The user has to be able to show that his user requirements were checked during the validation. A traceability matrix is an instrument for proving this. What is essential in this context is that the requirements can be traced from the specification via the risk analysis to the test. It should be seen as a checklist that asks whether the specified requirements have been implemented and where the proof can be found.
