Agree with bro67.

People can use simple lockcodes or they can shut them off.

Your IT security has initiated the policy. You should be able to meet with them and discuss. I don't think they will turn off but they should be able to say why the policy was put in place and what, if any regulations, they are trying to meet.

Depending on your line of business it could be a federal reg, an industry reg or even a commitment that was contracted too in an outsourcing deal.

My security always welcomed the opportunity to discuss policies.