diff --git a/templates/platform_landing_zone/modules/management_groups/locals.tf b/templates/platform_landing_zone/modules/management_groups/locals.tf
index 2e0db0c..1e561e2 100644
--- a/templates/platform_landing_zone/modules/management_groups/locals.tf
+++ b/templates/platform_landing_zone/modules/management_groups/locals.tf
@@ -13,4 +13,12 @@ locals {
       overrides               = try(policy_assignment_value.overrides, null)
     } }
   } }
+  default_retries = {
+    policy_definitions = {
+      error_message_regex = ["AuthorizationFailed"]
+    }
+    policy_set_definitions = {
+      error_message_regex = ["AuthorizationFailed"]
+    }
+  }
 }
diff --git a/templates/platform_landing_zone/modules/management_groups/main.tf b/templates/platform_landing_zone/modules/management_groups/main.tf
index 06820ad..5fb26d0 100644
--- a/templates/platform_landing_zone/modules/management_groups/main.tf
+++ b/templates/platform_landing_zone/modules/management_groups/main.tf
@@ -10,7 +10,7 @@ module "management_groups" {
   enable_telemetry                    = var.enable_telemetry
   management_group_hierarchy_settings = try(var.management_group_settings.management_group_hierarchy_settings, null)
   partner_id                          = try(var.management_group_settings.partner_id, null)
-  retries                             = try(var.management_group_settings.retries, {})
+  retries                             = try(var.management_group_settings.retries, local.default_retries)
   subscription_placement              = try(var.management_group_settings.subscription_placement, {})
   timeouts                            = try(var.management_group_settings.timeouts, {})
   dependencies                        = var.dependencies