If the security's tight (which is rarely the case, from experience taking on new DB), in SQL you can track who has the ALTER DATABASE permission.

But most of the times almost everyone has full sysadmin access (unfortunately) which makes things complicated.

What you could do however is setup a DDL trigger and log any information you can for the next time it occurs.

Otherwise go as what Gail's suggest.