I have found that a lot of places who avoid managing individual sys accounts for each server are often logging into systems using the sole sys account on a daily basis to perform tasks as opposed to assigning permissions to roles/groups and assigning those to user logins. This not only gives more people open access but also significantly reduces the option to audit who does what.