> I am sure that they shouldn`t be doing any work on tables structure, sp`s
If this is the case, then why would the third party request sysadmin access
to the production environment? Why do they need access to the production
environment at all? I think you need a clear understanding of the third
party roles, responsibilities and expectations before you can setup the
appropriate permissions (minimal level of required). This is particularly
true of customized solutions.
When working with third party solutions, don't assume that Best Practices
like a formalized testing and promotion process are followed. I've seen
external vendors develop applications ad-hoc in the live production
environment (if it works it's production, otherwise it's just development).
Although the IT folks are stakeholders, they don't always have the final say
about such matters in the real world. A DBA can voice concerns but, at the
end of the day, it is a management decision as to whether or not Best
Practices are followed.
Hope this helps.
SQL Server MVP