Jack Vamvas has a script to see if the sa account is disabled:
Often organisations have a SQL server security policy dictating the ‘sa’ login is disabled. There is some sound reasoning behind this policy. The primary reason is to decreases the surface area available to attack – and is a common principle of security.
When this is a requirement – I’ll add some code to disable ‘sa’ as part of the build and certification process. But , from time to time – the ‘sa’ login will be re enabled, so it’s important to build an alerting or reporting mechanism identifying the exception.
Click through for the script.