[Federal Register Volume 73, Number 165 (Monday, August 25, 2008)]
[Notices]
[Pages 50140-50172]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E8-19064]


-----------------------------------------------------------------------

ELECTION ASSISTANCE COMMISSION


Procedural Manual for the Election Assistance Commission's Voting 
System Test Laboratory Program

AGENCY: United States Election Assistance Commission (EAC).

ACTION: Notice; Publication of Voting System Test Laboratory Program 
Manual.

-----------------------------------------------------------------------

SUMMARY: The U.S. Election Assistance Commission (EAC) is publishing a 
procedural manual for its Voting System Test Laboratory Program. This 
program sets the administrative procedures for laboratories to obtain 
and maintain accreditation to test voting systems under the EAC's 
Voluntary Testing and Certification Program. The program is mandated by 
the Help America Vote Act (HAVA) at 42 U.S.C. 15371.

FOR FURTHER INFORMATION CONTACT: Brian Hancock, Director, Voting System 
Certification, Washington, DC, (202) 566-3100, Fax: (202) 566-1392.

SUPPLEMENTARY INFORMATION:

Background

    HAVA requires that the EAC certify and decertify voting systems 
through testing conducted by accredited laboratories. Section 231(a)(1) 
of HAVA (42 U.S.C. 15371) specifically requires the EAC to ``* * * 
provide for the testing, certification, decertification and 
recertification of voting system hardware and software by accredited 
laboratories.'' To meet this obligation, the EAC has created a 
voluntary program to test voting systems to Federal voting system 
standards by accredited laboratories. The Voting System Test Laboratory 
Program Manual sets the procedures for the test laboratories to follow 
in order to receive and maintain accreditation as well as procedures 
for the documentation and publication of testing information.
    In creating the Laboratory Manual the EAC sought input from experts 
and stakeholders. Specifically, the EAC conducted meetings with 
representatives from the voting system test laboratories and from the 
voting system manufacturing community. Additionally, the EAC sought 
input from the public. A draft version of the EAC Voting System Test 
Laboratory Program Manual was published with a request for public 
comment on February 4, 2008. (73 FR 6495). The public comment period 
was open until 5 p.m. EST on April 4, 2008. While previous notice and 
public comment period were not required by law, all comments received 
were considered in the drafting of this final administrative manual.

[[Page 50141]]

Discussion of Comments

    The EAC received thirty-eight comments from the public. The 
majority of these comments came from voting system test laboratories, 
with the remainder coming from the general public.
    The majority of comments received by the Commission raised concerns 
or questioned the meaning or application of various provisions of the 
manual. Another block of comments were less specific and focused on the 
fundamental purpose behind the program or its basic methodology. 
Comments in this category included concerns regarding the level of 
allowable participation by manufacturers in the testing process and the 
responsibilities of Voting System Test Laboratories regarding third 
party testing. Finally, there were a range of specific recommendations 
on a wide variety of topics. Examples include: (1) Changing the scope 
of core and non-core testing; (2) clarifying who is responsible for the 
validation of test methods; (3) allowing hardware mitigation by the 
manufacturer; (4) clarifying the scope of the use of prior testing in a 
testing campaign; (5) clarifying the restriction on testing at 
manufacturer owned or controlled facilities and the allowance of such 
activity in conjunction with the witness or trusted build; and (6) 
placing the responsibility for the proper identification of proprietary 
information on the manufacturer and not on the testing laboratory.
    The EAC reviewed and considered each of the comments presented. In 
doing so, it also gathered additional information and performed 
research regarding the suggestions. The EAC's commitment to public 
participation is evident in the final version of the Laboratory Manual. 
The Manual has been enhanced in a number of areas in response to public 
comment. A total of about five pages have been added to the Manual. 
Throughout the entire Manual the EAC added or amended language to 
clarify its procedures consistent with the comments it received. For 
example, to further clarify terminology used throughout the Manual 
eight terms were newly defined or significantly clarified in the 
definition section of Chapter 1. Additionally, the EAC made changes to 
clarify the independent role of Voting System Test Labs in the program, 
enhance the supervision requirements of EAC accredited laboratories 
over third party contracted laboratories, and further defined the level 
of detail required by the EAC on test plans, test cases, and test 
reports. Finally, the EAC clarified financial stability documentation 
requirements for laboratories seeking accreditation.

Thomas R. Wilkey,
Executive Director, U.S. Election Assistance Commission.
BILLING CODE 6820-KF-P

[[Page 50142]]

[GRAPHIC] [TIFF OMITTED] TN25AU08.005

BILLING CODE 6820-KF-C

[[Page 50143]]

Paperwork Reduction Act

    The reporting requirements in this manual are pending approval 
under the Paperwork Reduction Act of 1995, by the Office of Management 
and Budget Control (OMB). Persons are not required to respond to this 
collection of information unless it displays a currently valid OMB 
number. Information gathered pursuant to this document and its forms 
will be used solely to administer the EAC Testing & Certification and 
Laboratory Accreditation Program. This program is voluntary. 
Individuals who wish to participate in the program, however, must meet 
its requirements. The estimated total annual hourly burden on the 
voting system manufacturing industry and election officials is 200 
hours. This estimate includes the time required for reviewing the 
instructions, gathering information, and completing the prescribed 
forms. Send comments regarding this burden estimate or any other aspect 
of this collection, including suggestions for reducing this burden to 
the U.S. Election Assistance Commission, Voting System Testing and 
Certification Program, Office of the Program Director, 1225 New York 
Avenue, NW., Suite 1100, Washington, DC 20005.

1. Introduction
1.1. Background
1.2. Authority
1.3. Role of the National Institute of Standards and Technology
1.4. Scope
1.7. Program Personnel
1.8. Submission of Documents
1.9. Receipt of Documents--VSTL
1.10. Receipt of Documents--EAC
1.11. Record Retention--EAC
1.12. Publication and Release of Documents
1.13. References
1.14. Definitions
1.15. Acronyms and Abbreviations
2. Program Requirements
2.1. Overview
2.2. Program Requirements--Generally
2.3. NIST Recommendation
2.4. NVLAP Accreditation
2.5. Conflict of Interest and Prohibited Practices Program
2.6. Personnel Policies
2.7. Notification of Changes
2.8. Site Visits
2.9. Notice of Lawsuits
2.10. Testing, Technical Practices and Reporting
2.11. Laboratory Independence
2.12. Authority To Do Business in the United States
2.13. Communications
2.14. Resources and Financial Stability
2.15. Recordkeeping
3. Accreditation Process
3.1. Overview
3.2. NIST Recommendation
3.3. EAC Invitation
3.4. Application
3.5. EAC Review of Application Package
3.6. Grant of Accreditation
3.7. Effect of Accreditation
3.8. Expiration and Renewal of Accreditation
3.9. Denial of Accreditation
3.10. Requesting Appeal
3.11. EAC Action on a Request for Appeal
3.12. Submission of Appeal
3.13. Consideration of Appeal
3.14. Commissioner's Decision on Appeal
3.15. Effect of Denial of Accreditation
4. Compliance Management Program
4.1. Purpose
4.2. Compliance Management Program, Generally
4.3. VSTL Notification of Changes
4.4. Request for Documents and Information
4.5. On Site Laboratory Review--Generally
4.6. On Site Laboratory Review--Frequency
4.7. On Site Laboratory Review--Procedure
4.8. EAC Compliance Management Reports
4.9. Corrective Action
5. Revocation of Accreditation
5.1. Overview
5.2. Revocation Policy
5.3. Revocation--Generally
5.4. Notice of Intent to Suspend
5.5. Suspension of Accreditation
5.6. Commissioners' Decision on Revocation of Accreditation
5.7. Effect of Revocation of Accreditation
5.8. Requesting Appeal
5.9. EAC Action on a Request for Appeal
5.10. Submission of Appeal
5.11. Consideration of Appeal
5.12. Commissioner's Decision on Appeal
6. Requests for Interpretations
6.1. Overview
6.2. Policy
6.3. Requirements for Submitting a Request for Interpretation
6.4. Procedure for Submitting a Request for Interpretation
6.5. EAC Action on a Request for Interpretation
6.6. Effect of Interpretation
6.7. Library of Interpretations
7. Release of Laboratory Accreditation Program Information
7.1. Overview
7.2. EAC Policy on the Release of Certification Program Information
7.3. Trade Secrets
7.4. Privileged or Confidential Commercial Information
7.5. EAC's Responsibilities
7.6. VSTL's Responsibilities
7.7. Personal Information

Appendix A. Certification Test Plan Format and Content

Appendix B. Certification Test Report Format and Content

Appendix C. Certification of Laboratory Conditions and Practices Form

Appendix D. Specification for Reproduction and Use of the EAC

Laboratory Accreditation Logo

1. Introduction

    1.1. Background. The Federal Election Commission (FEC) adopted the 
first formal set of voluntary Federal standards for computer-based 
voting systems in January 1990. At that time, no national program or 
organization existed to test and certify such systems to the standards. 
The National Association of State Election Directors (NASED) stepped up 
to fill this void in 1994. NASED is an independent, nongovernmental 
organization of State election officials. The organization formed the 
nation's first national program to test and qualify voting systems to 
the new Federal standards. This program utilized independent 
laboratories to test voting system to voluntary Federal standards. To 
facilitate this process NASED accredited these test laboratories, which 
it referred to as Independent Test Authorities (ITA). In late 2002, 
Congress passed the Help America Vote Act of 2002 (HAVA). HAVA created 
the U.S. Election Assistance Commission (EAC) and assigned to the EAC 
the responsibility for both setting voting system standards and 
providing for the voluntary testing and certification of voting 
systems. This mandate represented the first time the Federal government 
provided for the voluntary testing, certification, and decertification 
of voting systems nationwide. In response to this HAVA requirement, the 
EAC has developed the voting system standards in the form of the 
Voluntary Voting System Guidelines (VVSG), a voting system 
certification program in the form of the Voting System Testing and 
Certification Program Manual and this document, the Voting System Test 
Laboratory Manual.
    1.2. Authority. HAVA Section 231(b) (42 U.S.C. Sec.  15371(b)) 
requires that the EAC provide for the accreditation and revocation of 
accreditation of independent, non-federal laboratories qualified to 
test voting systems to Federal standards. Generally, the EAC considers 
for accreditation those laboratories evaluated and recommend by the 
National Institute of Standards and Technology (NIST) pursuant to HAVA 
Section 231(b)(1). However, consistent with HAVA Section 231(b)(2)(B), 
the Commission may also vote to accredit laboratories outside of those 
recommended by NIST upon publication of an explanation of the reason 
for any such accreditation.
    1.3. Role of the National Institute of Standards and Technology. 
Section 231(b) (1) of HAVA requires that the National Institute of 
Standards and Technology ``conduct an evaluation of independent, non-
federal laboratories and shall submit to the Commission a list of those 
laboratories * * * to be accredited. * * *'' Additionally, HAVA Section 
231(c) requires NIST to monitor

[[Page 50144]]

and review the performance of EAC accredited laboratories. NIST has 
chosen its National Voluntary Laboratory Accreditation Program (NVLAP) 
to carry out these duties. NVLAP conducts a review of applicant 
laboratories in order to provide a measure of confidence that such 
laboratories are capable of performing testing of voting systems to 
Federal standards. Additionally, the NVLAP program monitors 
laboratories by requiring regular assessments. Laboratories are 
reviewed one year after their initial accreditation and biennially 
thereafter. The EAC has made NVLAP accreditation a requirement of its 
Laboratory Accreditation Program. However, a NVLAP accreditation is not 
an EAC accreditation. EAC is the sole Federal authority for the 
accreditation and revocation of accreditation of Voting System Test 
Laboratories (VSTL).
    1.4. Scope. This Manual provides the procedural requirements of the 
EAC voting system Laboratory Accreditation Program. Although 
participation in the program is voluntary, adherence to the program's 
procedural requirements is mandatory for participants. The procedural 
requirements of this Manual supersede any prior laboratory 
accreditation requirements issued by the EAC. This manual shall be read 
in conjunction with the EAC Voting System Testing and Certification 
Manual.
    1.5. Manual Maintenance and Revision. The Manual will be reviewed 
periodically and updated to meet the needs of the EAC, VSTLs, election 
officials, and public policy. The EAC is responsible for revising this 
document. All revisions will be made consistent with Federal law. 
Substantive input from stakeholders and the public will be sought 
whenever possible. Changes in policy requiring immediate implementation 
will be noticed via policy memoranda and will be issued to each VSTL 
and registered Manufacturers. Changes, addendums, or updated versions 
will also be posted to the EAC Web site at www.eac.gov.
    1.6. Clarification of Program Requirements and Procedures. VSTLs 
and registered Manufacturers may request clarification regarding the 
requirements and procedures set forth in this manual. Requests for 
clarification must be based upon ambiguity arising from the application 
of this manual. Hypothetical questions will not be considered. Requests 
shall be submitted to the Program Director in writing. The request 
shall clearly identify the section of the manual and issue to be 
clarified, a proposed interpretation and all relevant facts. 
Clarifications issued by the EAC will be provided to all EAC VSTLs, 
registered Manufacturers and placed on EAC's Web site.
    1.7. Program Personnel. All EAC personnel and contractors 
associated with this program will be held to the highest ethical 
standards. All agents of the EAC involved in the Accreditation Program 
will be subject to conflict-of-interest reporting and review, 
consistent with Federal law and regulation.
    1.8. Submission of Documents. Any documents submitted pursuant to 
the requirements of this Manual shall be submitted:
    1.8.1. If sent electronically, via secure e-mail or physical 
delivery of a compact disk, unless otherwise specified. The submitted 
electronic files shall be in Microsoft Word or Adobe PDF format, 
formatted to protect the document from alteration.
    1.8.2. With a proper signature when required by this Manual. 
Documents that require an authorized signature may be signed with an 
electronic representation or image of the signature of an authorized 
management representative.
    1.8.3. If sent via physical delivery, by Certified Mail 
TM (or similar means that allows tracking) to the following 
address: Testing and Certification Program Director, U.S. Election 
Assistance Commission, 1225 New York Avenue, NW., Suite 1100, 
Washington, D.C. 20005.
    1.9. Receipt of Documents--VSTL. For purposes of this Manual, a 
document, notice, or other communication is considered received by a 
VSTL upon one of the following:
    1.9.1. The actual, documented date the correspondence was received 
(either electronically or physically) at the VSTL, or
    1.9.2. If no documentation of the actual delivery date exists, the 
date of constructive receipt of the communication. For electronic 
correspondence, documents will be constructively received the day after 
the date sent. For mail correspondence, the document will be 
constructively received 3 days after the date sent.
    1.9.3. The term ``receipt'' shall mean the date a document or 
correspondence arrives (either electronically or physically) at the 
VSTL's place of business. Arrival does not require that an agent of the 
VSTL open, read, or review the correspondence.
    1.10. Receipt of Documents--EAC. For purposes of this Manual, a 
document, notice, or other communication is considered received by the 
EAC upon its physical or electronic arrival at the agency. All 
documents received by the agency will be physically or electronically 
date stamped. This stamp shall serve as the date of receipt. Documents 
received after the regular business day (5:00 PM Eastern Standard 
Time), will be treated as if received on the next business day.
    1.11. Record Retention--EAC. The EAC shall retain all records 
associated with accreditation of Voting System Test Laboratories. The 
records shall otherwise be retained or disposed of consistent with 
Federal statutes and regulations.
    1.12. Publication and Release of Documents. The EAC will release 
documents consistent with the requirements of Federal law. It is EAC 
policy to make the laboratory accreditation process as open and public 
as possible. Any documents (or portions thereof) submitted under this 
program will be made available to the public unless specifically 
protected from release by law. The primary means for making this 
information available is through the EAC Web site. See Chapter 7 of 
this Manual for additional information.
    1.13. References. The following documents are referenced in this 
Manual. For dated references, only the edition cited applies. For 
undated references, the latest edition of the referenced document 
(including any amendments) applies.

--ISO/IEC 17011, Conformity assessment--General requirements for 
accreditation bodies accrediting conformity assessment bodies.
--ISO/IEC 17025, General requirements for the competence of testing and 
calibration laboratories.
--NIST Handbook 150, (NVLAP) Procedures and General Requirements.
--NIST Handbook 150-22, (NVLAP) Voting System Testing.

    1.14. Definitions. For purposes of this Manual, the terms listed 
below have the following definitions.
    Applicant Laboratory. An independent, non-Federal laboratory which 
has applied for EAC accreditation after receipt of an invitation.
    Commission. The U.S. Election Assistance Commission, as an agency.
    Commissioners. The serving commissioners of the U.S. Election 
Assistance Commission.
    Contracted Third Party Laboratory. A laboratory contracted or 
otherwise providing testing services to a VSTL to meet program 
requirements.
    Days. Calendar days, unless otherwise noted. When counting days, 
for the purpose of submitting or receiving a document, the count shall 
begin on the first full calendar day after the date the document was 
received.

[[Page 50145]]

    Election Official. A State or local government employee who has as 
one of his or her primary duties the management or administration of a 
Federal election.
    Federal Election. Any primary, general, runoff, or special Election 
in which a candidate for Federal office (President, Senator, or 
Representative) appears on the ballot.
    Fielded Voting System. A voting system purchased or leased by a 
State or local government that is being use in a Federal election.
    Gift. A Gift includes any gratuity, favor, discount, entertainment, 
travel, service, hospitality, loan, meal, forbearance, or other item 
having monetary value.
    Integration Testing. The end-to-end testing of a full system 
configured for use in an election to assure that all legitimate 
configurations meet applicable standards.
    Key Laboratory Staff. Laboratory employees serving as approval 
authorities of test reports (approved signatories per NIST Handbook 
150) or otherwise responsible for the supervision of individuals 
performing voting system testing.
    Lead Voting System Test Laboratory. The accredited Voting System 
Test Laboratory identified on an EAC approved Application for Testing 
(EAC Voting System Testing and Certification Program Manual, Sec. 4.3, 
Certification Application).
    Manufacturer. The entity with ownership and control over a voting 
system submitted for certification.
    Memorandum for the Record. A written statement drafted to document 
an event or finding, without a specific addressee other than the 
pertinent file.
    Proprietary Information. Commercial information or trade secrets 
protected from release under the Freedom of Information Act (FOIA) and 
the Trade Secrets Act.
    Recommended Laboratory. A laboratory recommended for EAC 
accreditation by the Director of NIST after evaluation by NVLAP.
    Scope of Accreditation. The version or versions of the Federal 
voting system standards (VSS or VVSG) to which a VSTL is authorized to 
test.
    Technical Reviewers. Technical experts in the areas of voting 
system technology and conformity assessment appointed by the EAC to 
provide expert guidance.
    Testing and Certification Decision Authority. The EAC Executive 
Director or Acting Executive Director.
    Testing and Certification Program Director. The individual 
appointed by the EAC Executive Director to administer and manage the 
Testing and Certification Program.
    Voting System. The total combination of mechanical, 
electromechanical, and electronic equipment (including the software, 
firmware, and documentation required to program, control, and support 
the equipment) that is used to define ballots, cast and count votes, 
report or display election results, interface the voting system to the 
voter registration system, and maintain and produce any audit trail 
information.
    Voting System Standards. Voluntary voting system standards 
developed by the FEC. Voting System Standards have been published 
twice: once in 1990 and again in 2002. The Help America Vote Act made 
the 2002 Voting System Standards EAC guidance. All new voting system 
standards are issued by the EAC as Voluntary Voting System Guidelines.
    Voting System Test Laboratories (VSTLs). Laboratories accredited by 
the EAC to test voting systems to EAC approved voting system standards.
    Voluntary Voting System Guidelines. Voluntary voting system 
standards developed, adopted, and published by the EAC. The guidelines 
are identified by version number and date.
    1.15. Acronyms and Abbreviations. For purposes of this Manual, the 
acronyms and abbreviations listed below represent the following terms.
    Accreditation Program. The EAC Voting System Test Laboratory 
Accreditation Program
    Certification Program. The EAC Voting System Testing and 
Certification Program
    EAC. United States Election Assistance Commission
    FEC. Federal Election Commission
    HAVA. Help America Vote Act of 2002 (42 U.S.C. Sec.  15301 et seq.)
    ISO/IEC. The International Organization for Standardization & The 
International Electrotechnical Commission
    NASED. National Association of State Election Directors
    NIST. National Institute of Standards and Technology
    NVLAP. National Voluntary Laboratory Accreditation Program
    Program Director. Director of the EAC Testing and Certification 
Program
    VSS. Voting System Standards
    VSTL. Voting System Test Laboratory
    VVSG. Voluntary Voting System Guidelines

2. Program Requirements

    2.1. Overview. This chapter lists the requirements of the EAC's 
Voting System Test Laboratory Program. Adherence to these requirements 
is a condition of accreditation and a continuing obligation. Failure to 
demonstrate compliance with the requirements of this chapter may result 
in the denial of an application for accreditation, suspension of 
accreditation, or revocation of accreditation.
    2.2. Program Requirements--Generally. In order to be considered 
for, receive, and maintain an EAC accreditation as a VSTL, laboratories 
must demonstrate compliance with the requirements of EAC's Voting 
System Test Laboratory Program. The program requirements are set forth 
in this Chapter.
    2.2.1. Continuing Compliance Obligation. VSTLs have a continuing 
obligation to meet the requirements set forth in this Chapter. VSTLs 
are required to maintain their compliance with the program's 
requirements as long as they hold an EAC accreditation.
    2.2.2. Requests to Document Compliance. VSTLs may be required by 
the EAC to document compliance at any time. Such requests will be in 
writing and VSTLs shall respond timely, consistent with the request 
(see Chapter 4 of this Manual).
    2.2.3. Failure to Comply, Effect. Failure to meet each of the 
program's requirements may result in the denial of an application for 
accreditation, suspension of accreditation, or revocation of 
accreditation, consistent with the procedures of Chapter 5 of this 
Manual.
    2.3. NIST Recommendation. As a condition of accreditation, all 
laboratories must be recommended to the EAC by the National Institute 
of Standards and Technology (NIST), unless the emergency provisions of 
Chapter 3 apply. NIST is responsible, pursuant to the Help America Vote 
Act of 2002, Section 231(b), for performing a technical evaluation of 
laboratories and identifying and recommending those competent to test 
voting systems. This recommendation is provided directly to the EAC 
from NIST.
    2.4. NVLAP Accreditation. As a condition of accreditation, all 
VSTLs must hold a valid accreditation from NIST's National Voluntary 
Laboratory Accreditation Program (NVLAP), unless the emergency 
provisions of Chapter 3 apply. NVLAP accreditation is the primary means 
by which the EAC may ensure that each VSTL meets and continues to meet 
the technical requirements of the EAC program. It sets the standards 
for each of VSTL's technical, physical, and personnel resources, as 
well as its testing, management, and quality assurance policies and 
protocols. The loss or

[[Page 50146]]

suspension of a NVLAP accreditation will result in the suspension and 
possible revocation of any EAC accreditation consistent with the 
procedures of Chapter 5 of this Manual. VSTLs are required to 
immediately report any change in their NVLAP accreditation status to 
the EAC.
    2.5. Conflict of Interest and Prohibited Practices Program. As a 
condition of accreditation, all laboratories must maintain and enforce 
policies which prohibit and prevent conflicts of interest or the 
appearance of conflicts of interest. A laboratory shall ensure that 
neither the Laboratory, its parent corporation, contracted third party 
laboratories, nor any individual staff member involved in the testing 
of voting systems have any vested interest in the outcome of the test 
process. Laboratories must have a written policy in place. This policy 
must, at a minimum, (1) prohibit conflicts of interest and other 
prohibited practices and (2) provide for enforcement, consistent with 
the subsections below.
    2.5.1. Prohibited Conflicts of Interest. The purpose of a conflict 
of interest policy is to prevent situations where the exercise of an 
official duty directly impacts the actor's financial interests. For the 
purposes of this program, a prohibited conflict of interest exists if 
the duties and responsibilities of a laboratory, parent corporation, or 
a laboratory employee involved in the testing of voting systems under 
EAC's Certification Program will have a direct and predictable effect 
on the financial interest of that laboratory, parent corporation, or a 
laboratory employee.\1\ For example, an employee who is responsible for 
testing a voting system on behalf of a VSTL would be prohibited from 
holding a financial interest in the entity whose product is being 
tested or a direct competitor of that entity. A prohibited conflict of 
interest would also include a contractual or other fiduciary 
relationship between a VSTL or VSTL employee and a Manufacturer 
(outside an agreement for State or Federal certification testing) when 
that VSTL or VSTL employee is concurrently responsible for conducting 
certification testing for that Manufacturer under this program. 
Additionally, financial interests may be imputed or attributed to a 
laboratory, parent corporation, or a laboratory employee through a 
relationship with a third party. For example, a VSTL employee 
responsible for the testing of a voting system would be conflicted from 
performing his or her duties if his or her spouse owned a financial 
interest in the manufacture of the voting system.
---------------------------------------------------------------------------

    \1\ For the purpose of this Program, agreements with voting 
system manufacturers to provide testing pursuant to the requirements 
of EAC or a State's certification program do not constitute a 
prohibited conflict of interest. Certification testing is considered 
a duty and responsibility of a VSTL, not an outside financial 
interest.
---------------------------------------------------------------------------

    2.5.1.1. Involved in Testing--Defined. For the purposes of a 
financial conflict of interest, an organization is involved in the 
testing of a voting system any time it contractually or otherwise takes 
on the responsibility for testing a voting system to Federal standards 
under EAC's Certification Program. For the purposes of a financial 
conflict of interest, an employee is involved in the testing of a 
voting system when the individual's duties as a VSTL employee require 
him or her to perform testing on the system, manage the testing process 
or supervise those who perform testing on the system.
    2.5.1.2. Financial Interest--Defined. The term includes any current 
or contingent ownership, equity, or security interest in real or 
personal property or a business and may include an indebtedness or 
compensated employment relationship. It thus includes, for example, 
interests in the nature of stocks, bonds, partnership interests, fee 
and leasehold interests, and other property rights, deeds of trust, and 
liens, and extends to any right to purchase or acquire any such 
interest, such as a stock option or commodity future.
    2.5.1.3. Direct Effect--Defined. A matter will have a direct effect 
on a financial interest if there is a close causal link between any 
decision or action to be taken in the matter and any expected effect of 
the matter on the financial interest. An effect may be direct even 
though it does not occur immediately. A matter will not have a direct 
effect on a financial interest, however, if the chain of causation is 
attenuated or is contingent upon the occurrence of events that are 
speculative or that are independent of, and unrelated to, the matter. A 
matter that has an effect on a financial interest only as a consequence 
of its effects on the general economy does not have a direct effect 
within the meaning of this section.
    2.5.1.4. Predictable Effect--Defined. A matter will have a 
predictable effect if there is a real, as opposed to a speculative 
possibility that the matter will affect the financial interest. It is 
not necessary, however, that the magnitude of the gain or loss be 
known, and the dollar amount of the gain or loss is immaterial.
    2.5.1.5. Imputed Interests--Defined. An imputed interest is a 
financial interest held by a third party individual or organization 
that serves to disqualify an employee or laboratory to the same extent 
as if they were the employee's or laboratory's own interest. These 
interests include:
    2.5.1.5.1. The financial interests of a spouse or dependent child 
shall be imputed to an employee.
    2.5.1.5.2. The financial interest of any organization in which a 
laboratory, parent corporation, or a laboratory employee serves as an 
employee, officer, board member, partner, consultant, director, trustee 
or similar position shall be imputed.
    2.5.1.5.3. The interests of any contracted third party laboratory 
shall be imputed to the utilizing VSTL.
    2.5.1.5.4. The financial interest of a person or organization with 
whom an employee is negotiating or has an arrangement concerning 
prospective employment shall be imputed.
    2.5.2. Prohibited Practices. Furthermore, irrespective of the 
existence of a conflict of interest, it is a prohibited practice for a 
laboratory, parent corporation, or laboratory employee to be involved 
in the development of a voting system or solicit or receive a gift from 
a voting system Manufacturer. No laboratory, parent corporation, or 
laboratory employee may:
    2.5.2.1. Voting System Development and Testing. Provide, or have 
provided, consultation, developmental testing or other services to a 
voting system developer such that the independence, or appearance of 
independence, in the testing of a particular voting system or system 
component would be compromised.
    2.5.2.1.1. A laboratory or individual may not be involved in both 
the development of a voting system and the certification of a system. 
Voting system development includes any testing, consultation or design 
work performed in order to ready a specific system for the marketplace 
or the certification process. Generally, any testing performed on 
behalf of a voting system manufacture that was not otherwise performed 
pursuant to a State or Federal voting system certification program will 
be considered developmental in nature.
    2.5.2.1.2. The prohibition barring participation in both 
development and testing is voting system specific. An employee or 
laboratory that was previously involved \2\ in product development with 
a Manufacturer is not

[[Page 50147]]

prohibited from testing all systems produced by that Manufacturer, just 
those systems in which the employee or laboratory participated directly 
in development. As voting systems are subject to change over time, for 
the purposes of this prohibition, a voting system shall be considered 
altered to the degree that it is a different system when:
---------------------------------------------------------------------------

    \2\ The prohibition relates to a VSTL's prior involvement in 
system development. Concurrent development work and testing may 
constitute a prohibited conflict of interest under Section 2.5.2 of 
this Manual.
---------------------------------------------------------------------------

    2.5.2.1.2.1. A period of at least three years has passed since the 
VSTL or employee was involved in the system's development;
    2.5.2.1.2.2. The system has been subject to both software and 
hardware modification since the VSTL or employee was involved in the 
system's development. De minimis changes (as defined in EAC Voting 
System Testing and Certification Program Manual) are not modifications; 
AND
    2.5.2.1.2.3. The system has received a certification after being 
tested by a different independent laboratory since the VSTL or employee 
was involved in the system's development.
    2.5.2.1.3. The prohibition barring participation in both 
development and testing does not prohibit a VSTL from allowing a 
Manufacturer to perform onsite hardware mitigation on a voting system 
in response to a minor system failure or anomaly. In such cases the 
VSTL:
    2.5.2.1.3.1. Shall suspend all hardware testing;
    2.5.2.1.3.2. Shall not participate or assist the Manufacturer in 
remediation;
    2.5.2.1.3.3. May provide testing equipment and qualified operators 
to the Manufacturer for its use;
    2.5.2.1.3.4. Shall monitor and document the Manufacturer's access 
to the system consistent with Section 2.11.1. of this manual; and
    2.5.2.1.3.5. Shall document in the test report the failure or 
anomaly and remedial action taken by the Manufacturer consistent with 
Section 2.10.5.2.1 of this Manual and Chapter 4 of EAC's Certification 
Manual (anomaly matrix).
    2.5.2.2. Gifts. Solicit or receive a gift, directly or indirectly, 
from any entity which holds a financial interest in the development, 
production, or sale of voting systems, or is otherwise impacted by the 
testing and certification of voting systems. Gifts given or received 
under circumstances which make it clear that the gift is motivated by a 
family relationship or personal friendship rather than position are not 
prohibited. Relevant factors in making such a determination include the 
history of the relationship and whether the family member or friend 
personally pays for the gift.
    2.5.3. Program Enforcement Elements. Prohibited conflicts and 
practices shall be enforced through a written program which:
    2.5.3.1. Regarding Employees Involved in the Testing of Voting 
Systems.
    2.5.3.1.1. Annually collects standard information from each 
employee, including assets, debts, outside or prior activities/
employment, gifts, and any work on voting system development sufficient 
to demonstrate compliance with Section 2.5.1. and 2.5.2. of this 
Manual. The information collection must also reflect the financial 
interests of those individuals (like spouses and minor children) whose 
interests are imputed to the employee;
    2.5.3.1.2. Requires and documents the review of information 
collected for potential conflicts and prohibited practices; and
    2.5.3.1.3. Resolves all identified conflicts of interest or 
prohibited practices prior to the employee or laboratory's involvement 
in the testing of any voting system. Such resolution shall be 
documented. Resolutions may include the divestiture of assets or gifts, 
employee resignation from outside organizations, or the altering of an 
employee's responsibilities by prohibiting participation in Voting 
System Testing or the testing of a specific system.
    2.5.3.2. Regarding the VSTL or VSTL's Parent Corporation.
    2.5.3.2.1. Annually collects information pertaining to the holdings 
and activities of the VSTL and its parent corporation(s), sufficient to 
demonstrate compliance with Section 2.5.1. and 2.5.2. of this Manual;
    2.5.3.2.2. Requires and documents the review of collected 
information for potential conflicts and prohibited practices; and
    2.5.3.2.3. Resolves all identified conflicts of interest or 
prohibited practices prior to the laboratory's testing of any voting 
system. Such resolution shall be documented. Resolutions may include 
the divestiture of assets or gifts, the termination or rejection of 
conflicted or prohibited testing work.
    2.5.3.3. Regarding Contracted Third Party Laboratories. The 
interest of a contracted third party laboratory may be imputed to a 
VSTL. VSTLs may meet and enforce the program requirements of this 
section with regard to this relationship in one of two ways:
    2.5.3.3.1. Collection of third party laboratory information, review 
of information and resolution of conflicts or prohibited practices:
    2.5.3.3.1.1. Collect information pertaining to the holdings and 
activities of the third party laboratory and its employees, sufficient 
to demonstrate compliance with Section 2.5.1. and 2.5.2. of this 
Manual. This includes gathering information concerning any involvement 
by the third party laboratory or its employees in the development of 
specific voting systems. This collection of information shall be 
performed prior to the execution of any contract for the testing of 
voting systems under this program and annually thereafter if the 
contract exceeds one year in duration.
    2.5.3.3.1.2. Require and document the review of collected 
information for potential conflicts, and
    2.5.3.3.1.3. Resolve all identified conflicts of interest prior to 
the laboratory's testing of any voting system.
    2.5.3.3.2. VSTL Supervision of third party laboratories performing 
non-core testing. Where a third party laboratory is subject to direct 
VSTL supervision and observation, the third party laboratory's 
conflicts of interest or prohibited practices will not be imputed to 
the lead VSTL. Direct VSTL supervision under this section requires that 
a VSTL employee is physically present during the third party testing 
and directly observes and supervises the testing. This VSTL employee 
must: (1) have been properly vetted for conflict of interest and 
prohibited practices pursuant to Section 2.5 of this Manual, (2) be 
competent to supervise the testing being performed and (3) have no 
financial interest in the third party laboratory they are supervising.
    2.5.4.  Waivers. In rare circumstances, prohibited practices or 
conflicts of interest may be waived by the EAC after the conflict or 
prohibited practice is properly disclosed to the agency. Waivers may be 
granted at the sole discretion of the Program Director.
    2.5.4.1. Requesting a Waiver. A request for a waiver shall be made 
in writing to the EAC Program Director. The request shall fully 
disclose the conflict of interest or prohibited practice for which the 
waiver is sought. The request shall also describe all steps taken to 
resolve the conflict or prohibited practice and the reasons why such 
attempts were unsuccessful or otherwise untenable. The request shall 
also state why the waiver should be granted, consistent with the 
standard in Section 2.5.4.2.
    2.5.4.2. Waiver Standard. A disqualifying conflict of interest or 
prohibited practice is subject to waiver when the issuance of a waiver 
is in the best interest of the EAC Certification Program and the 
identified conflict or practice is unlikely to affect the integrity

[[Page 50148]]

or impartiality of the VSTL or VSTL employee's services under the EAC 
Certification Program. The Program Director may consider the following 
factors in making a waiver determination:
    2.5.4.2.1. The value of any disqualifying financial interest;
    2.5.4.2.2. The nature and impact of any prohibited practice;
    2.5.4.2.3. The role and responsibility of the employee subject to 
the conflict of interest or prohibited practice;
    2.5.4.2.4. The availability of other employees, VSTLs or 
laboratories to conduct the testing without a conflict or prohibited 
practice.
    2.5.4.2.5. The level of discretion or sensitivity required to 
perform the conflicted or prohibited duties under the certification 
program;
    2.5.4.2.6. The ability of an EAC waiver to adjust a VSTL or VSTL 
employee's testing process and duties or otherwise mandate additional 
safeguards which would limit or abrogate the impact of the conflict of 
interest or prohibited practice.
    2.5.4.3. Issuing a Waiver. Any waiver issued by the Program 
Director shall be made in writing to the requestor. The waiver shall 
state with specificity the conflict of interest or prohibited practice 
waived. The waiver shall also clearly state any conditions for its 
issuance, such as mitigating processes or procedures or safeguards. The 
VSTL is responsible for meeting all waiver conditions prior to engaging 
in the waived activity. Failure to meet such condition may result in 
the revocation of a VSTLs accreditation. The Program Director shall 
publish all waivers on the EAC Web site.
    2.5.4.4. Denying a Request for a Waiver. Any decision denying a 
request for a waiver shall be made by the Program Director in writing 
and provided to the VSTL. The Program Director shall publish all waiver 
denials on the EAC Web site.
    2.6. Personnel Policies. As a condition of accreditation, all 
laboratories shall have in place written policies to ensure that the 
Laboratory does not employ individuals, in any capacity related to the 
testing of voting systems, who have been convicted of a felony offense 
or any criminal offense involving fraud, misrepresentation, or 
deception under either Federal or State law. The VSTL shall have a 
program in place to enforce this policy and document such enforcement.
    2.7. Notification of Changes. As a condition of accreditation, all 
laboratories shall agree to notify the EAC in writing within fifteen 
(15) calendar days of any significant changes in laboratory operations 
from what the Laboratory described in any assertion that served as the 
basis for its EAC accreditation, including any assertions made to 
NIST's NVLAP or to the EAC pursuant to Chapter 3 of this Manual. 
Examples of events that require written notification include, but are 
not limited to:
    2.7.1. A Laboratory's decision to withdraw from the EAC's program;
    2.7.2. Changes in ownership of the Laboratory (other than minor-
less that 15%-change in stock ownership),
    2.7.3. A change in location of the Laboratory facility, or
    2.7.4. Personnel changes in key staff positions.
    2.8. Site Visits. As a condition of accreditation, all laboratories 
shall allow EAC representatives to enter their voting system testing 
and management facilities pursuant to the procedures and requirements 
of Chapter 4 of this Manual.
    2.9. Notice of Lawsuits. As a condition of accreditation, all 
laboratories shall provide notice to the EAC of any lawsuits or claims 
filed against it, its subcontractors, subsidiaries, employees, 
officers, owners, operators, or insurers while the Laboratory holds an 
EAC accreditation and which relate to the work performed in, or 
management of, the Laboratory's voting system testing program.
    2.10. Testing, Technical Practices and Reporting. As a condition of 
accreditation, each VSTL shall perform testing in conformance with the 
relevant standards of the applicable Federal Standards (VVSG or VSS). 
Additionally, the VSTL shall create written reports of such testing 
consistent with the requirements of the latest version of the VVSG, 
EAC's Voting System Testing and Certification Manual, any applicable 
test suites mandated by the EAC, and any other written guidance 
published by the EAC.
    2.10.1. Test Plan Package. The VSTL shall submit a test plan 
package directly to the EAC consistent with the requirements of the 
Voting System Testing and Certification Manual, the latest version of 
the VVSG, this Manual and any other written guidance from the EAC. A 
test plan package includes:
    2.10.1.1. Requirements Matrix. The Requirements Matrix is a form 
developed by the EAC which identifies each requirement found in Federal 
voting system standards (a version of the VVSG or VSS). VSTLs will be 
required to identify the standards that apply to the system being 
tested, identify the testing to be performed and provide additional 
information as required. The Requirements Matrix and instructions for 
its completion may be found on EAC Web site at www.eac.gov. The matrix 
will serve as both a tool to identify and a means to document what 
should be tested and how.
    2.10.1.2. Test Plan. The purpose of the Test Plan is to provide 
information regarding test methods. The Test Plan contains more detail 
than the Requirements Matrix.
    2.10.1.2.1. Format. VSTLs shall format each test plan consistent 
with the requirements of Appendix A of this Manual.
    2.10.1.2.2. Content. Each test plan shall identify applicable 
voting system standards and contain a description of the testing 
proposed to verify conformance. Also, each test plan shall contain a 
statement indicating the scope of the labs accreditation.
    * Required Content. For each test, the test plan shall provide 
detailed information referencing testing to be performed, including 
facility requirements, test set-up, test sequence, data recording 
requirements and pass criteria.\3\
---------------------------------------------------------------------------

    \3\ This requirement is consistent with International Standards 
Organization requirements, which serve as a basis for NIST NVLAP's 
accreditation and recommendation to the EAC. Where established and 
approved test methods do not exist, ISO Standard 17025, Section 
5.4.4., Non-Standard Method requires the testing to be validated by 
the laboratory prior to use. The EAC will review and approve the 
validated test methods.
---------------------------------------------------------------------------

    * Exception. Where a VSTL utilizes EAC mandated or approved test 
methods, the test plan may simply reference these methods and identify, 
with specificity, all deviations. Mandated test methods are those test 
methods required for use by the EAC. Approved test methods are 
standard, verified VSTL test methods approved by the EAC. VSTLs may 
submit standard test methods for approval by submitting them in writing 
to the Program Director.
    2.10.2. Test Case. After approval of the VSTLs Test Plan, the VSTL 
shall develop Test Cases. A Test Case is a system specific, step-by-
step test procedure or laboratory testing process that provides 
detailed test operation procedures sufficient for trained laboratory 
personnel to fully conduct a given test and produce repeatable results. 
The VSTL shall inform the EAC, in writing, when all test cases for the 
voting system under test have been completed. This notice shall include 
an index identifying each test case created to test the system. The 
notification should indicate if these are standard test cases, modified 
standard test cases, or a new test case. These test cases shall be 
available to the EAC for review and approval upon request.

[[Page 50149]]

    2.10.3. Testing. The highest standards shall be applied to the 
testing of voting systems. VSTLs shall perform testing in conformance 
with the relevant standards of the applicable Federal Standards (VVSG 
or VSS) and consistent with any written EAC interpretations of these 
standards. The Laboratory shall maintain its technical practices 
consistent with the standards which served as the basis for its NVLAP 
accreditation. These standards include International Standard ISO/IEC 
17025, General Requirements for the Competence of Testing and 
Calibration Laboratories; NIST Handbook 150, Procedures and General 
Requirement; NIST Handbook 150-22, Voting System Testing; any documents 
supplementing, updating or replacing these standards or handbooks; and 
any pertinent EAC guidance. When conducting testing under EAC's 
program, VSTLs shall only perform testing of voting systems consistent 
with the scope of their accreditation.
    2.10.4. Third Party Testing. Lead VSTL's may contract or otherwise 
provide for the testing of voting systems by third parties under this 
program. However, the lead VSTL shall be responsible for the accuracy, 
quality assurance, and results of all tests performed. Under this 
program, no VSTL may perform or contract for the performance of testing 
outside the scope of its accreditation. Testing performed directly by 
lead VSTL personnel using third party contractor equipment and 
facilities is not considered third party testing.
    2.10.4.1. Core Testing. Core voting system testing may only be 
performed by VSTLs. Therefore, a VSTL may only contract or otherwise 
provide for the core testing of voting systems if it uses a third party 
VSTL. Core testing includes: Technical Data Package review, physical 
configuration audit, source code review, functional configuration 
audit, system integration testing, volume testing, and security testing 
(not including cryptographic testing).
    2.10.4.2. Non-Core Testing. Non-core testing may be performed by 
non-VSTLs if they hold an EAC recognized accreditation to perform the 
relevant testing. The EAC recognizes two national accreditation bodies, 
NIST's NVLAP program and the American Association of Laboratory 
Accreditation (A2LA). Generally, a VSTL may only contract or otherwise 
provide for the non-core testing of voting systems if it uses a NVLAP 
or A2LA laboratory accredited to the specific scope of testing 
necessary. Non-core testing includes: Electromagnetic compatibility 
testing, telecommunications testing, environmental testing, electrical 
testing, acoustical testing, and cryptographic testing.\4\ In limited 
circumstances, laboratories not holding a recognized accreditation may 
be used by VSTLs for non-core testing only after approval by EAC's 
Program Director. Requests for such approval must be made in writing 
and demonstrate: (1) That there is no recognized laboratory available 
within a reasonable window of availability and geographic proximity 
(generally within the continental United States) and (2) that the VSTL 
has conducted a thorough assessment of the third party laboratory's 
capabilities, quality system, management system, and/or alternative 
accreditations and have determined and documented that the laboratory 
is qualified to perform testing. The EAC may visit, interview or audit 
any non-accredited laboratory at any time before, during, or after the 
testing has occurred to verify their qualifications.
---------------------------------------------------------------------------

    \4\ For the purposes of the EAC's Voting System Test Laboratory 
Program, non-core cryptographic testing includes all testing 
involving evaluation of cryptographic operation and key management.
---------------------------------------------------------------------------

    2.10.4.3. VSTL Responsibilities. Lead VSTLs are responsible for all 
tests performed on voting systems submitted to them by Manufacturers 
under EAC's Testing and Certification Program. This includes testing 
(both core and non-core) performed by third party laboratories under 
their direction (including third party VSTL laboratories). Any 
procedural or substantive irregularities or errors which occur during 
the third party testing process will be imputed to the responsible lead 
VSTL. Such failures may serve as a basis for the revocation of 
accreditation. Lead VSTLs using third party laboratories (consistent 
with Sections 2.10.4.1 through 2.10.4.2, above) shall take steps to 
ensure that the third party laboratories they employ meet the standards 
of this Program. At a minimum, the lead VSTLs shall ensure:
    2.10.4.3.1. The third party laboratory provides the lead VSTL 
verifiable documentation regarding its relevant accreditation;
    2.10.4.3.2. Any hardware tested by the qualified third party 
laboratory is first validated by the lead VSTL as the same hardware 
presented to it for certification;
    2.10.4.3.3. The third party laboratory provides the lead VSTL with 
evidence that it will direct its activities in compliance with any and 
all relevant VVSG requirements for testing and that the testing was, in 
fact, performed consistent with such specific requirements. Any special 
procedures, tools, or testing software necessary to meet VVSG 
requirements must be validated by the lead VSTL prior to use. For 
example, the VVSG requires that systems be tested while operating and 
that such operation be in a manner and under conditions that simulate 
election use. In such cases, the lead VSTL must ensure that the third 
party laboratory will properly implement the VVSG requirements, 
validate its election simulation tools, and properly performed the 
testing;
    2.10.4.3.4. The lead VSTL performs all system accuracy, 
reliability, functionality and integration testing; and
    2.10.4.3.5. The third party laboratory issues a report to the lead 
VSTL that fully documents its testing such that the lead VSTL may 
demonstrate compliance with this section and produce a report 
consistent with Section 2.10.5 of this Manual.
    2.10.5. Test Report Package. The Test Report Package represents the 
culmination of the testing process. As such, it is vital that it 
accurately and completely document the testing performed and the 
results of such testing. VSTLs shall submit Test Report Packages 
directly to the EAC. The packages shall include:
    2.10.5.1. Requirements Matrix. VSTLs shall complete the 
requirements matrix originally submitted with its test plan (see 
Section 2.10.1 above). The Requirements Matrix and instructions for its 
completion may be found on the EACs Web site at www.eac.gov. The final 
submission of the Requirements Matrix will serve as verification that 
the VSTL performed the testing required to demonstrate compliance with 
voting system standards.
    2.10.5.2. Test Report. VSTLs shall provide a test report.
    2.10.5.2.1. Content. All test reports shall document the testing 
process, including the documentation and justification of any 
divergence from the EAC approved test plan, methods, or cases and the 
identification of all failures and/or anomalies along with any remedial 
action taken \5\ (see Chapter 4 of the EAC's Voting System Testing and 
Certification Manual regarding the anomaly matrix). Test reports shall 
also document any prescribed maintenance or modifications, performed by 
the Manufacturer, to a voting system in testing. Such maintenance or 
modifications shall be monitored by the

[[Page 50150]]

VSTL consistent with Section 2.11.1 of this Manual.
---------------------------------------------------------------------------

    \5\ VSTLs must report all errors and anomalies identified in the 
test campaign even when an error is identified during the testing of 
unrelated functionality.
---------------------------------------------------------------------------

    2.10.5.2.2. Format. To the greatest extent possible, VSTLs shall 
write reports such that they are understandable to non-technical 
persons. As the EAC will publish these reports (bar portions prohibited 
by law), VSTLs shall refrain from including in them trade secrets or 
other commercial information protected from release unless 
substantively required. Where information protected from release may be 
included, it shall be identified consistent with Chapter 7 of this 
Manual. VSTLs shall format each test report consistent with the 
requirements of Appendix B of this Manual.
    2.10.5.3. VSTL Attestation. The VSTL shall provide a letter, signed 
by a representative authorized to take action on behalf of the VSTL 
(see Sections 2.13 and 3.4.1.6. of this Manual), which attests that (1) 
all testing prescribed by the test plan or amended test plan was 
performed as identified or the divergence from the test plan was 
properly documented, (2) all identified voting system anomalies or 
failures were reported and resolved, (3) that the test report is 
accurate and complete, and (4) the VSTL recommends the system for 
certification.
    2.10.6. Acceptance of Prior Testing. Generally, a valid test 
previously performed on a voting system by a VSTL, or by a third party 
test laboratory operating at the direction of a VSTL, may be reused at 
the discretion of the lead VSTL. The EAC encourages VSTLs to use such 
testing to fulfill current certification requirements. The EAC will 
accept prior testing only when the below requirements are met. Lead 
VSTLs are responsible for ensuring that the prior testing has met these 
requirements. Prior testing is valid when:
    2.10.6.1. The discrete software or hardware component previously 
tested is demonstrably identical to that presently offered for testing. 
Lead VSTLs must examine the components to ensure no change has taken 
place consistent with all documentation. When valid prior testing is 
used, the system presented must be subject to regression testing, 
functional testing and system integration testing;
    2.10.6.2. The voting system standards and relevant EAC 
interpretations applicable to the prior and current testing are 
identical;
    2.10.6.3. The test methods used are equivalent or identical to 
current test methods approved by the EAC;
    2.10.6.4. The prior testing has been reviewed by the VSTL and no 
errors or omissions are apparent. Any errors or omissions identified 
shall be reported to the EAC; and
    2.10.6.5. The adoption and use of prior testing is noted in the 
test plan and test report. Like all testing, prior testing is subject 
to EAC review and approval.
    2.10.7. Termination of Testing Prior to Completion. In the event 
testing is terminated prior to completion, VSTLs are required to notify 
the EAC Program Director. This notification shall be in writing and 
state the reasons for termination, provide a list of all testing 
completed, and produce a matrix of test anomalies or failures pursuant 
to Section 4.5.2 of the EAC Testing and Certification Program Manual.
    2.10.7.1. Termination Defined. Voting system testing shall be 
considered terminated when the testing process is permanently ended or 
otherwise halted without a specific plan to recommence within 180 days 
of the last test performed.
    2.10.7.2. Effect of Termination. Notification of termination will 
result in the suspension of the Manufacturer's Certification 
Application. Additionally, the termination and VSTL's written notice 
shall be posted on EAC's Web site.
    2.10.7.3. Resubmission after Termination. Manufacturers may 
resubmit a system previously terminated by submitting an updated 
application consistent with Chapter 4 of the Voting System Testing and 
Certification Program Manual. Pursuant to Section 2.11 of this Manual 
and Section 4.3.1.2 of the Voting System Testing and Certification 
Program Manual, a system resubmitted to the EAC after termination must 
be tested by the VSTL identified on the original application.
    2.11. Laboratory Independence. As a condition of accreditation, all 
laboratories shall maintain their independence from voting system 
Manufacturers, consistent with their roles and responsibilities as a 
key component of the EAC Certification program. VSTLs shall maintain an 
arm's length relationship with the manufacturers and avoid even the 
appearance of improper conduct. In order to maintain independence, 
VSTLs shall adhere to the following independence principles and 
requirements:
    2.11.1. Testing Independence. Consistent with the requirements of 
this Manual, only the lead VSTL identified on a voting system's 
application form may test or oversee the testing of that system. Under 
no circumstances may a Manufacturer perform or participate in any 
testing which will serve as the basis of an EAC certification. 
Participation includes but is not limited to the observation of testing 
by the Manufacturer.\6\ Additionally, lead VSTL's shall ensure that 
Manufactures' do not have access to a system under test unless 
accompanied and monitored by a VSTL representative.
---------------------------------------------------------------------------

    \6\ Not all activities required for EAC Certification are 
``testing'' activities. Examples of certification requirements that 
do not fall into the category of ``testing'' include trusted and 
witness builds.
---------------------------------------------------------------------------

    2.11.2. Decision Making. Determinations regarding testing, test 
requirements, and test results shall be made on the basis and for the 
purpose of ensuring that the systems tested meet Federal voting system 
standards. A VSTL's primary purpose shall be to serve the public 
interest through adherence to the EAC Testing and Certification 
Program.
    2.11.3. Single Laboratory Requirement. EAC's Testing and 
Certification Program prohibits Manufacturers from changing 
laboratories during the testing process. Once a lead VSTL is identified 
to the EAC by the Manufacturer to test a system, a test report will not 
be accepted by the EAC from any other laboratory unless authorized 
pursuant to Chapter 4 of the EAC's Voting System Testing and 
Certification Program Manual. This strict policy supports VSTLs in 
their independent decision making role. VSTLs shall immediately report 
to the EAC Certification Program Director any time a Manufacturer 
withdraws a product from testing or the testing is otherwise terminated 
(see Section 2.10.7. of this Manual).
    2.11.4. Fee for Service. All fees paid by a Manufacturer to a VSTL 
shall be solely for services rendered. No payment may be accepted by a 
VSTL that is not directly linked to services necessary to complete 
system testing. No payment may be accepted by a VSTL that is 
conditioned or dependent on testing outcome.
    2.11.5. Written Communications. To ensure and document the 
independent relationship between test laboratories and Manufacturers, 
all substantive discussions regarding the outcome, cost, payment and 
testing of a voting system shall be conducted or otherwise documented 
in writing by the VSTL. These records shall be maintained consistent 
with Section 2.15 of this Manual. Examples of substantive discussions 
between the lead VSTL and a Manufacturer include but are not limited 
to:
    2.11.5.1. All contracts and amendments thereto;

[[Page 50151]]

    2.11.5.2. All discussions regarding the set up and operation of the 
voting system during testing;
    2.11.5.3. All discussions with the Manufacturer regarding the test 
plan, test cases, testing, or the test report; and
    2.11.5.4. All discussions regarding implementation or 
interpretation of the standards.
    2.11.6. Testing Facilities. To avoid the appearance of impropriety 
and otherwise maintain laboratory independence, VSTLs shall not conduct 
testing \7\ at a Manufacturer owned or controlled facility. If 
exceptional circumstances exist requiring that the VSTL use 
Manufacturer facilities, the VSTL may request a waiver from this 
prohibition. The request must be in writing to the Program Director and 
clearly state why such testing is necessary. A waiver may be granted at 
the sole discretion of the Program Director and may impose necessary 
restrictions, limitations and requirements on testing. Waivers will be 
granted only in exceptional circumstances.
---------------------------------------------------------------------------

    \7\ As noted in footnote 6, above, this requirement only applies 
to ``testing'' and does not include other certification activities 
such as trusted and witness builds.
---------------------------------------------------------------------------

    2.11.7. Improper Influence. Any attempt by a Manufacturer to unduly 
influence the test process shall be immediately reported to the EAC's 
Certification and Testing Program Director.
    2.12. Authority to do Business in the United States. As a condition 
of accreditation, all laboratories shall be lawfully entitled or 
otherwise not prohibited from doing business with the United States or 
its citizens or operating in the United States.
    2.13. Communications. As a condition of accreditation, all 
laboratories shall designate and identify an individual or individuals 
who may speak for and take action on behalf of the VSTL. VSTLs shall 
maintain an open line of communication with EAC's Testing and 
Certification Program Director, providing prompt response to requests 
for information regarding the Program.
    2.14. Resources and Financial Stability. As a condition of 
accreditation, all VSTLs shall allocate sufficient resources to enable 
the laboratory to properly use and maintain its test equipment, 
personnel, and facility and to satisfactorily perform all required 
laboratory functions. The laboratory shall maintain insurance policies 
sufficient to indemnify itself against financial liabilities or 
penalties that may result from its operations. VSTLs shall:
    2.14.1. Maintain insurance policies (see Section 3.4.1.8.) that 
indemnify the laboratory against the potential losses identified in its 
liability assessment (see Section 3.4.1.9.); and
    2.14.2. Document solvency through demonstrating that the 
laboratory's assets are greater than its liabilities in its audited 
financial statement (see Section 3.4.1.16.).
    2.15. Recordkeeping. As a condition of accreditation, all 
laboratories shall have a written policy regarding the proper storage, 
management and retention of all records relating to the testing of 
voting systems. At a minimum, this policy shall require all forms, 
reports, test records, observations, calculations, and derived data for 
all tests performed on a given voting system (or component of said 
system) be retained for a period of at least 5 years after the last 
test performed on any version of that system (or component of any 
version of said system). The policy shall require that all documents 
are maintained in a safe and secure environment and stored in a manner 
that provides for organized and timely identification and retrieval. 
Additionally, all records must be kept in a data format usable and 
available to the EAC.
3. Accreditation Process
    3.1. Overview. This chapter sets forth the required steps Applicant 
Laboratories must perform in order to receive an EAC Voting System Test 
Laboratory Accreditation. The process generally includes an application 
for and receipt of a NIST recommendation; receipt of an EAC invitation 
to apply; and the successful submission, acceptance and review of an 
EAC application.
    3.2. NIST Recommendation. The Election Assistance Commission (EAC) 
is mandated under Section 231 of the Help America Vote Act of 2002 
(HAVA) (42 U.S.C. Sec.  15371(b)) to ``* * * provide for the 
certification, de-certification and re-certification of voting system 
hardware and software by accredited laboratories.'' As part of this 
process, HAVA requires the National Institute of Standards and 
Technology (NIST) to evaluate independent non-Federal test 
laboratories. NIST selects those laboratories technically qualified to 
test voting systems and recommends them to the EAC for accreditation. 
Generally, a Laboratory must have a NIST recommendation before it may 
be considered for EAC accreditation.
    3.2.1. NIST Recommendation Process. NIST utilizes its National 
Voluntary Laboratory Accreditation Program (NVLAP) to perform this 
evaluation. NIST, through the NVLAP process, assesses laboratory 
technical capabilities, procedures and personnel before recommending a 
laboratory for EAC accreditation. The requirements, procedures and 
application process for requesting consideration by NIST (for 
recommendation to the EAC) may be found at www.nist.gov/NVLAP or by 
contacting NIST at, National Voluntary Laboratory Accreditation 
Program, Standards Services Division, NIST, 100 Bureau Drive, Stop 
2140, Gaithersburg, MD, 20899-2140.
    3.2.2. Emergency EAC Accreditation without NIST Recommendation. 
HAVA authorizes the EAC to consider and accredit laboratories without a 
NIST recommendation (42 U.S.C. Sec.  15371(b)(2)(B)). The EAC will 
accredit laboratories without a NIST recommendation only as an 
emergency action.
    3.2.2.1. Emergency Action-Defined. The EAC will take emergency 
action only in instances where (1) there is a significant national need 
for accredited laboratory testing capacity that cannot be met by 
existing VSTL's, (2) the shortage of laboratory testing capacity may 
cause a disruption in the orderly administration of Federal elections, 
and (3) NIST is not capable of timely providing new laboratories to 
meet needs. Consistent with HAVA, the EAC will publish its basis for 
emergency action following the above standards.
    3.2.2.2. Emergency Action-Process. Laboratories shall be accredited 
by the EAC in an emergency action only after they have been properly 
assessed according to international standards and applicable NIST 
Guidance. These standards include International Standard ISO/IEC 17025, 
General Requirements for the Competence of Testing and Calibration 
Laboratories; NIST Handbook 150, Procedures and General Requirement; 
NIST Handbook 150-22, Voting System Testing; and/or any documents 
supplementing, updating or replacing these standards or handbooks.
    3.2.2.3. Emergency Action-Provisional. Any accreditation provided 
by the EAC through its emergency action authority will be provisional 
in nature and limited in scope. All emergency accreditations must 
expire on a date certain.
    3.3. EAC Invitation. After receipt of a NIST list of recommended 
laboratories, the EAC will send a letter to the laboratories inviting 
them to apply for EAC accreditation under the VSTL program. No 
laboratory may apply for EAC accreditation without an invitation from 
the Commission. The letter of invitation will identify the scope of

[[Page 50152]]

accreditation for which the laboratory may apply. The invited 
laboratories must follow the application procedure noted in Section 
3.4, below.
    3.4. Application. EAC is the sole authority for Voting System Test 
Laboratory Accreditation. While NIST's recommendation serves as a 
reliable indication of technical competency, the EAC must take 
additional steps to ensure that laboratory policies are in place 
regarding issues like conflict of interest, record maintenance, and 
financial stability. It must also ensure that the candidate laboratory 
is willing and capable to work with EAC in its Certification Program. 
To that end, applicant laboratories are required to submit a Letter of 
Application requesting accreditation. The letter shall be addressed to 
the Testing and Certification Program Director and attach (in either 
hard copy or on CD/DVD) (1) all required information and documentation; 
(2) a signed letter of agreement; and (3) a signed certification of 
conditions and practices.
    3.4.1. Information and Documents. The applicant laboratory must 
submit the information and documents identified below as a part of its 
application. These documents will be reviewed by the EAC in order to 
determine whether the applicant laboratory meets the program 
requirements identified in Chapter 2. The grant of EAC accreditation is 
subject to receipt of the information and EAC's review and approval of 
the materials. The applicant laboratory shall properly label any 
documents, or portions of documents, it believes are protected from 
release under Federal law.
    3.4.1.1. The legal name of the laboratory
    3.4.1.2. Mailing address of the laboratory
    3.4.1.3. Physical location of the laboratory (if different than the 
mailing address).
    3.4.1.4. Name, phone number, fax number and e-mail address of the 
voting system testing program manager or individual otherwise 
immediately responsible for the voting system testing program.
    3.4.1.5. Name, phone number, fax number, and e-mail address of the 
individual, CEO, president or otherwise titled head of the laboratory.
    3.4.1.6. Name, title, phone number, fax number, and e-mail address 
of the individual or individuals designated to speak for and take 
action on behalf of the laboratory pursuant to Section 2.13 of this 
Manual.
    3.4.1.7. The business contact information (such as point of 
contact, address, Web site, e-mail address) to be posted by the EAC on 
its Web site.
    3.4.1.8. The identity of the laboratory's insurer(s), name of 
insured, and coverage limits for any comprehensive general liability 
policies, errors and omissions policies, professional liability 
policies, and bailee policies.
    3.4.1.9. A written assessment of the laboratory's commercial 
general liability.
    3.4.1.10. A signed statement certifying that it maintains workman's 
compensation policy coverage sufficient to meet the applicable State's 
minimum requirements.
    3.4.1.11. A copy of the laboratory's organizational chart which 
includes the names of key staff responsible for the testing of voting 
systems.
    3.4.1.12. A copy of the laboratory's conflict of interest policy 
which implements the standards of Section 2.5 of this Manual.
    3.4.1.13. A copy of the laboratory's personnel policy which 
implements the standards of Section 2.6 of this Manual.
    3.4.1.14. A copy of the laboratory's recordkeeping policy which 
implements the standards of Section 2.15 of this Manual.
    3.4.1.15. A copy of the laboratory facilities brochure.
    3.4.1.16. A copy of the most recent annual report, the names of the 
current board of directors and the previous year's board of directors, 
the names of any majority shareholders, and audited financial 
statements of the companies or entities that own and operate the 
laboratory. Laboratories not incorporated should provide comparable 
information.
    3.4.2. Letter of Agreement. The applicant laboratory must submit a 
signed letter of agreement as a part of its application. This letter 
shall be signed by an official vested with the legal authority to speak 
for, contract on behalf of or otherwise bind the applicant laboratory 
(see Section 2.13). The purpose of this letter is to document that the 
applicant laboratory is aware of and agrees to abide by the 
requirements of the EAC Voting System Testing Laboratory Accreditation 
Program. No applicant laboratory will be considered for accreditation 
unless it has properly submitted a letter of agreement. The letter 
shall unequivocally state the following:
    The undersigned representative of-------- (hereinafter 
``Laboratory''), being lawfully authorized to bind Laboratory and 
having read the EAC Voting System Test Laboratory Program Manual, 
accepts and agrees on behalf of Laboratory to follow the program 
requirements as laid out in Chapter 2 of the Manual. Laboratory shall 
meet all program requirements as they relate to NVLAP accreditation; 
conflict of interest and prohibited practices; personnel policies; 
notification of changes; resources; site visits, notice of law suits; 
testing, technical practices and reporting; laboratory independence; 
authority to do business in the United States; VSTL communications; 
financial stability; and recordkeeping. Laboratory further recognizes 
that meeting these program requirements is a continuing responsibility. 
Failure to meet each of the requirements may result in the denial of an 
application for accreditation, a suspension of accreditation or a 
revocation of accreditation.
    3.4.3. Certification of Laboratory Conditions and Practices. The 
applicant laboratory must submit a signed Certification of Laboratory 
Conditions and Practices as a part of its application. No applicant 
laboratory will be considered for accreditation unless it has properly 
affirmed its conditions and practices through the certification 
document. A Certification of Laboratory Conditions and Practices form 
may be found at Attachment C and is available electronically at 
www.eac.gov. By signing the certification, a laboratory affirms that 
it, in fact, has in place the policies, procedures, practices, 
resources and personnel stated in the document. Any false 
representations made in the certification process may result in the 
revocation of accreditation and/or criminal prosecution.
    3.5. EAC Review of Application Package. The EAC will perform a 
review of each Applicant Laboratory's application package to ensure 
that it is complete and the laboratory meets the program requirements. 
Each package will be received and reviewed by the Testing and 
Certification Program Director to identify any apparent nonconformities 
or deficiencies. If necessary, the Program Director will notify 
Applicant Laboratories of any such nonconformities or deficiencies and 
provide them an opportunity to cure problems prior to forwarding the 
package to the Commissioners. The Program Director will issue a 
recommendation to the Commissioners when forwarding any application 
package. Consistent with HAVA, a laboratory will receive an 
accreditation only upon a vote of the Commissioners.
    3.5.1. Program Director Review. Application packages shall be sent 
to the Program Director. The Program Director will perform a review of 
the packages before forwarding them to the Commissioners with a 
recommendation.

[[Page 50153]]

Upon receipt of an application package the Testing and Certification 
Program Director shall review the package to ensure:
    3.5.1.1. The package is complete. No application may be forwarded 
to the Commission for a vote on accreditation unless is contains all 
required documentation (Section 3.4.1), a proper letter of agreement 
(Section 3.4.2), and a signed Certification of Laboratory Conditions 
and Practices (Section 3.4.3).
    3.5.1.2. Evidence of compliance with program requirements. The 
Program Director shall also review the submissions to ensure that the 
information provided properly reflects and documents compliance with 
program requirements.
    3.5.2. Notice of Nonconformity. In the event the Program Director 
identifies (1) missing documentation or information and/or (2) issues 
of non-compliance, the Program Director shall notify the Applicant 
Laboratory of the deficiencies prior to forwarding a recommendation to 
the Commissioners. The written notice of nonconformity shall:
    3.5.2.1. Identify any missing documentation or information;
    3.5.2.2. Identify any issues of potential non-compliance; and
    3.5.2.3. Provide Applicant Laboratory a reasonable time period to 
submit additional information or amend their application package in 
response to identified non-conformities.
    3.5.3. Applicant Laboratory Action on Notice of Nonconformity. 
Applicant Laboratories shall respond to a notice of nonconformity 
within the timeframe identified by the Program Director. Responses 
shall include any missing documents identified in the notice, as well 
as any additional or clarifying information or documentation responsive 
to an issue of non-compliance.
    3.5.3.1. Request for Additional Time. Applicant Laboratories may 
request additional time in writing. Such request must state the basis 
for the request and identify a reasonable time period for response. The 
grant of additional time is at the sole discretion of the Program 
Director.
    3.5.3.2. Failure to Respond--Missing Documentation or Information. 
If an Applicant Laboratory fails to provide required information or 
documentation within the timeframe provided in the notice of 
noncompliance, the Program Director shall reject the application as 
incomplete, returning the package to the applicant for resubmission 
consistent with the requirements of this Chapter.
    3.5.3.3. Failure to Respond--Issue of Noncompliance. If, within the 
timeframe provided in the notice of noncompliance, an Applicant 
Laboratory (who has provided all required documentation) fails to 
provide additional, clarifying information or documentation in response 
to an identified issue of program noncompliance, the Program Director 
shall forward the original application to the Chair of the Commission 
for action.
    3.5.4. Recommendation to Commissioners. After review, and if 
necessary an opportunity for the applicant to amend their application, 
the Program Director shall forward each application to the Chair of the 
Commission with a recommendation as to disposition. This application 
package shall include all documents and correspondence between the 
applicant laboratory and the EAC Program Director.
    3.5.5. Vote by Commissioners. Upon receipt of an application 
package and recommendation from the Testing and Certification Program 
Director, the Chair of the Commission shall forward the information to 
each EAC Commissioner. After a reasonable time to review the forwarded 
materials, the Chair of the Commission shall bring the matter to a 
vote, consistent with the rules of the Commission. The measure 
presented for a vote shall take the form of a written Commissioners' 
Decision which (1) makes a clear determination as to accreditation and 
(2) states the basis for the determination.
    3.6. Grant of Accreditation. Upon a vote of the EAC Commissioners 
to accredit a laboratory, the Testing and Certification Program 
Director shall inform the laboratory of the decision, Issue a 
Certificate of Accreditation and post information regarding the 
laboratory on the EAC Web site.
    3.6.1. Certificate of Accreditation. A Certificate of Accreditation 
shall be issued to each laboratory accredited by vote of the 
Commissioners. The certificate shall be signed by the Chair of the 
Commission and state:
    3.6.1.1. The name of the VSTL;
    3.6.1.2. The scope of accreditation, by stating the Federal 
standard or standards to which the VSTL is competent to test;
    3.6.1.3. The effective date of the certification, which shall not 
exceed a period of two (2) years; and
    3.6.1.4. The technical standards to which the laboratory was 
accredited.
    3.6.2. Post Information on Web Site. The Program Director shall 
make information pertaining to each accredited laboratory available to 
the public on EAC's Web site. This information shall include (but is 
not limited to):
    3.6.2.1. NIST's Recommendation Letter;
    3.6.2.2. The VSTL's Letter of Agreement;
    3.6.2.3. The VSTL's Certification of Conditions and Practices;
    3.6.2.4. The Commissioner's Decision on Accreditation; and
    3.6.2.5. The Certificate of Accreditation.
    3.7. Effect of Accreditation. Receipt of an EAC Accreditation 
indicates that a laboratory has met the applicable technical, 
procedural, management and staffing requirements and may serve as a 
Voting System Test Laboratory (VSTL) under EAC's Testing and 
Certification Program.
    3.7.1. Scope of Accreditation. A laboratory shall operate within 
the limits of the scope of accreditation as stated on its Certificate 
of Accreditation.
    3.7.2. Representation. No VSTL may make representations regarding 
its accreditation beyond its scope of accreditation.
    3.7.3. No Endorsement. A Certificate of Accreditation is not an 
endorsement of the recipient laboratory. A VSTL may not state or imply 
EAC endorsement.
    3.7.4. Accreditation Logo. A VSTL may display the EAC laboratory 
accreditation logo. Only the EAC authorized logo may be used. The 
display must be used in a manner consistent Sections 3.7.1.--3.7.3., 
above. Specifications for the reproduction and use of the EAC logo are 
found in Appendix D.
    3.8. Expiration and Renewal of Accreditation. A grant of 
accreditation is valid for a period not to exceed two years. A VSTL's 
accreditation expires on the date annotated on the Certificate of 
Accreditation. VSTLs in good standing shall renew their accreditation 
by submitting an application package to the Program Director, 
consistent with the procedures of Section 3.4 of this Chapter, no 
earlier than 60 days before the accreditation expiration date and no 
later than 30 days before that date. Laboratories that timely file the 
renewal application package shall retain their accreditation while the 
review and processing of their application is pending.
    3.9. Denial of Accreditation. Upon a vote of the EAC Commissioners 
not to accredit a laboratory, the Testing and Certification Program 
Director shall inform the laboratory of the decision and post relevant 
information on the EAC Web site.
    3.9.1. Notice of Denial. The Program Director shall inform the 
applicant laboratory (in writing) of the Commissioners' Decision. This 
notice must include:

[[Page 50154]]

    3.9.1.1. A statement of the decision and brief summary explanation 
of the basis for the decision;
    3.9.1.2. Notice of the Applicant Laboratory's right to appeal; and
    3.9.1.3. A copy of the Commissioners' Decision.
    3.9.2. Post Information on Web Site. The Program Director shall 
publish on EAC Web site:
    3.9.2.1. A copy of the Commissioners' Decision, and
    3.9.2.2. The Notice of Denial.
    3.10. Requesting Appeal. An applicant laboratory that has been 
denied accreditation by a vote of the Commissioners shall have the 
right to appeal. An Applicant Laboratory may appeal a Denial of 
Accreditation by first issuing a written request for appeal.
    3.10.1. Submission. Requests must be submitted in writing to the 
Program Director, addressed to the Chair of the U.S. Election 
Assistance Commission.
    3.10.2. Timing of Appeal. The Applicant Laboratory may request an 
appeal within 7 calendar days of receipt of the Notice of Denial. Late 
requests will not be considered.
    3.10.3. Contents of Request. The request must petition for 
reconsideration of the Commissioners' Decision and clearly state the 
specific conclusions of the Decision the Applicant Laboratory wishes to 
appeal.
    3.11. EAC Action on a Request for Appeal. The Program Director 
shall accept any request for appeal timely submitted. Untimely requests 
shall be rejected. Upon receipt of a request for appeal, the Program 
Director shall notify the requestor applicant laboratory, in writing, 
as to whether their appeal has been accepted as timely. The notice for 
accepted requests shall inform the applicant laboratory of the 
requirements for submitting their appeal per Section 3.12 of this 
Manual.
    3.12. Submission of Appeal. After submission of a timely request 
for appeal, the Applicant Laboratory shall submit its appeal. This 
appeal shall (1) clearly identify the specific conclusions of the 
Commissioners' Decision the Laboratory wishes to challenge, (2) provide 
the basis for its position on appeal and (3) submit a written argument 
in support of its appeal. In addition, the applicant laboratory may 
submit documentary or other relevant, physical evidence in support of 
the appeal. The Appeal and all supporting materials must be received by 
the EAC within 20 days of the applicant laboratory's receipt of the 
Program Director's notice of acceptance of the request to appeal.
    3.13. Consideration of Appeal. All timely appeals will be 
considered by the Commissioners. Upon receipt of an appeal, the Chair 
of the Commission shall forward to each EAC Commissioner the Applicant 
Laboratory's appellate submission, along with the original application 
package, Commissioners' Decision, and Program Director's 
recommendation. After a reasonable time to review and consider the 
forwarded materials, the Chair of the Commission shall bring the matter 
to a vote, consistent with the rules of the Commission. The measure 
presented for a vote shall take the form of a written Commissioners' 
Decision on Appeal.
    3.14. Commissioner's Decision on Appeal. The Commissioners shall 
make a written, final Decision on Appeal and shall provide it to the 
Applicant Laboratory.
    3.14.1. Contents. The Decision on Appeal shall:
    3.14.1.1. State the final determination of the Commission.
    3.14.1.2. Address the matters raised by the Applicant Laboratory on 
appeal.
    3.14.1.3. Provide the reasoning behind the decision.
    3.14.1.4. State that the Decision on Appeal is final.
    3.14.2. Determinations. The Commissioners shall make one of two 
determinations on appeal.
    3.14.2.1. Grant of Appeal. If the Commissioners determine that the 
previous Decision of the Commission shall be overturned in full, the 
appeal shall be granted. In such cases, the Applicant Laboratory shall 
be granted accreditation.
    3.14.2.2. Denial of Appeal. If the Commissioners determine that any 
part of the previous Decision of the Commission shall be upheld such 
that the procedural requirements of Chapter 3 or the Program 
requirements of Chapter 2 of this manual will not be met in full, the 
appeal shall be denied. In such cases, the application for appeal is 
finally denied.
    3.14.3. Effect. All Decisions on Appeal shall be final and binding 
on the Applicant Laboratory. No additional request for appeal shall be 
granted.
    3.15. Effect of Denial of Accreditation. An EAC denial of 
accreditation indicates only that an applicant laboratory has failed to 
document or otherwise demonstrate that it has the procedures, policies, 
management or personnel in place to meet the requirements of the 
Accreditation Program. A denial of accreditation is based upon current 
policy and procedure and is not an indicator of past performance. 
Laboratories denied accreditation have the right to cure any identified 
defect and reapply by resubmitting their application package consistent 
with Section 3.4 of this Chapter.

4. Compliance Management Program

    4.1. Purpose. The purpose of the Compliance Management Program is 
to improve EAC's Laboratory Accreditation Program and Testing; increase 
coordination, communication and understanding between the EAC and its 
VSTLs; and increase public confidence in elections by facilitating VSTL 
accountability. The program accomplishes this by increasing personal 
interaction between EAC staff and VSTL personnel, collecting 
information and performing reviews to ensure continued compliance with 
program requirements, and requiring that VSTLs promptly remedy any 
identified areas of noncompliance.
    4.2. Compliance Management Program, Generally. The Compliance 
Management Program meets its purposes by gathering information on the 
procedures and practices of its VSTLs. There are three main sources of 
information: (1) VSTL Notifications of Changes, (2) EAC Requests for 
Documents or Information and (3) EAC On Site Reviews. The information 
collected is reviewed by the EAC to ensure that VSTLs are meeting all 
program requirements. Any areas of noncompliance or recommendations for 
improvement are presented to VSTLs in a Compliance Management Report. 
VSTLs are required to promptly remedy any noncompliance or face 
revocation of accreditation.
    4.3. VSTL Notification of Changes. VSTLs are obligated to report 
any significant changes regarding the information, agreements or 
certifications made to the EAC as a condition of accreditation (see 
Section 2.7). This requirement serves as the primary means by which the 
EAC maintains VSTL compliance. Failure to report changes in conditions 
or practices may result in suspension or revocation of accreditation 
consistent with the requirements and procedures of Chapter 5.
    4.4. Request for Documents and Information. The Program Director 
may request a VSTL to provide the EAC information and/or documents to 
demonstrate the laboratory's continuing compliance with the 
Accreditation Program requirements noted in Chapter 2 (See Section 
2.2).
    4.4.1. EAC Request. A request for documents or information shall be 
made in writing by the Program Director and provide a reasonable 
timeframe for VSTL response. The request may be for documents, 
information or both:

[[Page 50155]]

    4.4.1.1. Request for Documents. A request for documents must 
identify the specific documents sought. A request for documents is not 
a demand for the VSTL to create a document, but to provide the EAC a 
copy of any existing documentation responsive to the request.
    4.4.1.2. Request for Information. Requests for information shall 
take the form of interrogatories. Each inquiry shall take the form of a 
discrete question. VSTLs are expected to provide complete answers to 
each question.
    4.4.2. VSTL Response. VSTLs shall respond within the timeframe 
provided by the Program Director. If additional time is needed, VSTLs 
may request an extension. Such requests must be made within the 
timeframe of the original request. The grant of additional time is at 
the sole discretion of the Program Director.
    4.4.2.1. Request for Documents. VSTLs shall respond to requests for 
documents by having knowledgeable staff conduct a thorough search of 
VSTL records. VSTLs shall provide copies of all documents responsive to 
the request. If any document responsive to a request is considered 
privileged or otherwise protected from release under Federal law, it 
should be properly labeled. If no documents responsive to the request 
are found, the VSTL shall state that no records were found.
    4.4.2.2. Request for Information. VSTLs shall respond to requests 
for information by having knowledgeable staff answer each question 
posed. VSTLs shall ensure that each question is answered completely and 
accurately. The VSTL may submit documents in support of its responses.
    4.4.3. Failure to Respond. Failure to timely respond to a request 
for documents or information may result in a suspension or revocation 
of accreditation consistent with the requirements and procedures of 
Chapter 5.
    4.5. On Site Laboratory Review--Generally. The Program Director 
shall provide for regular on site reviews of VSTLs. There are two types 
of on site review:
    4.5.1. On Site Review--Policy, Procedures and Practices Review. The 
most common type of review is the Policy, Procedure and Practices 
Review. This type of review requires EAC personnel to enter a VSTL 
facility, examine a variety of documentation and meet with VSTL 
personnel to confirm that the VSTL's policies, procedures and practices 
meet the requirements of the Laboratory Accreditation Program (Chapter 
2).
    4.5.2. On Site Review--Testing Observation and Technical 
Assessment. A Testing Observation and Technical Assessment Review 
requires an expert EAC laboratory assessor to enter a VSTL facility and 
assess the laboratory's technical procedures, policies, management and 
personnel to verify compliance with applicable laboratory standards. 
Additionally, the EAC assessor may observe VSTL employees during the 
testing of voting systems to ensure that VSTL practices match technical 
policies.\8\
---------------------------------------------------------------------------

    \8\ EAC's authority to observe testing and conduct technical 
assessments serves only as an additional tool to ensure technical 
compliance. The primarily means by which EAC ensures technical 
compliance is through NIST's NVLAP program. The NVLAP program 
monitors laboratories by requiring regular assessments. Laboratories 
are reviewed one year after their initial accreditation and 
biennially thereafter.
---------------------------------------------------------------------------

    4.6. On Site Laboratory Review--Frequency. The Program Director 
shall ensure that each VSTL receives an On Site Policy, Procedures and 
Practices Review at least once every two years.
    4.7. On Site Laboratory Review--Procedure. The Program Director 
shall determine when and what type of on site review will be conducted 
for each VSTL. Before any on site review, the Program Director shall 
provide the VSTL with reasonable notice. Reviews shall be conducted 
with as little impact as possible on the activities of the VSTL. The 
VSTL and its employees are required to participate in the review and 
cooperate with on site EAC personnel. Finally, the reviewer shall 
provide the VSTL a short exit briefing prior to the termination of the 
on site review.
    4.7.1. Notice. The Program Director shall coordinate on site 
reviews with VSTL management. As reviews require the availability of 
laboratory documents and key personnel, a notice of on site review 
shall be in writing and be provided to the VSTL at least 15 calendar 
days before the on site review date. The notice shall provide the VSTL 
with the following information:
    4.7.1.1. Duration of Review. The notice shall provide an estimated 
timeframe during which EAC reviewers will be on site.
    4.7.1.2. Type of Review. The notice shall identify the type of 
review to be performed (see Section 4.5.).
    4.7.1.3. Scope of Review. The notice shall provide information 
regarding the scope of review. This information shall be sufficient to 
allow the VSTL to identify the documents, personnel and testing it must 
make available to EAC reviewers. The notice shall specifically 
identify:
    4.7.1.3.1. The type of documents and/or program areas to be 
reviewed.
    4.7.1.3.2. The testing that is to be observed.
    4.7.1.4. VSTL's Responsibilities. The notice shall briefly inform 
the VSTL of its responsibility to coordinate and cooperate with the EAC 
throughout the on site review process.
    4.7.2. VSTL Response to Notice. Upon receipt of a notice of on site 
review, the VSTL shall coordinate the logistics of the review with the 
Program Director. In the event the noticed date or timeframe makes 
access to the required personnel, documents or testing untenable, the 
VSTL shall contact the Program Director in writing and identify, (1) 
The conflict or other problem which makes the proposed date and 
timeframe untenable, and (2) a proposed alternative date for the on 
site review. The acceptance of an alternative on site review date is at 
the sole discretion of the Program Director.
    4.7.3. Review. An on site review begins upon the arrival of EAC 
personnel at the VSTL's facility. EAC reviewers will ordinarily conduct 
reviews during the VSTL's normal working hours. The reviewers will make 
every effort to work as efficiently as possible and avoid impacting the 
laboratory's routine operations. The VSTL and its employees are 
required to cooperate with EAC reviewers. This cooperation includes 
providing a private, physical location for EAC personnel to review 
documents and speak with VSTL employees. Generally, the VSTL shall be 
responsible for ensuring:
    4.7.3.1. Document Access and Availability. That the reviewers have 
access to all requested VSTL documents. All documents specifically 
identified in the notice of on site review shall be presented to 
reviewers upon arrival.
    4.7.3.2. Personnel Access and Availability. That the reviewers have 
reasonable access to requested personnel. The VSTL shall ensure that 
key personnel for each substantive area identified in the notice of on 
site review be available to EAC reviewers during the noticed review 
period.
    4.7.3.3. Facilities and Testing Access and Availability. That the 
reviewers have access to VSTL facilities involved in the testing of 
voting systems, including the facilities of third party contractor 
laboratories. Additionally, VSTLs must coordinate access to view 
testing consistent with the notice of on site review.
    4.7.4. Exit Briefing. EAC reviewers shall provide the VSTL 
personnel an exit briefing. Exit briefings shall be informal. The 
briefing shall identify any documents, information or personnel which 
the VSTL remains responsible for

[[Page 50156]]

making available to the reviewers; inform the VSTL of the next steps in 
the review process; and provide the VSTL an opportunity to ask 
questions about the process.
    4.8. EAC Compliance Management Reports. The EAC shall issue a 
written Compliance Management Report after performing any on site 
review. A Compliance Management Report shall also be issued after a 
Request for Documents/Information or VSTL Notification of Change when 
either indicates a noncompliance with program requirements. All reports 
shall be posted on the EAC Web site and (1) provide a brief summary of 
the review process, request for information or VSTL Notification of 
Change (2) state any findings resulting from the review, and (3) 
identify any corrective action required.
    4.8.1. Purpose. The purpose of the report is to provide the VSTL 
with EAC's findings regarding its program so that:
    4.8.1.1. Items of noncompliance may be identified and rectified,
    4.8.1.2. Exceptional practices may be identified and encouraged, 
and
    4.8.1.3. EAC recommendations (beyond the program requirements) may 
be put forth in an effort to improve the VSTL's program.
    4.8.2. Summary of Process. The report shall provide a brief summary 
of the review process, request for information or VSTL Notification of 
Change. The purpose of this summary is to provide background 
information regarding how the information supporting EAC findings was 
collected. This includes identifying sources of information, 
methodology and standards. For the purposes of on site reviews, the 
summary shall state:
    4.8.2.1. The dates of the review,
    4.8.2.2. The type of review performed,
    4.8.2.3. The program areas reviewed, including any specific 
documents and personnel discussions which were integral to the report 
findings, and
    4.8.2.4. The processes used by the reviewers to determine 
compliance.
    4.8.3. Findings. The report shall outline any findings of the 
review, request for information or VSTL Notification of Change. A 
finding is any factual determination that the VSTL is not in compliance 
with the program requirements identified in Chapter 2 of this Manual or 
an EAC recommendation for program improvement which does not rise to 
the level of noncompliance. While reports may also contain recognition 
of exceptional practices, such statements are not considered findings. 
Reports shall identify three types of findings:
    4.8.3.1. Critical. A critical finding is a determination that the 
VSTL has not met a requirement of the program that is fundamentally 
critical to the VSTL's technical capability to test voting systems. A 
critical noncompliance is a violation of program requirements that by 
its very nature comprises the integrity of the EAC Testing and 
Certification Program.
    4.8.3.2. Required. A required finding is a determination that the 
VSTL has failed to meet a requirement of the program that is not 
considered technically critical pursuant to Section 4.8.3.1., above.
    4.8.3.3. Recommended. A recommended finding is a determination that 
VSTL practices could be improved, but that the identified improvement 
is not required by the program. In some cases, recommended practices 
may be practices the EAC plans to make program requirements.
    4.8.4. Corrective Action. The report shall specify the action to be 
taken by the EAC and/or VSTL based upon the review findings.
    4.9. Corrective Action. Based upon the Compliance Management 
Report, corrective action may be required. EAC action and VSTL 
responsibilities will vary depending upon the nature of the report's 
findings.
    4.9.1. Critical. Critical Findings require the EAC to initiate the 
immediate suspension of the VSTL consistent with the requirements and 
procedures of Chapter 5, Revocation of Accreditation. The VSTL's rights 
to remedy its noncompliance or be heard are laid out in Chapter 5.
    4.9.2. Required. Required Findings obligate the VSTL to resolve the 
identified non-compliance within 20 days. Failure to do so within the 
20 day timeframe will result in suspension or revocation of 
accreditation consistent with the procedures laid out in Chapter 5, 
Revocation of Accreditation. The VSTL may resolve a Required Finding 
by:
    4.9.2.1. Challenging the Finding. The VSTL may challenge a finding 
if it believes its procedures and practices were in compliance with 
program requirements at the time of the review. A VSTL shall challenge 
a Required Finding by providing factual information which documents its 
claim of compliance. Challenges must be filed within 5 days of receipt 
of the EAC Report. The challenge must be in writing, state the basis 
for the challenge, address the facts and conclusions in the EAC report, 
and provide information which unambiguously documents that the VSTL was 
in compliance at the time of the review, request for information or 
VSTL Notification of Change. The EAC Program Director will accept or 
reject a VSTL's challenge in writing. If a challenge is accepted, no 
corrective action will be required. If the challenge is rejected, the 
VSTL will have 20 days from receipt of the notice of rejection to 
perform remedial action.
    4.9.2.2. Conducting Remedial Action. VSTLs may take corrective 
action by submitting a remedial plan within 20 days of receipt of the 
report. The remedial plan shall (for each finding of noncompliance) 
identify the noncompliance, outline the steps to be taken to achieve 
compliance, state the timeframe for each step and identify the means 
and final date by which the VSTL will document compliance. A remedial 
plan is subject to approval from the Program Director. A VSTL's failure 
to obtain approval of a remedial plan or unauthorized deviation from an 
approved plan's requirements or deadlines will result in suspension or 
revocation of accreditation consistent with the procedures laid out in 
Chapter 5, Revocation of Accreditation.
    4.9.3. Recommended. Recommended findings do not require VSTL 
action. The proposed remedial actions for recommended findings are not 
program requirements, but EAC suggested practices.
    5. Revocation of Accreditation
    5.1. Overview. This chapter puts forth the process for revoking the 
accreditation of an EAC VSTL. The process for revocation begins with 
factual findings made pursuant to the Compliance Management Program 
(Chapter 4). Prior to any revocation of accreditation, VSTLs which fail 
to comply with program requirements are provided notice of (1) EAC's 
intent to suspend, (2) suspension and (3) an opportunity to be heard or 
cure noncompliance. A laboratory that has its accreditation revoked has 
the right to appeal.
    5.2. Revocation Policy. EAC Accreditation is subject to revocation. 
The EAC shall revoke an accreditation upon a factual finding that a 
VSTL has failed to meet a requirement of the Accreditation Program and 
is unable or unwilling to timely and properly remedy the non-
compliance.
    5.3. Revocation--Generally. The EAC monitors its VSTLs through its 
Compliance Management Program (Chapter 4). This program monitors 
compliance through (1) the VSTL's continuing obligation to provide EAC 
Notifications of Changes, (2) EAC's authority to issue Requests for 
Documents or Information and (3) the performance of On Site Reviews.

[[Page 50157]]

Determinations that a VSTL is not complying with program requirements 
shall be made in Compliance Management Reports (findings of non-
compliance). The process outlined in this chapter to suspend and revoke 
a VSTL's accreditation shall be initiated (1) immediately for Critical 
Findings of noncompliance and (2) after an opportunity to remedy the 
noncompliance for Required Findings (consistent with the process 
mandated by Section 4.9). Revocation of Accreditation is a three-step 
process.
    5.3.1. Notice of Intent to Suspend;
    5.3.2. Suspension of Accreditation; and
    5.3.3. Commissioners' Decision on Revocation of Accreditation.
    5.4. Notice of Intent to Suspend. The revocation process shall be 
initiated by issuing a Notice of Intent to Suspend to a non-compliant 
VSTL. Such notices shall be issued by the Program Director. VSTLs shall 
have three days to submit a response to the notice. The EAC will issue 
a decision on suspension after consideration of the VSTL's submission.
    5.4.1. Written Notice. The Notice of Intent to Suspend shall be in 
writing and:
    5.4.1.1. Inform the VSTL of the EAC's intent to suspend the 
laboratory;
    5.4.1.2. Identify the program requirement or requirements with 
which the VSTL has failed to comply;
    5.4.1.3. State the factual finding or findings that serve as the 
basis of the action;
    5.4.1.4. Provide a copy of the relevant Compliance Management 
Report; and
    5.4.1.5. Inform the VSTL of its right to file a response to the 
notice.
    5.4.2. VSTL Response. The VSTL may respond to the notice of intent 
to suspend. Responses must be received by the EAC Program Director 
within three days of the VSTLs receipt of the Notice of Intent to 
Suspend to be eligible for consideration. The VSTL response:
    5.4.2.1. Must be in writing;
    5.4.2.2. Must be timely submitted to be considered;
    5.4.2.3. Must challenge the factual finding or findings that serve 
as the basis of the suspension;
    5.4.2.4. May include relevant documentation in support of its 
challenge.
    5.4.3. EAC Consideration of Response. The EAC shall consider the 
timely submission of a VSTL before issuing a Decision of Suspension. 
The EAC may consult experts, perform research and request additional 
information from the VSTL during the consideration process.
    5.4.4. EAC Decision on Suspension. The EAC shall issue a Decision 
on Suspension. The decision shall be made in writing by the Program 
Director. A decision shall state (1) the decision of the Program 
Director, (2) the basis for and reasoning behind the decision and (3) 
the VSTL's obligations and rights during suspension (if applicable). A 
Decision on Suspension shall be provided to the VSTL, issued to all 
registered Manufacturers and posted on EAC's Web site. The Program 
Director may make one of two determinations in a Decision on 
Suspension:
    5.4.4.1. Program Compliance. Based upon the EAC's consideration of 
a VSTL's response to the notice of intent to suspend, the Program 
Director may overturn the factual findings that served as the basis of 
the notice. In such cases, the Program Director shall determine that 
the VSTL is in compliance with all program requirements. A decision 
that the VSTL is in compliance shall end the revocation process.
    5.4.4.2. Suspension. The Program Director shall suspend the VSTL 
consistent with the notice of intent to suspend when the preponderance 
of the evidence indicates noncompliance with program requirements. 
Suspension is effective as of the VSTL's receipt of the decision.
    5.5. Suspension of Accreditation. Suspension is the second step in 
the revocation process. The purpose of Suspension is (1) to provide the 
suspended VSTL an opportunity to timely cure the noncompliance which 
served as the basis of Suspension or (2) grant the suspended VSTL an 
opportunity to be heard prior to revocation of accreditation. A 
suspended VSTL shall have 20 days to either cure its noncompliance or 
request an opportunity to be heard. If no action is taken by the 
suspended VSTL within the 20 days, the EAC Commissioners shall make a 
decision on revocation.
    5.5.1. Effect of Suspension. A suspended VSTL shall immediately 
cease all testing of voting systems under the EAC's Certification 
Program. Any testing performed by a suspended VSTL during its 
suspension will not be accepted by the EAC under its Voting System 
Certification Program. Any period of suspension must be clearly 
documented in a VSTL's test report (see Chapter 4 of the EAC Voting 
System Testing and Certification Manual). Testing under the EAC 
Certification Program shall not resume unless the suspension is lifted 
or the VSTL is otherwise authorized by the EAC (in writing) to 
recommence testing.
    5.5.2. Opportunity to Cure. A suspended VSTL may request the 
opportunity to cure its noncompliance within 20 days of its receipt of 
the Program Director's Decision on Suspension. The request must include 
a detailed remedial plan. If this plan is accepted, properly executed 
and verified, the VSTL's suspension will be lifted and it may resume 
testing.
    5.5.2.1. Remedial Plan. A request to cure noncompliance must 
include a plan by which the VSTL outlines how it will timely bring its 
laboratory into full compliance with the program. The remedial plan 
shall:
    5.5.2.1.1. Identify each noncompliance which served as the basis of 
its suspension;
    5.5.2.1.2. For each identified noncompliance, outline the steps to 
be taken to achieve compliance. This includes identifying the resources 
and personnel needed for each step;
    5.5.2.1.3. Provide a timeframe for the completion of each 
identified step and state the final date by which the VSTL will 
complete the compliance plan;
    5.5.2.1.4. Provide a schedule of periodic progress reports to the 
Program Director; and
    5.5.2.1.5. Require the VSTL to provide the EAC a written 
certification attesting to its completion of the remedial plan and full 
compliance with program requirements at close of the process.
    5.5.2.2. EAC Action on Plan. A remedial plan is subject to approval 
by the Program Director. The Program Director will work with the 
suspended VSTL to develop and approve a Remedial Plan that 
appropriately brings the laboratory into compliance within an 
acceptable timeframe. Remedial Plans shall be approved in writing. 
Ultimately, a VSTL's failure to cooperate or otherwise obtain approval 
of a remedial plan will result in the termination of the cure process. 
A determination to terminate the cure process will be made in writing 
by the Program Director. Upon receipt of a notice that the cure process 
has been terminated, a suspended VSTL shall have 10 days to request an 
opportunity to be heard on revocation of accreditation (see Section 
5.5.3., below).
    5.5.2.3. VSTL Implementation of Plan. After the remedial plan has 
been approved by the Program Director, the VSTL shall begin 
implementation. The VSTL shall not deviate from an approved plan's 
procedures, requirements or deadlines without the written consent of 
the Program Director. Failure to follow the remedial plan will result 
in the termination of the cure process. A determination to terminate 
the cure process will be made in writing by the Program Director. Upon 
receipt of a notice that the cure process has been terminated, a 
suspended VSTL shall have 10 days to request an opportunity

[[Page 50158]]

to be heard on revocation of accreditation (see Section 5.5.3., below).
    5.5.2.4. EAC Verification of Remedy. Upon a VSTL's timely 
completion of the remedial plan and receipt of the VSTL's Certification 
(see Section 5.5.2.1.5.), the Program Director shall verify compliance. 
At the discretion of the Program Director, he or she may verify 
compliance through the acceptance of the VSTL's Certification or 
through the various components of the Compliance Management Program 
(Chapter 4). If the Program Director determines that the remedial plan 
was not completed, he or she may terminate the cure process. A 
determination to terminate the cure process will be made in writing. 
Upon receipt of a notice that the cure process has been terminated, a 
suspended VSTL shall have 10 days to request an opportunity to be heard 
on revocation of accreditation (see Section 5.5.3., below).
    5.5.2.5. Notice of Compliance. The Program Director shall document 
his or her verification that the remedial plan was complete by 
providing a written notice of compliance to the VSTL. This notice shall 
state that the VSTL is in compliance with program requirements and that 
the suspension is lifted. The notice shall be posted on the EAC's Web 
site and provided to all registered Manufacturers.
    5.5.3. Opportunity to be Heard on Revocation of Accreditation. A 
VSTL has the right to timely challenge the revocation of its 
accreditation prior to an EAC Decision on Revocation. Unless otherwise 
noted above, a VSTL has 20 days from the date it received its Decision 
on Suspension to submit a challenge. Late submissions will not be 
considered. All challenges of revocation will be heard by the EAC 
Commissioners. A challenge of revocation shall be submitted to the 
Program Director, and addressed to the Chair of the U.S. Election 
Assistance Commission. Each challenge of revocation shall be in writing 
and:
    5.5.3.1. Shall identify each noncompliance which served as the 
basis of its suspension;
    5.5.3.2. Shall identify, document and provide verification of any 
remedial action completed;
    5.5.3.3. Shall provide, for each identified noncompliance, a 
written argument challenging the finding of noncompliance; and
    5.5.3.4. May provide any documentation and information in support 
of the written statement.
    5.6. Commissioners' Decision on Revocation of Accreditation. 
Pursuant to HAVA, a VSTL may have its accreditation revoked only by a 
vote of the EAC Commissioners. Upon a timely receipt of a challenge of 
revocation, the program Director shall provide each Commissioner all 
relevant documentation including: (1) The VSTL's submission challenging 
revocation, (2) copies of any terminated cure plans, (3) the Notice of 
Intent to Suspend, (4) the Compliance Management Report; (5) any 
documents pertaining to challenges or remedial plans provided by the 
VSTL in response to a relevant Compliance Management report; and (6) a 
Program Director recommendation as to disposition.
    5.6.1. Consideration. Each Commissioner shall review and consider 
all relevant materials he or she has been provided. A Commissioner may 
request the Program Director to provide additional relevant materials 
or information held by the EAC or VSTL. Such requests and any 
responsive materials shall be provided to each Commissioner. The Chair 
of the Commission shall ensure that each Commissioner has sufficient 
time to consider the relevant material before a vote is called.
    5.6.2. Process. After a reasonable time to review the forwarded 
materials, the Chair of the Commission shall bring the Decision of 
Revocation of Accreditation to a vote, consistent with the rules of the 
Commission. The measure presented for a vote shall take the form of a 
written Commissioners' Decision on Revocation, which:
    5.6.2.1. Makes a clear determination as to revocation on 
accreditation. The Commissioners shall ultimately make one of two 
decisions:
    5.6.2.1.1. Program Compliance. If the VSTL demonstrates that it 
meets all program requirements, successfully challenging all previous 
findings of noncompliance, the Commissioners shall find the VSTL 
compliant, reject the revocation of accreditation and lift the VSTL's 
suspension.
    5.6.2.1.2. Revocation of Accreditation. If the VSTL does not 
demonstrate that it meets all program requirements and at least one 
previous finding of noncompliance stands, the Commissioners shall find 
the VSTL noncompliant and revoke its accreditation.
    5.6.2.2. Provides a finding with regard to each identified 
noncompliance which served as the basis of suspension; and
    5.6.2.3. Identifies the documents and information that served as 
the basis for the Decision.
    5.6.3. Decision-Notice. After a vote of the Commissioners adopting 
a Decision on Revocation, the Program Director shall forward the 
decision to the VSTL. At that time the Program Director shall provide 
the VSTL notice of decision which includes a summary of the 
laboratory's appeal rights consistent with Section 5.8., below.
    5.6.4. Decision-Publication. After a vote of the Commissioners 
adopting a Decision on Revocation, the Program Director shall cause the 
decision to be posted on the EAC's Web site, issue a copy to each 
registered voting system Manufacturer and provide the decision to the 
Director of NIST.
    5.7. Effect of Revocation of Accreditation. A revocation of 
accreditation is effective upon the vote of the Commissioners. 
Laboratories that have had their accreditation revoked may no longer 
test voting systems or submit test reports under the EAC certification 
program. The laboratories may not represent themselves as accredited by 
EAC. A laboratory which has had its accreditation revoked may reapply 
for an EAC accreditation consistent with the requirements of Chapter 2, 
only after the EAC receives a new recommendation for their 
participation from NIST. Where a revocation of accreditation results in 
the termination of testing prior to completion, the laboratory which 
has had its accreditation revoked must provide information to the EAC 
consistent with 2.10.7. of this manual. Manufacturers may request the 
EAC grant permission to replace their lead VSTL pursuant to Section 
4.3.1.2. of the Voting System Testing and Certification Program Manual.
    5.8. Requesting Appeal. A laboratory that has had its accreditation 
revoked by a vote of the Commissioners shall have the right to appeal. 
A Laboratory may appeal a Decision to Revoke an Accreditation by first 
issuing a written request for appeal.
    5.8.1. Submission. Requests must be submitted in writing to the 
Program Director, addressed to the Chair of the U.S. Election 
Assistance Commission.
    5.8.2. Timing of Appeal. The laboratory may request an appeal 
within 7 calendar days of receipt of the Notice of Decision. Late 
requests will not be considered.
    5.8.3. Contents of Request. The request must petition for 
reconsideration of the Commissioners' Decision on Revocation and 
clearly state the specific conclusions of the Decision the laboratory 
wishes to appeal.
    5.9. EAC Action on a Request for Appeal. The Program Director shall 
accept any request for appeal timely submitted. Untimely requests shall 
be rejected. Upon receipt of a request for appeal, the Program Director 
shall notify the requestor laboratory, in writing, as to whether their 
appeal has been accepted as timely. The notice for

[[Page 50159]]

accepted requests shall inform the applicant laboratory of the 
requirements for submitting their appeal per Section 5.10. of this 
Manual.
    5.10. Submission of Appeal. After submission of a timely request 
for appeal, the Laboratory shall submit its appeal. This appeal shall 
(1) clearly identify the specific conclusions of the Commissioners' 
Decision the laboratory wishes to challenge, (2) provide the basis for 
its position on appeal and (3) submit a written argument in support of 
its appeal. In addition, the applicant laboratory may submit 
documentary or other relevant, physical evidence in support of the 
appeal. The Appeal and all supporting materials must be received by the 
EAC within 20 days of the applicant laboratory's receipt of the Program 
Director's notice of acceptance of the request to appeal.
    5.11. Consideration of Appeal. All timely appeals will be 
considered by the Commissioners. Upon receipt of an appeal, the Chair 
of the Commission shall forward to each EAC Commissioner the 
laboratory's appellate submission, along with the original information 
considered during the Commissioners' Decision on Revocation (see 
Section 5.6.). After a reasonable time to review and consider the 
forwarded materials, the Chair of the Commission shall bring the matter 
to a vote, consistent with the rules of the Commission. The measure 
presented for a vote shall take the form of a written Commissioners' 
Decision on Appeal.
    5.12. Commissioners' Decision on Appeal. The Commissioners shall 
make a written, final Decision on Appeal and shall provide it to the 
laboratory.
    5.12.1. Contents. The Decision on Appeal shall:
    5.12.1.1. State the final determination of the Commission.
    5.12.1.2. Address the matters raised by the laboratory on appeal.
    5.12.1.3. Provide the reasoning behind the decision.
    5.12.1.4. State that the Decision on Appeal is final.
    5.12.2. Determinations. The Commissioners shall make one of two 
determinations on appeal.
    5.12.2.1. Grant of Appeal. If the Commissioners determine that the 
previous Decision of the Commission shall be overturned in full, and 
the laboratory meets all program requirements, the appeal shall be 
granted. In such cases, the laboratory shall have its accreditation 
immediately reinstated.
    5.12.2.2. Denial of Appeal. If the Commissioners determine that any 
part of the previous Decision of the Commission shall be upheld such 
that the procedural requirements of Chapter 3 or the Program 
requirements of Chapter 2 of this manual will not be met in full, the 
appeal shall be denied. In such cases, the application for appeal is 
finally denied.
    5.12.3. Effect. All Decisions on Appeal shall be final and binding 
on the Applicant Laboratory. No additional request for appeal shall be 
granted.
    5.12.4. Notice. After a vote of the Commissioners adopting a 
Decision on Appeal, the Program Director shall forward the decision to 
the VSTL.
    5.12.5. Publication. After a vote of the Commissioners adopting a 
Decision on Appeal, the Program Director shall cause the decision to be 
posted on the EAC Web site, issue a copy to each registered voting 
system Manufacturer and provide the decision to the Director of NIST.

6. Requests for Interpretations

    6.1. Overview. A Request for Interpretation is a means by which a 
registered Manufacturer or VSTL may seek clarification on a specific 
EAC voting system standard (VVSG or VSS). An Interpretation is a 
clarification of the voting system standards and guidance on how to 
properly evaluate conformance to it. Suggestions or requests for 
modifications to the standards are provided by other processes. This 
chapter outlines the policy, requirements, and procedures for 
submitting a Request for Interpretation.
    6.2. Policy. Registered Manufacturers or VSTLs may request that the 
EAC provide a definitive Interpretation of EAC-accepted voting system 
standards (VVSG or VSS) when, in the course of developing or testing a 
voting system, facts arise that make the meaning of a particular 
standard ambiguous or unclear. The EAC may self-initiate such a request 
when its agents identify a need for interpretation within the program. 
An Interpretation issued by the EAC will serve to clarify what a given 
standard requires and how to properly evaluate compliance. An 
Interpretation does not amend voting system standards, but serves only 
to clarify existing standards.
    6.3. Requirements for Submitting a Request for Interpretation. An 
EAC Interpretation is limited in scope. The purpose of the 
Interpretation process is to provide Manufacturers or VSTLs who are in 
the process of developing or testing a voting system a means for 
resolving the meaning of a voting system standard in light of specific 
voting system technology without having to present a finished product 
to EAC for certification. To submit a Request for Interpretation, one 
must (1) be a proper requester, (2) request interpretation of an 
applicable voting system standard, (3) present an actual controversy, 
and (4) seek clarification on a matter of unsettled ambiguity.
    6.3.1. Proper Requestor. A Request for Interpretation may be 
submitted only by a registered Manufacturer or a VSTL. Requests for 
Interpretation will not be accepted from any other parties.
    6.3.2. Applicable Standard. A Request for Interpretation is limited 
to queries on EAC voting system standards (i.e., VVSG or VSS). 
Moreover, a Manufacturer or VSTL may submit a Request for 
Interpretation only on a version of EAC voting system standards to 
which the EAC currently offers certification.
    6.3.3. Existing Factual Controversy. To submit a Request for 
Interpretation, a Manufacturer or VSTL must present a question relative 
to a specific voting system or technology proposed for use in a voting 
system. A Request for Interpretation on hypothetical issues will not be 
addressed by the EAC. To submit a Request for Interpretation, the need 
for clarification must have arisen from the development or testing of a 
voting system. A factual controversy exists when an attempt to apply a 
specific section of the VVSG or VSS to a specific system or piece of 
technology creates ambiguity.
    6.3.4. Unsettled, Ambiguous Matter. Requests for Interpretation 
must involve actual controversies that have not been previously 
settled. This requirement mandates that interpretations contain actual 
ambiguities not previously clarified.
    6.3.4.1. Actual Ambiguity. A proper Request for Interpretation must 
contain an actual ambiguity. The interpretation process is not a means 
for challenging a clear EAC voting system standard. Recommended changes 
to voting system standards are welcome and may be forwarded to the EAC, 
but they are not part of this program. An ambiguity arises (in applying 
a voting system standard to a specific technology) when one of the 
following occurs:
    6.3.4.1.1. The language of the standard is unclear on its face;
    6.3.4.1.2. One section of the standard seems to contradict another, 
relevant section;
    6.3.4.1.3. The language of the standard, though clear on its face, 
lacks sufficient detail or breadth to determine its proper application 
to a particular technology;
    6.3.4.1.4. The language of a particular standard, when applied to a 
specific technology, clearly conflicts with the

[[Page 50160]]

established purpose or intent of the standard; or
    6.3.4.1.5. The language of the standard is clear, but the proper 
means to assess compliance is unclear.
    6.3.4.2. Not Previously Clarified. The EAC will not accept a 
Request for Interpretation when the issue has previously been 
clarified.
    6.4. Procedure for Submitting a Request for Interpretation. A 
Request for Interpretation shall be made in writing to the Program 
Director. All requests should be complete and as detailed as possible 
because Interpretations issued by the EAC are based on, and limited to, 
the facts presented. Failure to provide complete information may result 
in an Interpretation that is off point and immaterial to the issue at 
hand. The following steps must be taken when writing a Request for 
Interpretation:
    6.4.1. Establish Standing To Make the Request. To make a request, 
one must meet the requirements identified in Section 6.3. above. Thus, 
the written request must provide sufficient information for the Program 
Director to conclude that the requestor is (1) a proper requester, (2) 
requesting an Interpretation of an applicable voting system standard, 
(3) presenting an actual factual controversy, and (4) seeking 
clarification on a matter of unsettled ambiguity.
    6.4.2. Identify the EAC Voting System Standard To Be Clarified. The 
request must identify the specific standard or standards for which the 
requestor seeks clarification. The request must state the version of 
the voting system standards at issue (if applicable) and quote and 
correctly cite the applicable standards.
    6.4.3. State the Facts Giving Rise to the Ambiguity. The request 
must provide the facts associated with the voting system technology 
that gave rise to the ambiguity in the identified standard. The 
requestor must be careful to provide all necessary information in a 
clear, concise manner. Any Interpretation issued by the EAC will be 
based on the facts provided.
    6.4.4. Identify the Ambiguity. The request must identify the 
ambiguity it seeks to resolve. The ambiguity shall be identified by 
stating a concise question that meets the following requirements:
    6.4.4.1. Shall be clearly stated;
    6.4.4.2. Shall be related to and reference the voting system 
standard and voting system technology information provided; and
    6.4.4.3. Shall be limited to a single issue. Each question or issue 
arising from an ambiguous standard must be stated separately. Compound 
questions are unacceptable. If multiple issues exist, they should be 
presented as individual, numbered questions.
    6.4.4.4. Shall be stated in a way that can ultimately be answered 
yes or no.
    6.4.5. Provide a Proposed Interpretation. A Request for 
Interpretation should propose an answer to the question posed. The 
answer should interpret the voting system standard in the context of 
the facts presented. It should also provide the basis and reasoning 
behind the proposal.
    6.5. EAC Action on a Request for Interpretation. Upon receipt of a 
Request for Interpretation, the EAC shall take the following action:
    6.5.1. Review the Request. The Program Director shall review the 
request to ensure it is complete, is clear, and meets the requirements 
of Section 6.3. Upon review, the Program Director may take the 
following action:
    6.5.1.1. Request Clarification. If the Request for Interpretation 
is incomplete or additional information is otherwise required, the 
Program Director may request that the Manufacturer or VSTL clarify its 
Request for Interpretation and identify any additional information 
required.
    6.5.1.2. Reject the Request for Interpretation. If the Request for 
Interpretation does not meet the requirements of Section 6.3., the 
Program Director may reject it. Such rejection must be provided in 
writing to the Manufacturer or VSTL and must state the basis for the 
rejection.
    6.5.1.3. Notify Acceptance of the Request. If the Request for 
Interpretation is acceptable, the Program Director will notify the 
Manufacturer or VSTL in writing and provide it with an estimated date 
of completion. A Request for Interpretation may be accepted in whole or 
in part. A notice of acceptance shall state the issues accepted for 
interpretation.
    6.5.2. Consideration of the Request. After a Request for 
Interpretation has been accepted, the matter shall be investigated and 
researched. Such action may require the EAC to employ technical 
experts. It may also require the EAC to request additional information 
from the Manufacturer or VSTL. The Manufacturer or VSTL shall respond 
promptly to such requests.
    6.5.3. Interpretation. The Decision Authority shall be responsible 
for making determinations on a Request for Interpretation. After this 
determination has been made, a written Interpretation shall be sent to 
the Manufacturer or VSTL. The following actions are necessary to 
prepare this written Interpretation:
    6.5.3.1. State the question or questions investigated;
    6.5.3.2. Outline the relevant facts that served as the basis of the 
Interpretation;
    6.5.3.3. Identify the voting system standards interpreted;
    6.5.3.4. State the conclusion reached; and
    6.5.3.5. Inform the Manufacturer or VSTL of the effect of an 
Interpretation (see Section 6.6.).
    6.6. Effect of Interpretation. Interpretations are fact specific 
and case specific. They are not tools of policy, but specific, fact-
based guidance useful for resolving a particular problem. An 
Interpretation is determinative and conclusive only with regard to the 
case presented. Nevertheless, Interpretations do have some value as 
precedent. Interpretations published by the EAC shall serve as reliable 
guidance and authority over identical or similar questions of 
interpretation. These Interpretations will help users understand and 
apply the provisions of EAC voting system standards.
    6.7. Library of Interpretations. To better serve Manufacturers, 
VSTLs, and those interested in the EAC voting system standards, the 
Program Director shall publish EAC Interpretations. All proprietary 
information contained in an Interpretation will be redacted before 
publication consistent with Chapter 7 of this Manual. The library of 
published opinions is posted on the EAC Web site: www.eac.gov.

7. Release of Laboratory Accreditation Program Information

    7.1. Overview. VSTLs participating in the Certification Program 
will be required to provide the EAC a variety of documents. In general, 
these documents will be releasable to the public. Moreover, in many 
cases, the information provided will be affirmatively published by the 
EAC.
    In limited cases, however, documents may not be released if they 
include trade secrets, confidential commercial information, or personal 
information. While the EAC is ultimately responsible for determining 
which documents Federal law protects from release, VSTLs must identify 
the information they believe is protected and provide substantiation 
and a legal basis for withholding. This chapter discusses EAC's general 
policy on the release of information and provides VSTL's with 
standards, procedures, and requirements for identifying documents as 
trade secrets or confidential commercial information.
    7.2. EAC Policy on the Release of Certification Program 
Information. The EAC seeks to make its Voting System

[[Page 50161]]

Test Laboratory Program as transparent as possible. The agency believes 
that such action benefits the program by increasing public confidence 
in the process and creating a more informed and involved public. As 
such, it is the policy of the EAC to make all documents, or severable 
portions thereof, available to the public consistent with Federal law 
(e.g., Freedom of Information Act (FOIA) and the Trade Secrets Act).
    7.2.1. Requests for information. As in any Federal program, members 
of the public may request access to Certification Program documents 
under FOIA (5 U.S.C. Sec.  552). The EAC will promptly process such 
requests per the requirements of that Act.
    7.2.2. Publication of documents. Beyond the requirements of FOIA, 
the EAC intends to affirmatively publish program documents (or portions 
of documents) it believes will be of interest to the public. This 
publication will be accomplished through the use of the EAC Web site 
(www.eac.gov). The published documents will cover the full spectrum of 
the program, including information pertaining to:
    7.2.2.1. Accredited Laboratories;
    7.2.2.2. VSTL test plans;
    7.2.2.3. VSTL test reports;
    7.2.2.4. Agency decisions;
    7.2.2.5. Denials of Certification;
    7.2.2.6. Issuance of Certifications;
    7.2.2.7. Compliance Management Reports;
    7.2.2.8. Suspensions or Revocation of Accreditations;
    7.2.2.9. Appeals;
    7.2.2.10. Official Interpretations (VVSG or VSS); and
    7.2.2.11. Other topics as determined by the EAC.
    7.2.3. Trade Secret and Confidential Commercial Information. 
Federal law places a number of restrictions on a Federal agency's 
authority to release information to the public. Two such restrictions 
are particularly relevant to the Accreditation Program: (1) Trade 
secrets information and (2) privileged or confidential commercial 
information. Both types of information are explicitly prohibited from 
release by the FOIA and the Trade Secrets Act (18 U.S.C. Sec.  1905).
    7.3. Trade Secrets. A trade secret is a secret, commercially 
valuable plan, process, or device that is used for the making or 
processing of a product and that is the end result of either innovation 
or substantial effort. It relates to the productive process itself, 
describing how a product is made. It does not relate to information 
describing end product capabilities, features, or performance.
    7.3.1. The following examples illustrate productive processes that 
may be trade secrets:
    7.3.1.1. Plans, schematics, and other drawings useful in 
production.
    7.3.1.2. Specifications of materials used in production.
    7.3.1.3. Voting system source code used to develop or manufacture 
software where release would reveal actual programming.
    7.3.1.4. Technical descriptions of manufacturing processes and 
other secret information relating directly to the production process.
    7.3.2. The following examples are likely not trade secrets:
    7.3.2.1. Information pertaining to a finished product's 
capabilities or features.
    7.3.2.2. Information pertaining to a finished product's 
performance.
    7.3.2.3. Information regarding product components that would not 
reveal any commercially valuable information regarding production.
    7.4. Privileged or Confidential Commercial Information. Privileged 
or confidential commercial information is that information submitted by 
a VSTL that is commercial or financial in nature and privileged or 
confidential.
    7.4.1. Commercial or Financial Information. The terms commercial 
and financial should be given their ordinary meanings. They include 
records in which a submitting VSTL has any commercial interest.
    7.4.2. Privileged or Confidential Information. Commercial or 
financial information is privileged or confidential if its disclosure 
would likely cause substantial harm to the competitive position of the 
submitter. The concept of harm to one's competitive position focuses on 
harm flowing from a competitor's affirmative use of the proprietary 
information. It does not include incidental harm associated with upset 
customers or employees.
    7.5. EAC's Responsibilities. The EAC is ultimately responsible for 
determining whether or not a document (in whole or in part) may be 
released pursuant to Federal law. In doing so, however, the EAC will 
require information and input from the VSTL submitting the documents. 
This requirement is essential for the EAC to identify, track, and make 
determinations on the large volume of documentation it receives. The 
EAC has the following responsibilities:
    7.5.1. Managing Documentation and Information. The EAC will control 
the documentation it receives by ensuring that documents are secure and 
released to third parties only after the appropriate review and 
determination.
    7.5.2. Contacting a VSTL on Proposed Release of Potentially 
Protected Documents. In the event a member of the public submits a FOIA 
request for documents provided by a VSTL or the EAC otherwise proposes 
the release of such documents, the EAC will take the following actions:
    7.5.2.1. Review the documents to determine if they are potentially 
protected from release as trade secrets or confidential commercial 
information. The documents at issue may have been previously identified 
as protected by the VSTL when submitted (see Section 7.6.1. below) or 
identified by the EAC on review.
    7.5.2.2. Grant the submitting VSTL an opportunity to provide input. 
In the event the information has been identified as potentially 
protected from release as a trade secret or confidential commercial 
information, the EAC will notify the submitter and allow it an 
opportunity to submit its position on the issue prior to release of the 
information. The submitter shall respond consistent with Section 7.6.1. 
below.
    7.5.3. Final Determination on Release. After providing the 
submitter of the information an opportunity to be heard, the EAC will 
make a final decision on release. The EAC will inform the submitter of 
this decision.
    7.6. VSTL's Responsibilities. Although the EAC is ultimately 
responsible for determining if a document, or any portion thereof, is 
protected from release as a trade secret or confidential commercial 
information, the VSTL shall be responsible for identifying documents, 
or portions of documents, it believes warrant such protection. 
Moreover, the VSTL will be responsible for providing the legal basis 
and substantiation for its determination regarding the withholding of a 
document. This responsibility arises in two situations: (1) Upon the 
initial submission of information and (2) upon notification by the EAC 
that it is considering the release of potentially protected 
information.
    7.6.1. Initial Submission of Information. When a VSTL is submitting 
documents to the EAC as required by the Accreditation or Certification 
Programs, it is responsible for identifying any document or portion of 
a document that it believes is protected from release by Federal law. 
VSTLs shall identify protected information \9\ by taking the following 
action:
---------------------------------------------------------------------------

    \9\ Documents submitted by the VSTL may include information that 
is a trade secret or confidential commercial information of a 
Manufacturer. The VSTL shall take steps to identify any information 
it believes may be protected. The VSTL may seek the input of the 
Manufacturer when identifying potentially protected information 
pursuant to the requirements of this chapter. All communications on 
this matter shall be in writing.

---------------------------------------------------------------------------

[[Page 50162]]

    7.6.1.1. Submitting a Notice of Protected Information. This notice 
shall identify the document, document page, or portion of a page that 
the VSTL believes should be protected from release. This identification 
must be done with specificity. For each piece of information 
identified, the VSTL must state the legal basis for its protected 
status.
    7.6.1.1.1. Cite the applicable law that exempts the information 
from release.
    7.6.1.1.2. Clearly discuss why that legal authority applies and why 
the document must be protected from release.
    7.6.1.1.3. If necessary, provide additional documentation or 
information. For example, if the VSTL claims a document contains 
confidential commercial information, it would also have to provide 
evidence and analysis of the competitive harm that would result upon 
release.
    7.6.1.2. Label Submissions. Label all submissions identified in the 
notice as ``Proprietary Commercial Information.'' Label only those 
submissions identified as protected. Attempts to indiscriminately label 
all materials as proprietary will render the markings moot.
    7.6.2. Notification of Potential Release. In the event a VSTL is 
notified that the EAC is considering the release of information that 
may be protected, the VSTL shall take the following action:
    7.6.2.1. Respond to the notice in writing within 15 calendar days. 
If additional time is needed, the VSTL must promptly notify the Program 
Director. Requests for additional time will be granted only for good 
cause and must be made before the 15-day deadline. VSTLs that do not 
respond in a timely manner will be viewed as not objecting to release.
    7.6.2.2. Clearly state one of the following in the response:
    7.6.2.2.1. There is no objection to release, or
    7.6.2.2.2. The VSTL objects to release. In this case, the response 
must clearly state which portions of the document the VSTL believes 
should be protected from release. The VSTL shall follow the procedures 
discussed in Section 7.6.1 above.
    7.7. Personal Information. Certain personal information is 
protected from release under FOIA and the Privacy Act (5 U.S.C. Sec.  
552a). This information includes private information about a person 
that, if released, would cause the individual embarrassment or 
constitute an unwarranted invasion of personal privacy. Generally, the 
EAC will not require the submission of private information about 
individuals. The incidental submission of such information should be 
avoided. If a VSTL believes it is required to submit such information, 
it should contact the Program Director. If the information will be 
submitted, it must be properly identified. Examples of such information 
include the following:
    7.7.1. Social Security Number.
    7.7.2. Bank account numbers.
    7.7.3. Home address.
    7.7.4. Home phone number.
BILLING CODE 6820-KF-P

[[Page 50163]]

[GRAPHIC] [TIFF OMITTED] TN25AU08.006

BILLING CODE 6820-KF-C

[[Page 50164]]

Appendix A. Certification Test Plan Format and Content

    The primary purpose of the test plan is to document the VSTL's 
development of the certification tests conducted on a voting system 
submitted as a candidate for EAC certification. Although this 
appendix serves as a general guide to preparing test plans, VSTL's 
may tailor the scope and detail of these requirements to the design 
of the specific voting system submitted for testing, the type of 
hardware components submitted for testing, and the complexity of the 
software submitted for testing.
    This appendix should be used in conjunction with the 
requirements noted in the applicable version or versions of the 
EAC's VVSG when developing test plans.

Test Plan Format

    Test Plans produced by VSTLs shall follow the format outlined 
below:

1. Introduction
    1.1 References
    1.2 Terms and Abbreviations
    1.3 Testing Responsibilities
2. Evaluation of Prior Non-VSTL Tests
    2.1 Tests conducted prior to the certification engagement
    2.2 Prior test results
3. Materials Required for Testing
    3.1 Software
    3.2 Equipment
    3.3 Test materials
    3.4 Deliverable materials
4. Test Specification
    4.1 Requirements
    4.2 Hardware configuration and design
    4.3 Software system functions
5. Test Data
    5.1 Test data recording
    5.2 Test data criteria
    5.3 Test data reduction
6. Test Procedure and Conditions
    6.1 Facility requirements
    6.2 Test set-up
    6.3 Test sequence
7. Proprietary Data

Required Content of Test Plan

Introduction

    Test Plan references shall list all documents containing 
materials used to prepare the test plan. This section of the plan 
shall include a copy of the implementation statement provided by the 
manufacture and any interpretations made by the VSTL to fully 
identify the implementation under test and the scope of the testing 
engagement. The VSTL shall identify all parties responsible for 
conducting testing of the candidate voting system, including all 
subcontracted testing laboratories and all engineers assigned to the 
test engagement.

Evaluation of Previous Testing

    The VSTL shall document all previous certifications, reviews or 
other testing that may impact the VSTL's determination of the scope 
of the conformity assessment testing for the candidate voting 
system. The VSTL may recognize certifications, and tests conducted 
by other labs, including non-VSTLs, as making some portions of the 
voting system testing campaign redundant. For example, a COTS 
computer should already have been certified to comply with the rules 
and regulations of the Federal Communications Commission (FCC), Part 
15, Subpart B requirements for both radiated and conducted emissions 
and need not be retested for this requirement. Also, if a slightly 
modified system is submitted for reassessment, the VSTLs finding 
that some of the previous testing need not be repeated would be 
documented in this section of the Test Plan subject to approval of 
the EAC.

Materials

    The VSTL shall enumerate all materials delivered by the 
Manufacturer to enable the test engagement to occur. These materials 
include not only the applicable hardware and software, but also the 
Technical Data Package (TDP) test ballot, test data, and all other 
materials necessary to conduct appropriate testing. All materials 
delivered to the VSTL shall be identified by specific version 
number, product number, serial number, etc., if appropriate, and the 
quantity of each item delivered shall be noted.

Specifications

    For all applicable tests specified in the VVSG, the VSTL shall 
document the implementation details that determine how the standard 
tests are realized for the voting system under test. For all tests 
that the VSTL is adopting from publicly available test suites 
(including those that may be developed by NIST at a future date), 
the VSTL shall identify the public reference and document the 
implementation details that determine how the public tests are 
realized for the voting system under test. For all other tests, the 
VSTL shall incorporate all relevant information into the test plan 
as needed to reproduce the testing.

Data

    The VSTL shall identify what data is to be measured, and how 
tests and results are recorded. The VSTL shall supply any special 
instrumentation needed to satisfy the data requirements. The VSTL 
shall describe the criteria against which the results will be 
evaluated, including but not limited to criteria defining the 
acceptable range for voting system conformance (tolerances); 
criteria defining the minimum number of combinations or alternatives 
of input and output conditions that can be exercised to constitute 
an acceptable test of the parameters involved (sampling); and 
criteria defining the maximum number of interrupts, halts or other 
system breaks that may occur due to non-test conditions (events).

Procedures and Conditions

    The VSTL shall provide the information necessary to reproduce 
the testing that it performs. This information includes facility 
requirements, test set-up, test sequence, and pass criteria.

Proprietary Data

    The VSTL shall list and describe in this section all 
documentation and data that are proprietary to the Manufacturer and 
hence subject to restrictions on use, release, or disclosure. All 
proprietary data and information must be included in this section, 
preferably as a separate electronic file, in order to easily publish 
the test plans on the EAC Web site while withholding information 
considered proprietary or confidential by Federal law.
BILLING CODE 6820-KF-P

[[Page 50165]]

[GRAPHIC] [TIFF OMITTED] TN25AU08.007

BILLING CODE 6820-KF-C

[[Page 50166]]

Appendix B. Certification Test Report Format and Content

    The primary purpose of the test report is to facilitate the 
presentation of conclusions and recommendations regarding voting 
system conformance to the VVSG. The Test Report also provides a 
summary of test operations, test results, test data records and 
analysis to support the conclusions and recommendations presented by 
the VSTL. Although this appendix serves as a general guide to 
preparing the test reports, VSTL's may tailor the scope and detail 
of the testing conducted on the candidate voting system.
    This appendix should be used along with the requirements noted 
in the applicable version or versions of the EAC's VVSG when 
developing test reports.

Test Report Format

    Test Reports produced by VSTLs shall follow the format outlined 
below:

1. System Identification and Overview
2. Certification Test Background
    2.1 Revision History
    2.2 Implementation Statement
3. Test Findings and Recommendation
    3.1 Summary Finding and Recommendation
    3.2 Reasons for Recommendation to Reject
    3.3 Anomalies
    3.4 Correction of Deficiencies
Appendix A. Additional Findings
Appendix B. Warrant of Accepting Change Control Responsibility
Appendix C. Witness Build
Appendix D. Test Plan
Appendix E. State Test Reports

System Identification and Overview

    The VSTL shall provide basic information about the voting system 
software and supporting hardware including the system name and major 
subsystems or their equivalent and their version numbers. In 
addition, this section shall describe the design and structure of 
the voting system, technologies used, processing capacity claimed by 
the Manufacturer for system components such as ballot counters, and 
vote consolidation equipment. The description of the voting system, 
both software and hardware shall have enough detail and specificity 
to allow the identification of a voting system in the field as being 
either identical to that tested or a modified version of the system. 
This section may also identify other products that interface with 
the voting system.

Certification Test Background

    For modifications to previously tested voting systems, the VSTL 
shall include references to the test reports that are precedential 
to the current testing engagement. The VSTL shall also include the 
implementation statement submitted by the Manufacturer, amended to 
reflect any changes that were necessitated during the course of the 
testing engagement.

Test Findings and Recommendation

    This section provides a summary of the results of the testing 
engagement and indicates any special considerations that affect the 
conclusions derived from the test results.
    The VSTL shall present a summary finding of whether or not the 
voting system, as tested, satisfied all applicable mandatory 
(``shall'') requirements of the VVSG. The VSTL shall also provide a 
specific recommendation to the EAC for approval or rejection of the 
candidate system. If the VSTL finds that the voting system under 
test does not satisfy all applicable mandatory requirements of the 
VVSG, the VSTL shall identify each of the specific requirements that 
were not satisfied, and include a description of the inspections or 
tests that detected the nonconformities and include any applicable 
evidence (e.g., vote data report, citation of logic error in source 
code, etc.) The VSTL shall also summarize all failures, errors, 
nonconformities and anomalies that were observed during the testing 
engagement. Finally, the VSTL shall identify any deficiencies 
corrected during the course of the test engagement and identify 
inspections or tests that confirm that the deficiencies were 
corrected.

Appendix A. Additional Findings

    The VSTL shall include as Appendix A of the Test Report 
identification of each applicable non-mandatory test (``shoulds'') 
for which conformity was demonstrated during the testing engagement. 
Appendix A shall also include identification of all tests that were 
identified as non-applicable to the voting system under test and 
therefore waived during the test engagement. Appendix A shall also 
include the laboratory response to any additional information, 
report or review provided by the EAC regarding the voting system 
under testing, and whether or not the items noted in the materials 
presented have any relevance to the system under test.

Appendix B. Warrant of Accepting Change Control Responsibility

    If the Manufacturer must make changes to the voting system to 
successfully complete the conformance testing, the VSTL shall 
include as Appendix B of the Test Report a signed warrant from the 
Manufacturer that those changes will be included in the product that 
is delivered to customers.

Appendix C. Witness Build

    The VSTL shall include as Appendix C of the Test Report a copy 
of the record of the final witness build and sufficient description 
of the build process to enable reproduction of the build.

Appendix D. Test Plan

    The VSTL shall include a copy of the voting system Test Plan, 
amended to reflect any deviations from the original, EAC approved, 
test Plan during the course of testing.

Appendix E. State Test Reports

    The VSTL shall include the results or reports form any testing 
engagement requested by a State to the EAC candidate system 
conducted concurrent to the EAC testing engagement. The results of 
State test reports shall not impact the EAC certification of the 
voting system if the system successfully meets all requirements of 
the EAC VVSG and Testing and Certification Program.
BILLING CODE 6820-KF-P

[[Page 50167]]

[GRAPHIC] [TIFF OMITTED] TN25AU08.008


[[Page 50168]]


[GRAPHIC] [TIFF OMITTED] TN25AU08.009


[[Page 50169]]


[GRAPHIC] [TIFF OMITTED] TN25AU08.010


[[Page 50170]]


[GRAPHIC] [TIFF OMITTED] TN25AU08.011

BILLING CODE 6820-KF-C

[[Page 50171]]

Appendix D. Specification for Reproduction and Use of the EAC 
Laboratory Accreditation Logo

    To maintain a high level of quality and consistency in a variety 
of applications, the following guidelines have been developed for 
VSTL use of the EAC laboratory accreditation logo.

Use and Display

    The EAC VSTL logo contains the following elements:
    The ``U.S. Election Assistance Commission'' and ``VSTL'' 
logotype separated by a divider rule. The EAC will provide all 
accredited VSTLs with high resolution digital files for use on 
approved written or electronic documents.
    The logo may only be used by EAC accredited VSTLs and shall not 
misrepresent the specific standards or guidelines to which the VSTL 
has been accredited. The EAC VSTL logo may be displayed on all 
reports and work documents that contain exclusive results from 
testing activities that have been carried out within the labs' EAC 
scope of accreditation. Accredited laboratories may also incorporate 
the logo in publicity and/or advertising materials, including 
brochures and organization publications, technical literature, 
business reports, Web sites and quotations or proposals for work.
    Only the approved version of the VSTL logo may be used. When 
using the logo:
    * Do not print the logo in black over a dark background.
    * Do not change any colors of the logo.
    * Do not configure the elements of the logo in a different 
format.
    * Do not crop or remove any part of the logo.
    * Do not distort the logo.
    * Do not tilt the logo in any direction.
    * Do not add shadows, effects or other elements to the logo.
    * Do not change the typeface/font used in the logo.

Minimum Size

    The full VSTL logo must remain readable in all uses and should 
not be reduced to a size smaller than 2.5 inch x 1 inch.

Minimum Clear Space

    The clear space surrounding the VSTL logo is an integral part of 
the logo design. An area of clear space must be maintained around 
the logo to prevent it from being in conflict with other design 
elements on the page. The clear space should measure at least X on 
all sides, where X equals \1/2\ the height of the upper case letters 
``VSTL'' in the logo. Do not place any other logo, logotype, 
trademark, text, or other graphic element in the minimum clear space 
area.

One Color Printing

    A black version of the logo may be printed on white or light 
color background paper. In these instances, the logo should appear 
in 100% black.

Color Printing

    Whenever possible, the full color version of the logo should be 
used. The appropriate colors are provided below for 4 color process 
printing or RGB for electronic use.

Blue

    CMYK = 98/78/0/29
    RGB = 0/51/153
    HSL = 156/255/77

Red

    CMYK = 5/96/98/5
    RGB = 204/51/0
    HSL = 10/255/102
    Embossing on ``VSTL'' = CMYK 97/92/0/65
BILLING CODE 6820-KF-P

[[Page 50172]]

[GRAPHIC] [TIFF OMITTED] TN25AU08.012

[FR Doc. E8-19064 Filed 8-22-08; 8:45 am]
BILLING CODE 6820-KF-C