[andrewljohnson]

Any powerful IT guy should be monitored and have his power checked. IT personnel have almost unmatched power in an organization to cause damage without detection.

Anything with lots of confidential information, or anything financial, and you are going to want to monitor all the people with access constantly. You may not want to snoop real-time, but you are going to want to be able to find and fix breaches after the fact, and do root-cause analysis.

It's not a matter of trust in the IT people, it's a matter of people go crazy sometimes, and people make bad hiring decisions sometimes.