PUBLICATION

Election Vulnerability Reporting Guide

Revision Date

December 17, 2020

Related topics:

Cybersecurity Best Practices, Election Security

This resource provides election administrators with a step-by-step guide, list of resources, and a template for establishing a successful vulnerability disclosure program to address possible vulnerabilities in their state and local election systems. The six steps include:

Step 1: Identify Systems Where You Would Accept Security Testing, and those Off-Limits
Step 2: Draft an Easy-to-Read Vulnerability Disclosure Policy (See Appendix III)
Step 3: Establish a Way to Receive Reports/Conduct Follow-On Communication
Step 4: Assign Someone to Thank and Communicate with Researchers
Step 5: Assign Someone to Vet and Fix the Vulnerabilities
Step 6: Consider Sharing Information with Other Affected Parties

Download, print, and share this voluntary resource. Return to Election Security.

Resource Materials

Resource Name	File Type	File Size	Language
Guide to Vulnerability Reporting for America’s Election Administrators	PDF, 1.53 MB	1.53 MB

Election Vulnerability Reporting Guide

Resource Materials

Tags

How to Protect Against Iranian Targeting of Accounts Associated with National Political Organizations

Incident Response Plan (IRP) Basics

Personal Security Considerations Action Guide

COVID-19 Disinformation Toolkit - Spanish

Election Vulnerability Reporting Guide

Resource Materials

Tags

Related Resources

How to Protect Against Iranian Targeting of Accounts Associated with National Political Organizations

Incident Response Plan (IRP) Basics

Personal Security Considerations Action Guide

COVID-19 Disinformation Toolkit - Spanish