The audit professionals selected by the Maricopa County Board of Supervisors’ (MCBOS) to perform the audit of the Phoenix area 2020 election results, were first identified as being not certified, despite the MCBOS’s claims that they were.
Now, these same auditors were observed while performing their audit, not adhering to numerous activities they themselves should be auditing, and then they were involved in the most profane action you can imagine.
We reported previously that the Maricopa County Board of Supervisors (MCBOS), the body that oversees elections in the Phoenix area, finally agreed to have audits performed of their 2020 election results after suing the Arizona Senate to prevent the audits from taking place. The MCBOS finally agreed but only if they could choose the auditors. The auditors they chose they claimed were certified but we found out that they were not. Within hours of our reporting, the governing body in Washington D.C. certified these entities. We have no idea what information the governing body used to make this change.
Pro V&V was one of the firms selected by the MCBOS. Not only were they NOT certified when selected, they apparently are not very professional as well.
A group of IT specialists decided to observe the Pro V&V team performing their audit in Maricopa County. Surveillance was available per public access to surveillance cameras at the location the audit was being performed. The observers were able to review the activities going on inside the auditee’s location. Many actions caused the observers concern.
One observer, Ryan Hartwig, signed an affidavit where he explained that he was concerned about the audit being performed because the Nest cams (cameras set up to film the work being performed) in the tabulation center were not working properly and the auditors there often looked at the cameras, used their phones in the facilities, and left the door to the facility open, which indicates a lack of knowledge of, or contempt for, proper access controls. (Access controls are those controls that prevent unwelcomed access to a facility or network. Ensuring doors are locked, ensuring proper access to a facility through passwords or keys, ensuring property access to machines and networks through the use of adequate passwords, prevention of intrusion through the Internet, etc. would be types of access controls.)
On the evening of the 5th, after observing the auditors for a week, Ryan and some members of his IT group decided to drive to the location where the audit was taking place and review the location for improper system and building access. He observed, as noted in his affidavit below:
I left my home and drove to the MCTEC, getting there around 10:20pm. I opened an app on my android phone named Wifi Analyzer (made by VRem Software Development) and saw that there was a network with the name of MCPublic that was an open network. When Aaron got there and ran a scan, he told me he saw an Apple TV, Xbox, and a Wii on the public county network. Where we were at, there weren’t that many other buildings nearby. Aaron also scanned and said he saw a 3Com device on the network, which he told me is vulnerable to hacking.
What were the auditors doing? Playing video games? Then the professionalism of the auditors came shining through per Ryan’s Affidavit:
At one point, Aaron told me he saw one of the networks change names to “f$$kyou” [see picture below]. I looked over at his laptop and saw the WiFi name “f$$kyou”, and I took a picture of his laptop showing that. I then used The WiFi Analyzer on my phone and also saw the same network “f$$kyou” on my phone as well. I took a screenshot of that on my own phone. The Wifi Analyzer shows distances and I looked on my phone and saw that it said that the MCPublic network was at approximately 195.3m and the “fuckyou” network was at approximately 193.3m from my position.
Ryan provided the screenshot below as well:
The fact that the auditors would send such a profane message while having such an irreverent contempt for the controls they themselves should be auditing is a major cause of concern. This was no professional audit. Why would this firm ever be selected to perform an audit of anything with this type of professionalism and flippant regard for the activities they should be auditing?
There is much more in the affidavits below.
Below is Ryan Hartwig’s Affidavit:
Below is Aaron Wagner Affidavit:
Below is Matt Van Bibber Affidavit:
Here’s the audio with Ryan Hartwig:
Here is the statement by Ryan Hartwig.
In decades of audit work, I have never seen or heard of an auditor who sent a crude message like the one that was sent to the observers in Arizona. This is the most unprofessional audit action I have ever heard of.