You must exercise appropriate controls to assure that only authorized personnel make changes to computerized MPCRs, or other records, or input laboratory data into computerized records, and you must implement documentation controls that ensure actions are attributable to a specific individual (see §§ 211.68(b), 211.188(b)(11), 211.194(a)(7) and (8), and 212.50(c)(10)). When login credentials are shared, a unique individual cannot be identified through the login and the system would thus not conform to the CGMP requirements in parts 211 and 212. FDA requires that systems controls, including documentation controls, be designed to follow CGMP to assure product quality (for example, §§ 211.100 and 212.50).