Most challenges to computer evidence surround authenticity, with questions such as these:
Was the data altered?
Was the program that generated the forms or data reliable?
What was the identity of the author?
As experienced practitioners of computer forensics, we will notice when looking back that much of what we do in our methodologies is directly focused on countering the preceding questions. Chain of custody, documentation, and cryptographic hash verification are all components of methodologies used to counter the challenge of “Was the data altered?” The second challenge surrounding the reliability of programs used to represent data is generally easier to substantiate with industry-wide acceptance, peer review, ...