Risk-Limiting Audits

The new hotness in election integrity is Risk-Limiting Audits. I'm going to ramble a bit about them here because so far I've pretty much missed the point of what the "Risk-Limiting" phrase means. But I just now figured it out and I want to steer you, dear reader, away from falling into the same pothole that trapped my brain.

What I thought I knew about risk-limiting audits from reading various popular-science-ish articles:

They catch election fraud by checking some ballots
Figuring out how many ballots to check involves really tricky statistics, so don't worry your pretty little head about it.

Then I read that an election in Orange County (population: 3 million) tried a risk-limiting audit and thus checked a few dozen ballots. A few dozen? This boggled my mind: how was that going to catch cheating? That seemed smaller than the number of voting machines. That seemed smaller than… Well, it seemed too small.

I bounced around some web pages until I found something willing to go into more detail than "don't worry your pretty little head about it". And thus found out the reason for my confusion: what "risk" we're trying to limit.

A risk-limiting audit checks for cheating, but only tries to catch cheating that was massive enough to change the election outcome. So if your election results suggest that ⅔ of your million voters voted for candidate Alice over candidate Bob, you might not check enough ballots to catch all cheating. But you want to check enough to probably-detect if, uhm, ⅙ of those votes were faked, since that's how many votes Alice's conspirators would need to "steal" from Bob to make a difference. And to catch one of that many changed votes, a dozen ballots is probably more than enough.