given directives, objectives and constant instructions else they would go off the rails and fail to do anything (right) where 'us' represents the senior management team of trustworthy, upstanding, intelligent folk who know better than the common crowd.

Ironically, these same leaders and managers frequently construct policies and champion the abolition of the 'them and us' mentality elsewhere in their business (usually between middle management or team leaders and their direct reports), never realising that they engage in the selfsame tribalism that leads to such situations.

Those leaders in the 'I know better' frame of mind will buck IT policies and will often see IT staff as a barrier [to usability] rather than as an [security] enabler. They often choose to counter any arguments that their access to sensitive data poses a security threat if they do not adhere to the same policies as everyone else by saying, "I am a trusted and respected manager. I am trustworthy and this is why I earned my position" (or something along these lines).

Some senior leaders need to wake up before their hubris damages their businesses. As a small example, what's more likely to damage a business? A member of staff leaving to join a competitor and taking knowledge of usable contacts, good practices and the odd customer with them or a senior manager leaving to join a competitor, taking with them full details of business practises, strategies, policies and procedures, contacts, customers, risks, business strengths and weaknesses?

Oh, wait - most senior managers are too trustworthy and upstanding to actually use any of that sort of info at a new company, right?