Controlling what is and what is not recorded suggests some sort of control over your data collection devices. These devices may be forms or databases.
The records themselves need only be controlled as retrievable files or archives.
The training records themselves will include evaluations of competence (the ability to do the job well). You should decide who has the authority to see and change these records
I suggest that depends on the type of training and the regulatory exposure if the records were to be altered or lost, either on purpose or on accident, thus rendering you unable to defend your personnel's' readiness to perform specific critical tasks. Is anyone able to manipulate the data?Do employee training records need to be controlled documents when pertaining to AS9100D?