At the moment, SysAdmins can delete from user logs and database logs, thereby removing traces of when they've been on the system and the activities they've been engaging in and/or data that they have changed.

This is fundamentally a SOX "non-compliance" situation which could result in malpractice being marked by SOX compliance auditors against the financial system.
Needs Votes