How does Colorado confirm the legitimacy of an election? It begins with the roll of a dice.
Monday morning, employees of the Secretary of State's Office convened to roll a 10-sided dice 20 times, creating a sequence of numbers, or a "seed," to determine which ballots the counties must check to confirm the accuracy of the 2020 election.
It's the first step in what's called a risk-limiting audit - a procedure that compares votes on paper ballots with results collected by vote-counting machines to scan for discrepancies and correct erroneous tabulations. Scroll down to see a flow chart of the process.
The counties finished counting votes Friday. The audit results are due to the state by Nov. 24.
"Every election administration in the U.S. has a goal of conducting a secure, safe and accurate election," Colorado's Deputy Election Director Hilary Rudy said. "A risk-limiting audit helps confirm that that did, in fact, happen."
Colorado was the first state to require such audits with a law approved in 2009. The statewide election in November 2017 was the first time any state performed a risk-limiting audit on the ballot count. The 2020 election is the first for a presidential general election.
There are two other states that require in state law a post-election risk-limiting audit. And nine additional states have the option to perform them or have instituted pilot programs, according to the National Conference of State Legislatures, a Denver-based bipartisan organization.
The risk-limiting audit is more time- and cost-efficient than hand-count audits, which is the other type of post-election audit that states conduct, according to Neal McBurnett, a Boulder-based voting systems expert who helped implement the nation's first risk-limiting audit.
"We use computers and/or fallible humans to tabulate our ballots," McBurnett said. "With any process - especially ones that use computers and that are vulnerable - we should double-check the results. It's as simple as that."
How the risk-limiting audit works in Colorado
First, the dice is rolled, then the ballots with the corresponding numbers are pulled. County audit boards - each composed of one Democrat and one Republican - manually review those ballots and report voter markings to the secretary of state using audit software. If the markings on those ballots match the outcome recorded by the voting system, that's good. If they don't, the audit board compares additional ballots until the outcome is confirmed. This is a comparison risk-limiting audit.
Counties with older systems that don't read or export a voting record use a ballot-polling risk-limiting audit. This audit performs the same process, only the ballots are compared with the sample of the reported winner instead of the voting system, similar to an exit poll.
"You want to take a statistical sample of the ballots and say 'Does this match the outcome?'" McBurnett said. "That's why we do audits, in a nutshell."
The audit concludes when it finds strong evidence that the outcome is correct, or when it finds the opposite, prompting a full recount by hand.
What's the point of a post-election audit?
"You don't run a risk-limiting audit because there was a problem," Ben Adida, executive director of nonprofit VotingWorks, said Tuesday in a webinar. "You run a risk-limiting audit to build more confidence in the outcome."
Before Colorado's first risk-limiting audit in 2017, the Secretary of State's Office randomly selected voting systems for an audit but didn't expand the audit to a full count. This lowered the chance of finding incorrect outcomes, much less correcting them, according to the U.S. Elections Assistance Commission. Risk-limiting audits consider contest margins and errors discovered by the audit, yielding a minimum of missing incorrect outcome, called a "risk limit."
Secretary of State Jena Griswold established the risk limit for this election at 4%, which means auditors will scan ballots until there's a 96% chance the audit yields a correct outcome. In the 2018 election, the limit was 5%.
The 5% is the highest level allowed in law for statewide elections, but Rudy said Griswold chose the lower number because the auditing process is relatively new and she wanted lower risk limits for these first few audits.
"You start with the assumption that there must be an incorrect outcome, and you audit until you disprove it or correct it," Rudy said. "If we go through the first round and have found enough discrepancies that we haven't met the risk limit, then we conduct a second round, and continue conducting rounds until we meet the risk limit."
In the six previous audits performed by the state - the 2020 general election will be the seventh - auditors have found discrepancies on ballots such as dissimilar signatures and circles instead of bubbles but no incorrect outcomes, Rudy said.
While these audits rarely discover incorrect outcomes, ballot discrepancies may educate election officials on ways to improve voting instructions and ballot layouts, said Tammy Patrick, senior elections adviser for the Democracy Fund and a former county election official, during the webinar.
"Oftentimes that's what was problematic, not the machine misreading the area the voter was supposed to mark in," Patrick said.
This story originally appeared in the Colorado Sun. It was written in partnership with the Sun through a collaboration powered by COLab, the Colorado News Collaborative - a nonprofit formed to strengthen local public-service journalism in Colorado. KSUT joined this historic collaboration with more than 40 news organizations to share in-depth local reporting to better serve Coloradans.