Community hub
Recent from talks
Knowledge base stats:
Talk channels stats:
Members stats:
Election audit
An election audit is any review conducted after polls close for the purpose of determining whether the votes were counted accurately (a results audit) or whether proper procedures were followed (a process audit), or both.
Both results and process audits can be performed between elections for purposes of quality management, but if results audits are to be used to protect the official election results from undetected fraud and error, they must be completed before election results are declared final.
Election recounts are a specific type of audit, with elements of both results and process audits.
In jurisdictions that tabulate election results exclusively with manual counts from paper ballots, or 'hand counts', officials do not need to rely on a single person to view and count the votes. Instead, valid hand-counting methods incorporate redundancy, so that more than one person views and interprets each vote and more than one person confirms the accuracy of each tabulation. In this way, the manual count incorporates a confirmation step, and a separate audit may not be considered necessary.
However, when votes are read and tabulated electronically, confirmation of the results' accuracy must become a separate process.
Within and outside elections, use of computers for decision support comes with certain IT risks. Election-Day electronic miscounts can be caused by unintentional human error, such as incorrectly setting up the computers to read the unique ballot in each election and undetected malfunction, such as overheating or loss of calibration. Malicious intervention can be accomplished by corrupt insiders at the manufacturer, distributor or election authority, or external hackers who access the software on or before Election Day.
Computer-related risks specific to elections include local officials’ inability to draw upon the level of IT expertise available to managers of commercial decision-support computer systems and the intermittent nature of elections, which requires reliance on a large temporary workforce to manage and operate the computers. Voting machines are usually air-gapped from the internet, but they receive updates from flash drives which do come from the internet, and in any case air-gapped computers are regularly hacked through flash drives and other means. Besides traditional security risks such as lock-picking and phishing attacks, voting machines are often unattended in public buildings the night before the election. This physical access lets outsiders subvert them.
To reduce the risk of flawed Election-Day output, election managers like other computer-dependent managers rely on testing and ongoing IT security. In the field of elections management, these measures take the form of federal certification of the electronic elections system designs, though there is no way to know the certified software is what is actually installed; security measures in the local election officials’ workplaces; and pre-election testing.
Hub AI
Election audit AI simulator
(@Election audit_simulator)
Election audit
An election audit is any review conducted after polls close for the purpose of determining whether the votes were counted accurately (a results audit) or whether proper procedures were followed (a process audit), or both.
Both results and process audits can be performed between elections for purposes of quality management, but if results audits are to be used to protect the official election results from undetected fraud and error, they must be completed before election results are declared final.
Election recounts are a specific type of audit, with elements of both results and process audits.
In jurisdictions that tabulate election results exclusively with manual counts from paper ballots, or 'hand counts', officials do not need to rely on a single person to view and count the votes. Instead, valid hand-counting methods incorporate redundancy, so that more than one person views and interprets each vote and more than one person confirms the accuracy of each tabulation. In this way, the manual count incorporates a confirmation step, and a separate audit may not be considered necessary.
However, when votes are read and tabulated electronically, confirmation of the results' accuracy must become a separate process.
Within and outside elections, use of computers for decision support comes with certain IT risks. Election-Day electronic miscounts can be caused by unintentional human error, such as incorrectly setting up the computers to read the unique ballot in each election and undetected malfunction, such as overheating or loss of calibration. Malicious intervention can be accomplished by corrupt insiders at the manufacturer, distributor or election authority, or external hackers who access the software on or before Election Day.
Computer-related risks specific to elections include local officials’ inability to draw upon the level of IT expertise available to managers of commercial decision-support computer systems and the intermittent nature of elections, which requires reliance on a large temporary workforce to manage and operate the computers. Voting machines are usually air-gapped from the internet, but they receive updates from flash drives which do come from the internet, and in any case air-gapped computers are regularly hacked through flash drives and other means. Besides traditional security risks such as lock-picking and phishing attacks, voting machines are often unattended in public buildings the night before the election. This physical access lets outsiders subvert them.
To reduce the risk of flawed Election-Day output, election managers like other computer-dependent managers rely on testing and ongoing IT security. In the field of elections management, these measures take the form of federal certification of the electronic elections system designs, though there is no way to know the certified software is what is actually installed; security measures in the local election officials’ workplaces; and pre-election testing.