Thank you for the feedback. As you have noticed, I actually addressed the accountability issue by proposing multiple root accounts. That's an approach we (the sysadmin teams I'm on) use since late-1990s, and it's working very well - at least no worse than non-root accounts + su would in this respect.
No extra passwords and no extra accounts to manage. It would be a security risk for a sysadmin to share a non-root account for su'ing to root and for other uses (a lot of people do just that, but it's plain wrong to take the unjustified risk, in my opinion). Thus, there would have to be _two_ non-root accounts per person. With our approach, this is replaced with one root-privileged account and one non-root account. (Also, SSH keys are used instead of passwords in most cases. And it is OK to use the same keypair for root and non-root.)