Audit

1. A systematic, independent, documented process for obtaining records, statements of fact, or other relevant information and assessing them objectively to determine the extent to which specified requirements are fulfilled. 2005 Voluntary Voting System Guidelines (VVSG) Glossary.

2. Verification of statistical or exact agreement of records from different processes or subsystems of a voting system. 2007 Voluntary Voting System Guidelines (VVSG) Glossary.

3. A review of a system and its controls to determine its operational status and the accuracy of its outputs.

Election system audits seek to determine if controls are properly designed and functioning to ensure the correctness of intermediate and final results of the system’s processing.

Source: Election Terminology Glossary - Draft, National Institute of Standards and Technology (NIST), https://pages.nist.gov/ElectionGlossary/; Electronic Voting Glossary, Michael I. Shamos, https://collaborate.nist.gov/voting/pub/Voting/Glossary/Shamos-Election-Glossary.pdf; Glossary - Introduction to Information Technology for Election Officials, U.S. Election Assistance Commission, https://www.eac.gov/assets/1/28/Glossary_IT-Terms_Managing_Election_Technology.pdf; Glossary of terms database, U.S. Election Assistance Commission, https://www.eac.gov/glossary/; Cyber Threats to Elections – A Lexicon, US Election Assistance Commission & Office of the Director of National Intelligence, https://www.dni.gov/files/CTIIC/documents/CTIIC_2018_Lexicon_without_banner_small_file_for_Post.pdf

4. An examination of the components of an election system – paper records, electronic records, etc. – used to assess whether the result of the vote was correct. A core component of a post-election voting audit is re-tabulating some values from ballots or comparing ballot records with digital results. Generally, an election audit will require the creation and retention of a paper ballot or paper audit trail, which serves as a software-independent record of voters’ intentions. An audit can occur when the election is particularly close, if there are reasons to believe it was tampered with, or, ideally, as a regular feature of the election cycle. A “risk-limiting audit” serves as a standard spot check that provides a large degree of statistical confidence that the election results are correct.

Source: Election Cybersecurity 101 Field Guide – Glossary, Center for Democracy & Technology, https://cdt.org/insight/election-cybersecurity-101-field-guide-glossary/

5. Independent review and examination of records and activities to assess the adequacy of system controls, to ensure compliance with established policies and operational procedures, and to recommend necessary changes in controls, policies, or procedures. (SP 800-32) (NISTIR).

Source: The Cyber Glossary, National Security Archive, George Washington University, https://nsarchive.gwu.edu/news/cyber-vault/2018-09-19/cyber-glossary

6. In an election context, an activity that seeks to validate and verify as many aspects of the election cycle as possible without violating state privacy laws. An audit may involve a recount of the votes, but this is only one of the actions that an audit may entail.

Source: Asking the Right Questions about Electronic Voting, National Research Council on the National Academies, https://www.nap.edu/catalog/11449/asking-the-right-questions-about-electronic-voting

7. A post election audit is any review conducted after polls close for the purpose of determining whether the votes were counted accurately (a results audit) or whether proper procedures were followed (a process audit), or both.

Source: U.S. Cyberspace Solarium Commission, March 2020, https://subscriber.politicopro.com/f/?id=00000170-c638-d8f7-a7f1-f63b33510000

8. An independent pre- and/or post-election evaluation of an organization, system or process which includes quantitative and qualitative analysis.

Source: British Columbia Independent Panel on Internet Voting, https://elections.bc.ca/docs/recommendations-report.pdf