"The level of security assurance of the pilots conducted in 2007 was below that associated with other government IT projects, and best practice in security governance was not followed," the report found.
"No significant security incidents were reported during the 2007 e-voting pilots. Given the short timescales, the limited technical documentation for the systems, and the lack of comprehensive acceptance testing, this was fortuitous: the level of risk of a security incident was much higher than it should have been."
The commission found that the public found the interface for internet voting was easy to use. Two thirds of those who tried it would like to see it extended on a national basis.
When it comes to electronic counting of ballots the Commission found that similar problems found in the internet voting systems occurred. These were so serious that in some of the pilot schemes electronic counting of ballots was slower and more expensive than human counting.
"The Commission recommends that no further pilot schemes involving e-counting should be undertaken unless there is an effective framework of qualified suppliers that local authorities can use with confidence to support it," said the report.
"Substantial testing, either through an accreditation and certification process or through a detailed and thorough procurement process, must be a prerequisite of any further piloting of e-counting.
"We note that for elections to the London Assembly and for the Mayor of London, which are next due to take place in 2008, there is already provision in law for an e-count to be carried out without the need for a pilot. "
_(28).jpg&h=140&w=231&c=1&s=0)
_(22).jpg&h=140&w=231&c=1&s=0)
_(26).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
