Ensure that every action is audited with a timestamp and a record of the User who committed it. See Persistence types for how to add these attributes to your records. Best practice is to include these fields on all of your windows so they are easy to reference.
Furthermore, if a field should not be altered once it has been saved, use window design rules to ensure that it has the write once property.
Ensure that fields you need to have completed are set to mandatory on your window designs.
Use group and role privilege structures to ensure that only authorized personnel can perform the various actions available on your processes. For even greater control, you can also make individual attributes privilegable, so even if they appear on a window that someone can see they may not also have privileges to see the attribute itself.
Ensure that all users defined in the system have (as a minimum) their contact details and location recorded against their record in addition to their name and customer group.