I am currently facing an issue were users are getting added to site administrators group and are not removed. This is causing access discrepancies.
The difficult part is we cannot find a pattern as the user who gets added is not always same and the frequency of occurrence is also not predictable.
Is there a means to get notified when a user gets added the administrators group.
Sounds very odd - people don't get added to Site, Administrators by accident.
Unfortunately Security Audit Reporting doesn't have an event for this (Group membership change). Might be able to create a custom event but probably not the best approach.
You might consider creating a simple query builder report:
Type: WTGROUP
Criteria: (name of site admin group), last modified since xx days ago
Set this to run automatically maybe weekly, and set a monitor to email specific users if there are any results.