Statewide Election Security Management Plan

InfoSENTRY researched and wrote a security management plan for a Secretary of State’s Office in one of the United States’ largest states. In this traditional “battleground” state, InfoSENTRY worked with the state’s election director to develop an industry-standard security plan covering the State’s planned statewide voting system and statewide voter registration system.

After working with staff in the Chief State Election Official’s office and consulting with county election officials, InfoSENTRY developed a comprehensive set of information security policies and procedures covering responsibilities for election system security policymaking, election security responsibilities, election system user authentication, physical access controls, election system Internet connections, and election information privacy and confidentiality.

InfoSENTRY based the security planning methodology on (1) State security planning guidelines, (2) the National Institutes of Standards and Testing’s “Guide for Developing Security Plans for Information Technology Systems,” and (3) BS7799/ISO17799 security management planning guidelines.

The security management plan for the State and county election information systems rested on a comprehensive risk assessment of both the statewide voter registration system and the planned statewide voting system. It included a detailed implementation plan, a security awareness plan, a security training plan, and a security communications plan for the state’s election information assets.

InfoSENTRY has experience working with international organizations, US Federal agencies, state and local governments, and corporations to bolster their physical, operational, and technical security capabilities.

E-mail InfoSENTRY Services, Inc.

Return to the InfoSENTRY Home Page