|

 
|
| | Name : | Ron Crane | Organization : | N/A | Post Date : | 9/30/2005 |
| Section : | A2B | Page no. : | | Line no.: | | Comment : | 13b.
Further, Vol. II, App.B.5 notes that
"any uncorrected deficiency that does not involve the loss or corruption of voting data shall not necessarily be cause for rejection. Deficiencies of this type may include failure to
fully implement formal programs for quality assurance and configuration management described in Volume I, Sections 7 and 8."
But failure to implement appropriate configuration management procedures makes it far easier for rogue employees to introduce cheats into software, firmware, and/or hardware.
The Guidelines must require comprehensive configuration management and QA procedures, must require regular audits to determine their effectiveness, and must impose appropriate sanctions - up to and include decertification - for violations. | |
|
|