A risk-based approach to validation similar to that described in section IV.A.Q1 should
be taken for outsourced electronic services.
It is ultimately the responsibility of the sponsor or other regulated entity to ensure that the
outsourced electronic service is validated as appropriate. Sponsors and other regulated
entities should obtain documentation from the electronic service vendor that includes, but
is not limited to, a description of standard operating procedures and results of testing and
validation to establish that the outsourced electronic service functions in the manner
intended.