Validation documentation demonstrates that e-record controls and e-signatures are implemented as designed, this is also the evidence required when audited.

In general validation documentation consists of:

• A written design specification that describes what the software is intended to do and how it is intended to do it
• A written test plan based on the design specification, including both structural and functional analysis
• And test results and an evaluation of how these results demonstrate that the predetermined design specification has been met

A typical set of computer system validation documentation may include a:

• Validation Master Plan (VMP)
• Risk Assessment (RA)
• User Requirement Specification (URS)
• Functional Specification (FS)
• Design Specification (DS)
• Requirement Traceability Matrix (RTM)
• Installation Qualification (IQ)
• Operational Qualification (OQ)
• Performance Qualification (PQ)
• Final Report summarizing the results of the entire project

It’s not required to have all of the documents listed above but to be safe for an audit be sure to state up front in the CSV plan what approach you will be taking.