Used to work at a company where server room access was restricted to a few trusted individuals, getting access for new staff could be a nightmare.
One day we found the door propped open because the building manger was "too busy to chaperone" the external maintenance engineer in there, so he was left alone with millions of customer details on the servers.
Needless to say TPTB kept this quite during the ISO27001 audit.