Where I work we use Guardiam on SOX audited applications. It does a pretty neat job although it is an expensive tool. I wonder how many people realized the value of the default trace on SQL 2005 and the report that shows recent DDL changes? As a DBA that is so easy and invaluable to do a random audit. We audit logins otherwise and have a pretty tight process for getting access the database server.