Information security is vastly complex, both technically and from a governance, risk and compliance (GRC) perspective. When workplace politics come into play, security best practices become more complicated and risk management is weakened significantly. Security teams must recognize the obstacles they face and work to gain buy-in from key stakeholders. To successfully navigate organizational politics, IT professionals must gain their colleagues trust, which takes time. The CISO can take it further by acting as a mediator to help employees in other departments find common ground when disagreements arise.”]
Source: https://securityintelligence.com/dont-let-organizational-politics-derail-security-initiatives/