THE TEXAS SECRETARY OF STATE WILL BE CLOSED FRIDAY, MARCH 29, IN OBSERVANCE OF GOOD FRIDAY.
Election Notice:  Thursday, April 4, 2024 is the last day to register to vote for the May 4, 2024 Uniform Election  |  ID requirements for voting in person  |  ID requirements for voting by mail  |  Election Night Returns  |  Visit VoteTexas.gov for more election information
EFFECTIVE SEPTEMBER 1, 2023, OUR LOBBY WALK-IN HOURS WILL BE 9 A.M. - 4 P.M. (CENTRAL), MONDAY - FRIDAY.

Election Advisory No. 2011-17

To: All Election Officials
From: Elizabeth Hanshaw Winn, Interim Director of Elections
Date: December 7, 2011
RE: Access to Voting System Equipment

This advisory provides guidance on how to comply with Section 129.053 of the Texas Election Code, which provides as follows:

The general custodian of election records shall secure access control keys or passwords to voting system equipment.  Use of access control keys or passwords must be witnessed by one or more individuals authorized to use that information. The use of an access control key or password must be documented and witnessed in a log dedicated for that purpose that is retained until the political subdivision disposes of the equipment.

In granting access to election management software and DRE voting systems, a mechanism such as a form, a letter, or an entry on an access-authorization-list needs to be in place to document and support:  1) the granting of access (based on duties, which positions need access); 2) what privileges an individual is being granted (based on duties or role in the elections process); and 3) to document that the granting of access did in fact come from the appropriate, authorized person (the custodian of elections).  The list of those granted access should include names, roles (job title or description) and the location where the person is granted access.  If an individual leaves, changes roles or positions, or no longer requires access, the access-authorization-list needs to be updated and amended to remove the person's eligibility.  Any keys distributed should be collected and passwords should be changed as applicable.

The distribution of keys and passwords to election software and hardware should be controlled and managed by the custodian of elections.  Individuals accessing a controlled or secured area, including using election software stored on the election computer, should be required to log in and/or sign a transaction log or registry that notes the date, the time of entry and the time of exit.  Real-time audit logs are sufficient for tracking access to election software.  Audit logs for systems employing key-card swiping are also considered adequate.  Elections custodians should manage exceptions for certain persons or situations on a case-by-case basis, according to procedures outlined in their local policy guide or manual.  All documented access management records are subject to storage and retention requirements in the same manner as other election custodian documents, and elections custodians should be capable of retrieving them in a timely manner.

If you have any questions, please contact the Elections Division toll-free at 1-800-252-VOTE (8683).

Attached:
Example of Elections Division Access Control Procedures (PDF)
Sample of Election Management Room Access Control Log (PDF)

EHW:JW:id