Did you look at my article? Technically, there is a way that you can avoid that this person has all those permissions.

Then I sense that there is a political game in which you appear to not have many powers. The only advice I can give there is that you make a clear statement that you cannot make any guarantees about the security on the system the way it is now. Else you may be the person hung when bad things happen.