►
From YouTube: February 5, 2018 Audit Committee
Description
Minneapolis Audit Committee Meeting
A
Good
morning,
I'm
going
to
call
to
order
the
meeting
of
the
Minneapolis
Audit
Committee
for
Monday
February
5th,
it's
the
first
meeting
of
the
year
for
our
audit
committee.
My
name
is
Lenny
Palmisano
and
I'm.
The
chair
of
this
committee,
and
with
me
here
at
the
dais,
are
the
following
committee
members.
Some
of
them
are
new.
We
have
councilmember
Abdul,
Waris
ami,
who
chairs
ways
and
means
for
us
this
term,
council,
member
Jeremy
Schrader
mr.
Scott
Neil
mr.
David
Fisher,
and
we
also
have
Park
Commissioner
Chris
Meyer,
who
will
be
here
shortly.
A
Please
let
the
record
reflect
that
we
have
a
quorum
and
without
objection,
I'd
like
to
ask
mr.
Scott
Neal
to
continue
in
his
role
of
vice
chair
that
all
those
in
favor,
please
say
aye
aye
that
is
approved.
Thank
you.
Colleagues.
We
have
an
agenda
today
that
includes
receiving
and
filing
an
update
report
on
body,
worn
cameras
from
the
Minneapolis
Police
Department
and
then
under
new
business
will
hear
the
internal
audit
annual
report,
as
well
as
other
updates
and
reports
from
our
internal
audit
department
and
a
presentation
of
the
2018
audit
plan.
A
Thank
you.
It's
been
moved
and
seconded
all
of
those
in
favor.
Please
say:
aye
aye
opposed
the
eyes.
Have
it
and
the
agenda
is
adopted.
First,
we'll
accept
the
minutes.
From
our
last
meeting
on
September
19th
of
last
year,
I
recognize
some
of
you
weren't
part
of
this
committee.
I
have
gone
over
them
thoroughly
and
so
I
will
move
adoption
of
those
minutes.
All
those
in
favor
of
that
motion,
please
say:
aye
aye
opposed
the
eyes.
Have
it
in
the
minutes
are
adopted.
A
B
B
So
you
attorney's
office
and
other
stakeholders
before
it
gets
finalized.
So
I
believe
that
was
a
lot
of
work
to
make
sure
that
the
policy
was
revised
consistent
with
the
audit
report
and
consistent
with
all
the
other
MPD
policies,
because
sometimes
we
change
one
affects
a
few
others.
So
there
was
a
lot
of
work.
B
B
The
next
steps
for
the
police
department
is,
as
I've
mentioned,
to
circulate
and
finalize
the
policy
and
then
there's
also
staff
directions
that
came
from
Public
Safety
to
the
police
department,
to
provide
some
information
to
them
and
I
believe
that's
occurring.
February
15th
at
the
next
public
safety
meeting
and
I
believe
that
report
will
include
a
response
to
the
audit
report
and
our
attention
from
the
audit
perspective
is
to
take
that
response
and
use
it
as
the
foundation
for
the
follow-up
that
we'll
be
doing
going
forward
related
to
this
audit.
B
B
A
You
are
there
any
questions
or
comments
from
the
committee.
I
have
a
couple.
I
do
want
to
point
out
that
deputy
chief
Halverson
has
been
very
accepting
of
this
audit,
while
he
isn't
here,
a
lot
of
our
police
department
has
been
very
involved
in
all
of
the
work
that's
gone
into
preparing
for
this
large
event
called
the
Superbowl
that
just
ended.
A
I
also
want
to
point
out
that,
unlike
other
audits,
that
we
have
done
this
isn't
about
just
agreeing
or
disagreeing
with
findings,
it
has
a
policy
piece,
and
it
also
has
a
practice
piece
and
how
we
make
progress
on
this.
So
we
appreciate
that
there
are
three
believe
staff
directions.
Correct
me
if
I'm
wrong,
but
we'll
be
coming
back,
and
our
understanding
is
that
they
are
part
of
the
February
15th
public
safety
meeting
and
I
will
be
asking
a
lot
of
questions
there.
One
of
those.
A
One
of
those
quarterly
reports
may
or
may
not
be
given
at
the
February
15th
meeting,
but
it
does
occur
to
me
that
we
never
really
said
what
should
a
quarterly
report
contain
and
so
I
do
plan
to
bring
some
of
those
elements
to
that
meeting
as
a
suggestion
that
come
from
this
work
last
fall.
Thank
you
for
this
update
any
other
thoughts
or
questions.
Okay,
great
I'd,
like
to
move
this
report,
may
I
have
a
second.
It's
been
moved
and
seconded
all
those
in
favor.
Please
say
aye
opposed
that
carries
with
that.
A
Excuse
me
clerk.
Can
you
tell
me,
do
we
need
to
publisher
there
isn't
a
report
specifically
that
comes
with
that.
So
are
we
ordering
anything
published?
Okay!
Thank
you.
So
the
next
item
on
our
agenda
is
to
move
to
a
report
on
2017
work
and
efforts
of
our
internal
audit
department.
Mr.
vasilia
thank.
B
You
manager
so
for
2017
there's
an
annual
report
that
will
be
published
at
the
end
of
this
meeting,
so
I'm
just
going
to
cover
some
of
the
highlights
here.
We
completed
six
projects,
including
five
audits
and
a
consultation
relative
to
prior
years.
Last
year
we
completed
six
audits
and
three
other
projects,
and
in
2015
it
was
two
audits
and
for
other
projects
when
the
department's
still
rolling
getting
started.
B
Also,
our
results
from
last
year
included
work
on
findings
and
corrective
actions.
2017
began
with
73
open
items.
The
way
we
started
tracking
these
things
in
2015-16
was
a
little
bit
looser.
So
some
of
these
were
finding
some
more
recommendation
and
some
were
a
management
action
plan
item
in
2017.
We
began
a
much
more
formal
process
to
collect
these
feedback
reports,
so
we
can
report
these
more
uniformly
going
forward
of
those
30
set
of
73
item
16
were
or
as
completed
during
2017,
and
we
added
14
findings
to
the
follow-up
procedures.
B
C
B
Madam
chair
mr.
Neal,
the
satisfaction
surveys
are
rated
from
inadequate
to
excellent
with
five
scales
or
not
applicable.
The
2015-16
figures
were
put
together
by
the
prior
audit
director,
mr.
Tetzel
and
I'm
not
sure
the
methodology
he
used,
but
for
2017
I
gave
us
a
zero
if
something
was
inadequate
and
a
hundred
if
it
was
perfect
and
then
25
50
75
for
the
in
between
ratings.
So
for
2017,
if
somebody
said
we
were
adequate
down
the
board,
it
would
have
been
50
percent.
A
A
Perhaps
that's
because
we
needed
to
move
some
things
around
so
things
that
were
maybe
on
the
agenda
that
fell
to
a
lower
priority,
so
they
maybe
we're
expecting
to
start
work
like
saying
second
quarter
and
it
didn't
start
till
fourth
quarter
or
something
like
that
or
can
you
can
you
help
us
understand
a
little
bit
more?
What
audit
planning
is
and
how
it
might
be
that
last
year,
that.
B
Madam
chair,
the
from
what
I
recall
the
survey
results.
It
was
how
useful
that
entrance
meeting
was
to
prepare
the
audited
area
for
the
audit,
in
particular,
laying
out
what
we
were
looking
for
in
terms
of
data
needs
and
other
expectations,
and
that
was
the
main
driver
for
it.
Dipping
from
the
mid-80s
down
to
the
70
I
see.
A
Thank
you
also.
I'd
want
to
just
acknowledge
for
committee
members
that
might
be
new.
We
do
these
audit
client
surveys.
They
come
out
from
my
office
just
as
a
way
to
be
one
step
removed
from
the
people
that
have
done
the
work
so
that
the
departments
that
have
been
audited
can
just
give
some
good
feedback
at
the
very
beginning
of
the
rebuilding
of
this
department.
We
used
it
to
really
see
what
are
we
doing?
Well,
what
do
we
need
to
be
doing
better,
I
read
these
surveys,
it.
A
In
addition,
the
extra
step
of
what
we
have
built
audit
into
B
is
to
be
helping
to
build
the
public
trust
in
our
enterprise,
so
I
think
these
numbers
still
look
quite
good.
I
also
want
to
say
that,
in
terms
of
the
body
worn
camera
audit,
we
are
still
getting
seeking
and
getting
back
client
surveys
from
from
different
parts
of
the
department
that
this
audit
was
shared.
With
and
they
need,
some
of
them
still
need
to
come
back,
so
those
will
be
incorporated
in
the
2017
numbers
once
they
do
so.
E
Scoring
was
done
by
your
your
predecessor
and
that
you
made
your
own
for
this
year,
I
just
recommend.
Perhaps
you
could
come
up
with
a
standardized
way
of
scoring
so
that
we
can
at
least
have
this
for
future
reference
and
we're
sure
we're
looking
at
the
same
types
of
references
in
doing
the
evaluations.
B
A
A
F
Morning,
madam
chair
and
esteemed
members
of
the
audit
committee,
my
name
is
Nikhil
D'souza
I'm,
a
partner
at
Bagram
consultants,
where
a
local
minority-owned,
IT
cybersecurity
firm,
and
so
we've
been
working
with
the
city
for
about
three
years
and
last
year
we
decided
to
do
an
evaluation
of
one
neck.
So
one
neck
is
a
third-party
provider
for
IT
services
to
the
city
of
Minneapolis
and
they're,
taught
that
the
largest
dollar
spent
for
the
entire
IT
department.
F
F
And
we
approach
this
by
reviewing
the
independent
audit
report,
the
sock
to
report
on
one
neck,
and
we
found
actually
no
findings
to
report
back
to
the
committee
with
respect
to
any
concerns
and
the
practices
of
security
and
privacy
at
what
next
solutions.
So,
overall,
this
was
a
consultation
that
resulted
in
a
positive
response
in
finding
out
that
our
third-party
provider
for
IT,
when
neck
solutions
has
adequate
security
and
privacy
practices
to
consider
the
city
of
campuses
data
and
override
the
infrastructure
secure.
But
do
you
have
any
questions.
F
A
Do
want
to
point
out
that
so
one
neck
to
add
to
mr.
de
Souza's
description
of
it
one
neck
holds
all
of
our
shared
drives
and
data
at
the
city
and
and
there's
a
lot
of
physical
items
here.
So
a
recent
contract
changed
the
unisys
to
one
that
change
made
this
a
good
candidate
for
auditing,
so
just
to
give
a
little
bit
of
historical
context.
That's
why
it
was
on
our
audit
report.
F
What
a
console
was
planning-
oh,
it
is
horse
and
actually
has
a
lot
of
the
city's
share,
Drive
data,
in
addition
to
other
key
infrastructure
and
systems.
So
that's
why
I
was
selected
as
part
of
the
audit
and
when
Carol
would
come
up
and
present
the
2018
out
of
planning
and
Lotus
that
we're
gonna
continue
the
third-party
theme
and
make
it
a
little
bit
broader
outside
of
just
one
act,
but
that
would
be
for
2018
great.
F
This
was
actually
straightforward.
It
was
a
very
pleasant
to
actually
see
an
IT
provider.
One
thing
I
would
call
out
that
they're
called
one
neck
because
they
like
to
be
accountable
the
one
neck
to
choke.
If
anything
goes
wrong,
that's
why
they
named
themselves
that
I,
you
know
I
pride
them
on
being
that
accountable
and
I
applaud
them
for
their
security
and
privacy
practices.
So
thank
you
very
much.
A
A
B
Manager,
the
automated
license
plate
readers
probe,
was
added
to
the
odd
plan.
Mid-2017
automated
license
plate.
Readers
are
used
to
do
exactly
what
it
sounds
like
they're
used
by
our
police
department
to
automatically
read
in
license
plate
numbers
and
where
the
license
plate
numbers
are
being
read
in
at
so
the
location.
The
time
the
number
it's
used
for
a
variety
of
police
applications
and
intelligence
operations.
B
This
audit
came
up
because
the
statements
of
the
state
statutes
requires
a
biannual
audit
of
license
plate
reader
programs
to
ensure
that
the
jurisdictions
that
have
them
are
using
them
appropriately
and
are
properly
safeguarding
the
data.
So
the
for
this
project,
our
main
objectives
were
to
ensure
compliance
with
state
statutes
for
our
Police
Department
and.
B
The
way
this
was
organized
is
different
from
our
other
audits,
because
when
we
started
looking
at
this
project,
we
consulted
with
the
Minnesota
Department
of
Administration,
which
receives
these
reports
and,
as
a
result
of
that
conversation,
we
actually
arranged
to
exchange
audit
services
with
the
Hennepin
County
audit
compliance
investigation
services
department.
So
we
audited
their
program
and
they
audited
our
program
both
at
no
cost
saving,
both
the
county
and
the
city.
However
much
it
would
cost
to
hire
consultants
to
do
this
work.
B
We
both
teams
are
intending
to
have
a
meeting
now
that
the
enforcement
groups
are
no
longer
focused
on
the
Super
Bowl
that
have
a
kind
of
feedback
in
a
process
improvement
area.
So
we're
hoping
that,
as
a
result
of
all
this,
we
will
also
have
areas
where
our
Police
Department
can
improve
their
program.
A
little
bit.
A
C
B
Madam
chair
mr.
Neil,
so
it
it
depends
on
which
element
of
the
state
statutes
we
were
looking
at.
So,
for
example,
one
of
the
elements
is
that
the
enforcement
authority
must
maintain
a
public
log
of
use,
so
either
there
is
a
public
log
you.
So
there
isn't
a
public
log
of
use,
there's
not
much
sampling
to
do
there,
there's
also
specific
types
of
data
that
can
be
maintained
and
specific
access
allowances
that
are
supposed
to
be
set
up
to
the
system
that
contains
the
data.
B
So
in
those
cases
it's
kind
of
a
pass/fail
without
sampling,
some
of
the
items
included,
for
example,
that
data
was
accessed
for
an
appropriate
law
enforcement
reason
and
for
those
instances,
and
also
for
instances
of
whether
the
access
was
appropriate.
There
was
some
sampling
done,
because
you
would
have
hundreds
of
accesses
to
data,
and
so
we
reviewed
a
set
number
of
those
accesses
to
make
sure
that
it
included
the
required
information
by
state
statute.
B
C
A
It's
been
moved
and
seconded
all
those
in
favor.
Please
say:
aye
aye
opposed
the
eyes.
Have
it
and
this
motion
passes.
Thank
you
with
that.
We'll
move
to
the
off-street
parking
audit
we're
just
chugging.
Through
these
today
there
there's
been
a
little
bit
of
a
backlog
so
we're
we
don't
usually
have
this
many
reports
to
go
over,
but
mr.
Vasilyev
will
continue
to
present
this
report
as
well.
B
The
author
parking
operator
audit
was
part
of
our
original
2017
audit
plan.
It
focused
on
the
contract
that
the
city
has
with
ABM,
which
operates
all
the
city-owned
ramps
of
which
there
are
17
in
the
in
the
city.
It
is
one
of
the
largest
non
construction
related
our
contracts
that
the
city
has
to
operate.
These
ramps
and
the
operations
include
not
only
spending
money
to
make
sure
they
are
functioning,
but
also
collecting
revenue
and
remitting
it
to
the
city.
B
For
the
scope
and
approach
for
this
audit,
we
reviewed
Public
Works
contract
management
practices
and
we
also
focused
on
many
provisions
of
the
contract
from
areas
of
record-keeping,
revenue,
collection,
invoicing,
service
and
maintenance
requirements
and
safety
requirements
and
subcontracting
requirements.
We
reviewed
how
ABM
ensure
compliance
with
the
contract
in
those
areas
and
did
some
substantive
sampling,
ramp,
walkthroughs
records
reviews,
and
we
are
actually
issuing
a
no
findings
report
because
they
are
doing
a
pretty
good
job
and
we
also
noted
no
instances
where
the
city
Public
Works
oversight
was
significantly
lacking.
B
Abm,
as
an
organization
actually
includes
their
own
internal
audit
department
just
for
the
city
contract.
So
they've
got
a
pretty
good
set
of
internal
controls
and
pretty
good
oversight
on
the
inside,
which
we
weren't
familiar
with
until
we
started
asking
them
how
they
ran
things.
I
think
it
was
a
very
helpful
exercise
to
show
and
provide
some
assurance
that
our
parking
ramps
seemed
to
be
operated
as
well
as
we
can
expect.
A
B
I
would
say
it
depends,
but
I
usually
expect
to
find
something
significant
and
report
worthy.
There
were
minor
issues
here
and
there,
but
nothing
that
seemed
to
rise
to
the
level
of
needing
to
put
in
a
finding
and
require
either
a
contract
update
or
a
contract
revision
or
a
contract.
Review
example
of
this
is
some
of
the
elevators
had
expired
registration
certificates
posted
which
ended
up
being
a
non-issue
because
that
doesn't
correlate
with
elevator
inspections.
B
A
C
You,
madam
chair
I,
believe
I
had
two
questions.
Actually
one
was
I
just
wanted
to
make
sure
that
I
understood
this,
because
it
did
seem
like
a
very
large
contract
without
any
findings
at
the
end
that
it
included
the
fiscal
side
of
it
as
in
an
independent
fiscal
audit.
So
is
there
some
did.
Your
work
include
some
reconciliation
of
cars
go
in
cars,
go
out
money
and
some
kind
of
reconciliation
between
those
two
factors.
We're
not.
B
B
Believe
we
did
go
through
the
reconciliations
that
are
kept
and
made
by
ABM
to
track
this
sort
of
work
on
their
end
and
that
they
were
accurate,
but
I'd
have
to
double-check.
So
it
was
more
of
a
assessing
whether
or
not
their
controls
seem
to
be
functioning
well
and
whether
or
not
the
reconciliations
they
were
doing
appeared
to
be
accurate.
My.
B
B
D
B
A
You
other
thoughts
and
question
I
guess
not.
May
I
have
a
motion
to
receive
file
and
publish
this
report
moved
by
mr.
Fisher
seconded
by
mr.
Schrader.
Sorry,
a
councilmember
Schrader,
all
those
in
favor
of
the
motion,
please
say
aye
aye
opposed,
say
no
but
eyes
and
this
motion
passes.
So.
Finally,
today
we
will
hear
a
presentation
on
our
2018
internal
audit
plan
from
mr.
A
B
You,
madam
chair,
for
the
audit
plan.
Presentation
I
broke
the
plan
up
into
three
parts,
so
the
first
part
will
be
the
audit
projects
that
our
internal
audit
staff
will
be
handling.
The
second
part
will
be
consultations
and
staff
directions
and
other
items
that
will
we'll
be
addressing
this
year
and
the
third
slide
covers
the
projects
that
will
be
headed
up
by
the
coast.
It
auditors,
backbone
consultants.
B
So
the
first
portion
are
the
audits
that
we
are
planning
to
execute
this
year.
The
first
three
items
on
here
are
carryovers
from
the
2017
audit
plan,
which,
due
to
staffing
and
extra
projects
that
were
added
on
to
the
plan
last
year,
ended
up
being
in
various
states
of
completion,
but
not
quite
finished
2017.
B
So
there's
two
third
party
audits,
one
of
meet
Minneapolis,
which
is
about
halfway
finished
currently
and
part
of
audit
of
diversion
solutions
which
was
included
at
the
request
of
City,
Attorney's
Office
and
diversion
solutions
is
the
organization
that
runs
programs
to
assist
individuals
with
obtaining
their
licenses
after
they've
had
so
many
tickets
that
caused
their
licenses
to
be
revoked.
So
they
work
with
the
state
and
with
various
jurisdictions.
B
They
enable
people
to
do
things
like
get
a
license
so
that
they
can
go
to
work
so
that
they
can
pay
off
their
fees
that
they
can
keep
their
license.
Otherwise,
folks
can
easily
fall
into
the
problem
of
losing
a
license
being
unable
to
go
to
work
being
unable
to
pay
tickets,
getting
late
fees
and
spiraling
downwards,
where
most
of
the
way
through
that
project
right
now
and
the
final
carryover
is
a
payroll
audit
which
we're
focusing
on
our
internal
controls
and
reviewing
whether
or
not
there's
any
instances
of
payroll
fraud
at
the
city.
B
That
audit
was
intended
to
happen
late
2017
to
correspond
with
a
lull
for
the
finance
department
in
terms
of
year
and
close
materials,
but
we
had
a
body
camera
audit
that
we
sunk
significant
time
into
and
we're
currently
waiting
a
little
bit
until
you're
in
close,
has
closed
out,
and
the
financial
audit
by
the
state
auditors
has
closed
out
and
then
we'll
be
continuing
that
a
little
bit
later
in
the
year.
The
first
new
audit
on
here
and
the
second
one
both
relate
to
records
retention.
B
We
want
to
get
through
this
project
this
year,
so
that
they're
not
trying
to
figure
out
what
to
do
with
pieces
of
paper
at
the
last
minute
as
they're
moving
see
pad,
was
also
very
interested
and
happy
to
have
this
project
be
done.
So
I.
Think,
though
there
will
be
a
very
good
partnership
and
as
part
of
this,
these
two
audits.
We
hope
that
the
city
clerk
records
staff
picks
up
some
new
tricks
and
are
able
to
execute
similar
projects
across
the
city
to
help
them
manage
records
in
the
city.
B
The
final
audit
on
here
is
a
grant
management
audit
reviewing
both
the
city's
and
the
park
board's
practices
for
managing
grants
of
various
sizes.
It's
not
going
to
be
targeting
any
one
specific
grant,
except
for
maybe
as
part
of
our
sampling,
to
make
sure
that
things
are
actually
being
executed
properly,
but
it's
more
looking
at
our
controls
and
how
we
monitor
our
grants
and
ensure
that
we're
compliant
with
there
were
strings
that
were
attached
to
those
grants.
In
part.
B
This
audit
came
about
because
the
state
auditor's,
comprehensive
annual
financial
report
identified
some
grant
compliance
issues
at
the
park
board,
and
it
seems
like
a
time
when
there
might
be
fewer
grants
available
for
us
to
use.
And
so
we
want
to
make
sure
that
we're
using
the
grants
that
we
do
get
effectively.
B
A
You
mr.
vasilia
I
want
to
I,
want
to
point
out,
and
you
might
have
just
and
I
just
lost
track
of
it
for
a
second
that
grant
making
is
a
very
decentralized
function,
and
this
is
important
to
do
and
it
was
highlighted
in
the
kafir'
state
auditor's
report
over
the
past
couple
of
years.
I
believe
I
just
wanted
to
point
that
up.
A
B
B
For
consultations
and
projects
we
are
the
first
item
on
here
is
a
little
complicated.
We
flagged
affordable
housing
as
a
priority
area
and
as
an
area
where
a
lot
of
City
objectives
and
goals
seemed
to
circle
around,
as
I
was
doing
some
background
work
to
be
able
to
put
this
together.
We
identified
that
believe
it
or
not.
We're
not
the
only
group
thinking
that
and
so
there's
a
work
group
that
was
established
by
Mayor
Frye.
There's
now
City
Council
committee
focused
on
affordable
housing,
there's
a
long-range
planning
group
at
sea
bed.
B
That's
updating
the
comprehensive
plan
and,
of
course,
there's
some
audit
recommendations
from
a
lone
C
audit
that
was
done
a
few
years
ago
by
our
office
that
focus
on
goals
and
reporting
on
loan
programs.
That
also
overlap
with
this.
So
in
speaking,
with
C
pad
us
doing
an
audit
on
top
of
all
the
other
work,
that's
going
on
seemed
a
little
bit
invasive
and
possibly
even
distracting.
B
The
specific
ways
we
could
add
value
would
be,
from
an
audit
perspective,
to
validate
some
of
the
numbers
that
are
being
used
for
decision
making,
if
we're
blindly
relying
on
something
without
really
knowing
whether
or
not
it's
right,
that's
a
place
where
we
could
come
in
and
do
a
little
bit
of
work,
research
and
analysis
to
validate
that.
We
also
would
have
opportunities
to
do
research
or
assessments
of
arising
issues
as
they
come
up.
B
B
We
have
a
consultation
with
neighborhood
community
relations
group.
They
are
working
through
some
changes
to
how
neighborhoods
are
being
overseen
by
the
city
and,
as
part
of
that
involves
a
financial
component,
and
they
asked
us
to
weigh
in
on
potential
internal
controls
and
other
audit
related
and
risk
management
related
matters
that
they're
looking
to
put
in
place.
B
B
This
will
help
us
inform
this
will
help
inform
our
review
of
whether
or
not
we're
cutting
off
access
appropriately,
at
least
for
the
things
we
know,
and
this
will
also
help
inform
our
emergency
management
department,
as
they
are
working
to
update
the
citywide
emergency
action
plans
and
not
coming
here.
I.
Believe.
E
Course,
thank
you
ma'am
sure
this
mr.
facility
of
the
audit
or
consultation,
I,
guess
and
projects
concerning
business
continuity
and
disaster
recovery
seems
like
it.
An
immense
project.
I
mean
would
it
include
to
include
I,
assume
data,
but
it
could
include
auditing,
the
water
department
or
auditing
any
type
of
system
that
protects
the
citizens
of
the
city.
Is
that
an
accurate
assessment.
B
Madam
chair
mr.
Fisher,
the
scope
of
this
specific
project
is
more
of
an
inventory
of
known
systems
out
there
that
are
critical
and
whether
or
not
we
have
a
disaster
recovery
plan
and
how
the
department
went
about
identifying.
There
was
a
critical
system
and
putting
a
plan
together.
We're
not
conducting
any
in-depth
analysis
of
the
plans
themselves,
we're
kind
of
doing
a
data
gathering
mission
to
get
a
broad
picture
of
what
we
know
is
out
there.
D
D
B
B
A
B
And
this
left
side
identifies
the
work
that
will
be
done
by
RIT
auditors.
The
first
item
on
here
is
a
carryover
from
2015,
where
which
was
the
first
year
that,
as
identified
we'd,
be
doing
some
consultation
with
the
police
department
on
its
updating
of
the
police
records
management
system.
That's
been
in
the
works
for
many
years
by
the
police,
department
and
I
believe
they're
really
kicking
it
off
into
high
gear
right
now,
with
some
final
testing
and
reviews.
So
this
should
be
the
last
year
that
this
appears
on
on.
B
The
audit
plan
is
in
vitam
that
we're
working
on
the
odd
the
next
four
items
are
kind
of
part
of
the
business
continuity
system.
Access
theme
that
it
seems
like
their
work,
is
going
to
entail
this
year.
So
the
second
item
is
looking
taking
a
deep
dive
into
how
the
IT
department
has
done
their
business
continuity.
B
They've
stabbed
they
have
a
lot
of
systems
that
the
city
runs,
they've
gone
through
an
impact
analysis
process
and
they've
established
some
definitely
some
business
recovery
plans.
They've
also
had
some
potential
effects
from
budgeting
dollars.
That
that
that
will
be
part
of
the
assessment
is
to
review
whether
or
not
we're
really
effectively
addressing
the
risks
and
have
timely
recovery
plans
for
our
critical
systems
from
the
IT
perspective.
B
The
third
item
is
the
consultation
it's
on
hrs
new
separation
process,
HR
put
in
a
new
process
to
identify
how
access
should
be
cut
off
when
somebody
leaves
the
city
backbone,
we'll
be
reviewing
that
and
making
sure
that
it's
set
up
and
functioning
properly
and
that
people
are
being
terminated
from
the
various
systems
timely.
This
will
also
be
an
opportunity
for
us
to
grow
in
that
wider
survey
from
the
prior
slide
and
at
least
to
make
sure
that
all
the
critical
systems
we
know
of
get
flagged
somehow
during
separation.
B
A
Great
questions,
thoughts
so
that
concludes
the
rest
of
the
2018
audit
planned
scope
for
now,
anyway.
So
may
I
have
a
motion.
Treece
even
filed
this
report,
move
by
councilmember
or
Sami
seconded
by
mr.
Fischer,
all
those
in
favor
can
you
please
say:
aye
I
proposed
the
eyes
habit
and
this
motion
passes.
A
B
This
report
gets
presented
to
the
odd
committee
sometime
in
June,
depending
on
when
it
comes
out.
When
the
audit
committee
happens,
we've
had
a
staff
direction
in
the
past
to
provide
an
update
to
the
IO
Committee
on
progress
on
any
findings
that
were
identified
by
the
state
auditor,
and
that
is
what
you
see
before
you
today.
The
2016
audit
of
the
city
financial
statements
identified
two
recurring
and
two
new
findings,
three
of
which
were
corrected
and
the
finding
related
to
federal
award
program,
procurement
policies
and
procedures
is
still
in
progress
and
we're
working
to
develop.
B
The
state
auditor,
the
report
of
the
park
board,
identified
two
recurring
findings
and
no
new
findings.
One
was
for
some
adjusting
journal
entries
which
the
park
board
has
completed
and
one
related
to
federal
grants.
Cash
management
reporting
requirements
which
is
still
in
progress,
and
this
was
one
of
the
reasons
why
the
grant
audit
is
a
crane.
B
This
year
is
because
this
has
been
a
recurring
issue
for
federal
for
the
park
board,
and
we
want
to
make
sure
that
some
of
the
smaller
grants
that
the
park
board
has
are
being
managed
adequately
as
well,
because
the
state
audit
doesn't
cover
those
and
to
review
how
well
the
city's
managing
them,
because,
as
customer
Palmisano
highlighted
it's
a
decentralized
process,
we
have
a
few
key
people
here
and
there
at
the
city.
But
most
departments
have
some
sort
of
grant
that
they've
applied
for
or
managing.
They
want
to
make
sure
that
they're
doing
it
appropriately.
A
Mr.
Vasily,
if
I
want
to
point
out
for
my
colleagues
that
some
of
these,
for
example
the
sea
pet
loan,
one
that
is
on
the
other
page,
some
of
these
are
were
important
to
hold,
is
findings
and
are
now
being
looked
at
to
remediate
within,
like
a
software
conversion,
whether
it's
Elms
or
limbs
or
I
forget
the
Akron.
But
some
of
these
are
fixes
that
have
been
identified
and
on
it,
but
then
need
to
wait
until
some
investments
in
the
area
take
place,
but
they
they
are.
B
I'm
sure,
thank
you.
It's
a
number
of
these
findings
have
a
kind
of
grand
solution.
That's
the
end
of
a
several
step
process.
Some
of
the
initial
steps
were
taken,
especially
for
the
seabed.
One,
the
one
of
the
key
resolutions
to
a
lot
of
these
is
a
replacement
for
a
loan
management
system
that
was
custom-built
for
the
city
and
I.
Don't
know
how
many
decades
ago,
I
believe,
25
years
ago,
or
so
so
part
of
their
plan
that
they
provided
to
us
as
to
how
they
would
address
the
findings
included.
E
B
Madam
chair,
mr.
Fisher
part
of
our
work
is
going
out
communicating
with
the
department's
getting
the
responses
and
analyzing
those
we
had
staffing
changes
towards
the
end
of
last
year
in
October
for
the
individual
that
was
focused
on
doing
this
work
and
as
we
were
picking
up
the
pieces
and
addressing
the
staffing
departure
with
our
director
in
January,
we
got
caught
up
on
some
of
those,
but
not
all
those.
B
In
some
cases
there
will
be
delays,
because
one
finding
depends
on
note
these
other
steps
and
once
step
one
was
delayed
by
a
month
step
two
was
not
delay
by
an
extra
month.
You
know
and
that
cascades
down
it
really
depends
on
a
case-by-case
basis.
If
there's
a
specific
question,
I
can
definitely
look
into
the
detail,
but
I
don't
have
a
nuanced
answer
for
everyone
off
the
top
of
my
head.
I
apologize.
E
B
Madam
chair
mr.
Fischer,
in
terms
of
having
the
most
the
most
cutting-edge
most
recent
status,
that's
on
us
in
terms
of
some
of
the
items
getting
delayed
several
months
or
even
a
year.
That
is
part
of
the
oddities
work,
to
address
the
issues
as
to
why
any
one
of
those
is
lagging.
I
would
need
to
get
back
to
you,
but
and
in
some
cases
it's
a.
This
was
what
they
Department
thought
they
could
accomplish
in
this
timeframe,
and
reality
was
different.
A
Thank
you.
I
also
want
to
point
out
that
I'm,
a
former,
a
former
audit
committee
member,
suggested
that
we
really
keep
track
of
these
and
every
single
meeting
go
over
the
audit
findings
so
well.
It
looks
like
just
a
really
cursory
look
and
that
progress
takes
a
while.
It
is
helpful
for
us
to
keep
in
front
of
ourselves
and
to
keep
working
with
the
department,
so
I
I
do
appreciate
this
effort
of
keeping
this
table
up
to
date.
So,
thank
you.
Did
you
have
anything
more
on
your
audit
report.
B
I'm
curious
first,
a
comment
on
your
statement
is
as
part
of
any
of
our
audit
processes.
If
we've
issued
a
recommendation
and
there's
findings
and
recommendations
on
a
report
for
our
process
to
finish
out
that
audit,
we
must
do
our
follow-up
work.
So
this
table
is
a
reflection
on
work
that
we
have
to
do
to
accomplish
our
jobs
as
auditors
and
we're
very
happy
to
share
it
with
you.
But
it's
not
a
lot
of
extra
work
to
assemble
it,
we're
not
doing
it
just
for
the
other
committee.
It's
a
critical
part
of
our
work,
good.
B
We
are
working
actively
on
the
diversion
solutions,
third
party
audit
and
the
meeting
appleĆs
third
party
audits
and
we'll
be
picking
up
the
payroll
audit
in
the
next
few
months.
I
expect
we
had
a
little
bit
of
background
and
data
collection
for
that
project
last
year.
Well,
we're
almost
beginning
it
fresh
this
year
when
time
is
appropriate
for
finance
to
let
us
get
back
in
there
and.
B
Finally,
I
did
want
to
highlight
that
we
have
a
new
staff
member
as
a
November
of
last
year,
Ethan
Rakhine,
and
we
are
also
anticipating
a
new
senior
internal
auditor,
starting
in
the
next
week
or
two,
which
will
bring
us
to
three
non
director
FTEs
for
the
first
time
ever,
which
is
great
and
should
help
us
actually
accomplish
that
lengthy
audit
plan.
That
was
a
few
slides
ago,
because
we'll
have
three
sets
of
hands
working
on
it.
B
And
then
a
few
initiatives
that
were
working
on
that
aren't
really
projects,
but
we
are
working
on
a
policy
procedure
review
and
refresh
some
of
the
items
we've
still
got
out
there
for
policies
and
procedures
are
carryover
from
the
team
that
was
in
place
from
2010
to
13.
So
it's
definitely
time
to
go
back
and
take
a
look
at
those
and
in
part
to
try
and
connect
what
we're
doing
to
the
standards
issued
by
the
Institute
of
Internal
Auditors,
with
the
goal
of
getting
a
peer
review
done
sometime
in
2019
or
2020.
B
F
A
Thank
you.
I
do
also
want
to
take
a
moment
to
announce,
though
mr.
vasilia
have
just
did
that
that
our
previous
city,
internal
auditor
will
Tetzel
did
leave
the
city
at
the
end
of
last
year.
He
did
go
back
to
the
private
sector.
We
thank
him
for
his
service
to
the
city
of
Minneapolis
I.
Thank
him,
especially
in
helping
to
build
what
was
an
empty
audit
department
when
he
stepped
in
to
the
city
here
and
also
to
this
committee.
A
He
did
a
lot
of
work
to
help
us
improve
as
a
as
a
committee
and
as
an
oversight
to
what
it
means
to
the
city.
So
I
think
we've
made
a
lot
of
progress
in
the
last
few
years
in
terms
of
how
audit
functions,
how
we
hold
the
public,
trust
and
and
will,
and
his
staff
deserve
a
lot
of
credit
for
that
work.
So
the
internal
audit
position
is
now
vacant
and
it
is
posted,
and
we
will
continue
to
keep
the
committee
in
the
loop
on
our
hiring
process.
A
Okay,
this?
The
auditor's
report
is
a
receive
and
file
motion.
So
may
I
have
a
motion
for
that,
so
moved
and
seconded
all
those
in
favor.
Please
say:
aye
aye
opposed
that
carries
with
that
colleagues.
We've
completed
all
the
items
on
our
agenda
so
seeing
no
further
business
to
be
presented.
This
meeting
is
adjourned.