Strictly speaking though CXGJarrod, you don't need to be a domain admin to do that, anyone who is a member of the local administrators group on the server (which does of course include domain admins, but could also include others) could take ownership.

I'd still suggest putting in auditing to see whats going on. Even an admin who takes ownership, then resets the permissions will be logged. If they clear the sec.log then you'll see that they cleared the sec.log as the first event in the newly cleared sec.log (provided of course you've not set the sec.log to overwrite when full, but then you're asking for trouble if you do that....)