I totally agree that there needs to be a complete disconnect between audit repositories and the IT administration privileges. Perhaps auditing repositories should be read only bins of data that should be able to archive data but only if you jump through hoops to do it (the equivalent of the two key launch system - no I have never seen this in real life but I am using it only as a simple metaphor for a multiple person task).

Perhaps it would be best if there was a standard which could enable the configuring by administrators but as soon as it is configured, there is no way to alter the configuration without the change being audited. It could be based on open standards with plugins available for systems such as SQL Server or generic modules (in the .NET world, assemblies) for bespoke applications. There is also a place for dummy audit repositories for development environments.

In the end, you want IT to be able to deploy, maintain and configure the whole IT system, however, this is one area where ideally IT cannot control the data.