who knew most of the top credentials
I am not exactly certain of your meaning, but this scares me. It sounds like the individual had extensive access and control over many critical systems. The sysadmin may even have had exclusive control. A few years ago the city of San Francisco lost control of it's network because a single sysadmin refused to give his passwords to his superiors. So, way before a sysadmin leaves, you should make sure that there are at least two people who have access and control over critical systems.
are there any other precautions that need to be taken other than changing those credentials?
Revoke physical access.
It's probably standard to collect badge and office keys, but don't forget keys to cabinets, restricted areas, alarm codes, off-site storage locations, parking permits, etc. You should be keeping a record of every physical key given out, who received them, and why. Additionally you should be able to rekey critical access points within 24 hours. If your alarm system allows for a user to call in a false alarm, make sure the leaving employee is removed from that list.
Let everyone know.
It's not hard for a former sysadmin to social engineer a current employee. It's virtually impossible to prevent them from calling a current employee. Given the access to internal information the sysadmin likely knows who to call and what to say to gain some type of network access. So, announce that the individual is no longer an employee. If possible show a picture (a badge photo does nicely) of the ex-employee. Make sure they know who to speak to if the former sysadmin makes suspicious contact. If the sysadmin had a close relationship with any suppliers, partner companies, or subsidiaries, let them know as well.
Don't forget the phone and voicemail system.
The vulnerabilities here range from snooping on random voicemail to making long distance calls at the company's expense.
Credit cards, charge accounts, Purchase ordering
If the sysadmin had authority to order equipment, make sure that ability is revoked from all suppliers, venders, etc. Its trivial to order some nice equipment using the standard procedure and change the shipping address.
Review any contracts and agreements signed by the former employee.
If the sysadmin signed any contracts or agreements as part of their job, have someone review all documents that they signed. Ideally you should have a database of documents that employees have signed and be able to instantly call up every document that a given employee signed.
Check the patch and update status of your critical systems.
Even the the former employee did not act as administrator for those systems, they may know what their status was.