It is not about preventing his access, just that you can track it. Sure if he is super competent, he can hide any nefarious doings, but if he is that good, he doesn't need to even work for the original questioner.
Could I hide a one time action to hide something nefarious as a system admin? Probably. Could I do it everyday and not arouse suspicions? Not likely. I doubt I could both perform my job and leave evidence in the logs and hide nefarious doings long term.
My manager holds regular one on one meetings. They build our relationship but also are way to keep tabs on what I am doing, what roadblocks I might encounter and are sounding board for any improvements I might come up with.