Consider also SW License compliance and others
I'm not a big fan of aggressive CYA and as a senior manager, an employee who asks me to respond in a certain time frame to a CYA memo undermines her own credibility.
Many good points here - and I too love the one that changes 'admin' to 'janitor'.
One that has not been brought up is the issue of managing software license compliance. With everyone having admin privileges and having the same userid/pw, your company almost certainly has illegal copies of SW. The SW industry is getting more aggressive and any audit would find your illegal SW, and they would shut you down until you got it fixed. If you don't there is big lost time and big lost credibility with your clients.
Another has to do with Human Rights legislation and anti-harrassment legislation (which vary a lot between jurisdictions). Now this isn't necessarily fixed by removing admin rights, but all those off-colour (Canadian spelling) jokes, photos etc. have been considered in some as 'contributing to a poisoned work environment' and managers have been found responsible. If your firm allow everyone to use the admin account, it likely does not have good policies on acceptable computer use. Those policies, and the ability to identify who is doing what on the system, are key to defending management in harrassment cases. If you don't there is big lost time, big lawyer bills, big lost credibility, and possibly future challenges to hire the people you need if you are know as a harrassing company.
And, one more, but this is more of a way of selling. We want to put these controls on so that no-one can accuse you of doing bad things (sabotaging the company, harassing, fiddling the books) when you didn't but someone else did on your machine using the common password. What if Enron execs didn't actually do that stuff and some junior staffer framed them? What if it happened in your company? This is like installing locks on cars so that everyone can be sure theirs is where they parked it when they come back. And it is pretty cheap locksmith work at that. If you don't there could be big lost time in the slammer, big lawyer bills, big credibility loss and possibly bankruptcy.
Good luck!
