I think a DBA reacting to situations like this they encounter is fine. If you learn of critical data being stored in an unsafe way, by all means speak your mind.

But these days with so much information to be kept, and the ubiquity of excel and access, I think this needs to be managed more proactively and I'm not sure that the DBA should be the person to do that.

I think when it comes to going out and finding this type of thing, that is both just easier and a more natural role for an IT manager/CIO to be doing.