Risk Limiting Audits

As part of the Election Cybersecurity umbrella, many states are considering mandatory Risk Limiting Audits (RLA) as a means to promote voter confidence in the election process. The purpose of any post election audit is to verify that the automated vote count is accurate, ie. that the voting equipment properly counted the ballots and that the ballots counted are genuine. If an election had been compromised via cyber-activity or any other activity, a RLA is one method of discovery.

Although there are state-by-state and federal laws that can mandate audits and recounts, currently 35 states and D.C. require some kind of auditing. The Election Assistance Commission (EAC) has published a white paper on Risk-Limiting Audits found here: https://www.eac.gov/assets/1/6/Risk-Limiting_Audits_-_Practical_Application_Jerome_Lovato.pdf

The following excepts are from the EAC publication on Risk Limiting Audits;

“A risk-limiting audit is a post-election audit that provides strong statistical evidence that the election outcome is correct, and has a high probability of correcting a wrong outcome. An RLA manually checks a sample of ballots, or voter-verifiable paper records, until there is sufficient evidence that the reported outcome is correct. An RLA could eventually lead to a full manual recount if there is not enough evidence to prove that the reported outcome is correct. “










  • Adaptable: Can be adapted to any voting system or contest as long as a paper trail exists whether it be hand-marked paper ballots, voter-verifiable paper records, or voter-verifiable paper audit trails
  • Efficient: The comparison RLA provides efficiency by allowing election officials to compare a ballot to the voting system’s CVR and generally allows jurisdictions to audit fewer ballots compared to other audit methods. A ballot-polling RLA is also efficient for contests with a margin of 10% or greater.
  • Time-Saving: A jurisdiction can complete an audit in two hours or less for contests with relatively large margins (30% or greater) versus four hours or more for most standard post-election audits. Most counties in Colorado experienced a time savings after conducting RLAs for the 2017 Coordinated Election compared to their previous random machine audit.
  • Accurate: Provides assurance that the election outcome is correct (the declared winner is truly the winner and the declared loser is truly the loser)
  • Independent: Ballot-polling and batch-polling RLAs can be conducted without knowing how the voting system interpreted a particular ballot or batch.
  • Cons
  • Limited: Cannot be used by jurisdictions that use currently deployed DREs without a voter-verifiable paper record, and does not audit every part of the election process, such as voter registration and ballot programming.
  • Unpredictable: A very close contest may need additional resources that were not accounted for in a jurisdiction’s budget.
  • Time-Consuming: Can lead to a 100% manual recount if a contest has a very slim margin (approximately 0.5% for comparison; less than 10% for ballot-polling) and/or enough discrepancies are found during the audit that continues to increase the number of ballots to audit.
  • Dependent: Comparison RLAs are dependent upon maintaining ballot order (or marking ballots with a unique identifier) and CVRs from the voting system.

For more information about Audits and Recounts, please refer to the EAC.


Leave a Reply

Your email address will not be published. Required fields are marked *