Ideally GxP system shall record each and every activity carried out in that particular system.
- it is acceptable if the system can keep record with clause " Unauthorized attempt".
- in GxP system ideally you shouldn’t delete a user you can only deactivate or disable a user profile. there are systems which has delete option, usage of deleted user is not possible and if same username was assigned then it will be considered as new user only.
Hope this answers your query, if any corrections please let me know.