I'm a 19 year IT professional but now find myself in a situation (job) where IT is viewed low on the totem pole (I have no authority essentially) and my mid level supervisor(s) have had to sacrifice one particular best practice as playing cards for compromise with other managers - local admin rights on manager and in some cases, their assistant's computers. These managers have successfully lobbied for the ability to have local admin rights - in most cases because they don't want to wait for the short amount of time it might take to submit a Help Desk ticket. In another case, I think it was just a power play. In few, if any cases, those who have lobbied for and received permission to get local admin, don't have enough of an appreciation for the ramifications. In one case, the user is actually running his machine AS an admin. Suffice to say his machine is all jacked up at this point. (Maybe it's the Tom-Tom GPS client software he installed...).
Anyway, I'm about to mount a formal rebuttal to upper management in defense of said best practices and would like to solicit help in locating any specific references you can suggest in order to shore up my case.
Points will likely be sub-divided - awarded on my own personal and subjective calls - and may be issued quickly if I receive particularly helpful assistance/feedback. Comments also welcome as I plan to show this thread to my manager and others. Thanks.