►
From YouTube: February 11, 2019 Audit Committee
Description
Minneapolis Audit Committee Meeting
A
Good
morning
welcome
to
our
scheduled
audit
committee.
I'm
gonna
go
ahead
and
get
started.
We
have
a
couple
people
that
are
just
on
their
way
in
now
with
me
here
on,
the
dais
is
Park
Board
Commissioner,
Chris,
Meyer,
councilmember
Jeremy
Schrader
will
soon
be
joined
by
mr.
Scott
Neal
who's
just
getting
in
and
finding
a
place
to
park.
Here
it's
been
a
snowy
morning
and
councilmember,
where
sami
will
be
here
momentarily.
So
I'm
going
to
I'm
going
to
ask
that
we
adopt
the
agenda
as
before
you
we
have.
A
We
have
three
audits
to
accept
and
discuss,
and
then
we
also
have
a
closed
session
on
on
pins,
which
is
our
police
information
system.
So
all
those
in
favor
of
adopting
the
agenda,
please
please
signal
by
saying
aye
aye
opposed
that
carries
also
before
you
are
the
minutes
from
our
last
meeting,
which
was
actually
back
in
october
october.
15Th
of
2018
I
did
look
over
those
at
agenda.
Setting
I,
don't
have
one
in
front
of
me
right
now,
but
I
moved
to
accept
those
minutes
of
our
previous
meeting.
A
All
those
in
favor,
please
signify
by
saying
aye
aye
opposed
that
carries.
We
have
with
us
today
all
of
our
audit
reports
and
all
of
those
people
that
have
been
audited.
So
thank
you
for
joining
us.
The
first
one
is
AEG
and
Target
Center
our
contract
audit
report.
Thank
you,
Jeff
Johnson,
for
being
here
and
I'll,
go
ahead
and
start
with
you,
director,
Bigby.
B
C
C
The
otoscope
included
two
main
processes.
The
contract,
management
and
oversight
was
one
aspect
of
the
processes
we
looked
at
in
the
levy
concessions.
So
levy
is
the
company
that
age
he
contracted
we've
to
provide
food
and
beverage
services
to
the
erener.
Our
work
on
the
contract,
management
and
oversight
process
included
a
review
of
AG
policy
and
procedures,
service
level
agreements,
expense
management
and
financial
reporting
and
even
booking,
and
our
work
on
the
levy,
concession
included,
a
review
of
SLA
management
and
support
for
financial
transactions.
C
Three
issues
were
noted
as
a
result
of
this
audit
two-way
rated,
moderate
and
one
low.
The
to
moderate
issues
include
the
following:
the
first
one
which
Lori
Johnson
we
speak
to
is
we
noted
that
the
city
does
not
perform
a
detailed
financial
review
around
the
eg
Target
Center
contract
compliance
and
the
second
issue
which
Jeff
Johnson
will
speak
to
is:
there's
no
centralized
tracking
and
monitoring
of
issues
or
complaints
received
from
multiple
sources
related
to
events
at
the
Target
Center.
C
Alright,
chair
problems,
I
know,
committee
members
as
part
of
the
audit.
We
we
met
with
AG
management
and
the
city.
We
spoke
of
the
city
to
understand
what
kind
of
financial
reviews
they
do
for
eg
and
the
city
attends
monthly
meetings
with
Ag,
where
AG
present
financials
to
them
due
to
the
proprietary
nature
of
the
data.
The
city
cannot
take
the
data
out
of
the
meetings
they.
C
They
just
are
presented
with
the
data
that
they
can
review,
but
we
thought
this
was
not
enough
review
to
make
sure
that
there
were
no
issues,
so
we
performed
detailed
review
of
a
sample
of
transactions
and
we
did
not
note
any
issue.
So
we
are
pretty
comfortable
that
there
were
no
issues
but
with
just
noting
this
as
an
issue,
but
because
something
could
have
happened
and
and
go
unnoticed
by
the
state
and
city
management.
I
created
recommendation
and
Laurie
will
speak
to
that
data
later.
C
C
A
A
At
this
stage
for
my
colleagues,
it
may
not
be
as
familiar
with
this
over
the
course
of
the
last
year.
In
2017
city
council
endorsed
a
significant
amount
of
money
to
do
renovations
to
the
Target
Center,
and
the
reason
that
this
target
that
this
audit
happened
was
we
want
to
know
if
we're
getting
our
money's
worth
it,
it's
the
people's
money,
and
we
want
to
make
sure
that
we're
getting
that
this
was
a
good
investment.
So
that's
kind
of
the
initiative
of
why
we
embarked
on
this
type
of
audit,
miss
Johnson's,
good.
D
A
Question
any
other
questions
from
my
colleagues:
okay
nope
right
now,
Scott
Neil
will
be
here
momentarily,
might
have
a
couple
questions
and
we'll
just
go
back
as
as
he
does,
but
that's
mine
go
ahead.
C
D
Thank
you
again,
chair
Palmisano
committee
members,
Laurie
Johnson,
deputy
chief
finance
officer
here
to
talk
about
issue
1
and
how
finance
will
address
that
we
will
engage
in
an
annual,
detailed
financial
audit
of
AEG.
We
will
use
our
financial
manager
in
the
internal
control
division
of
our
controllers
area.
We
intend
to
look
at
the
finances
very
thoroughly,
we'll
look
for
trends,
red
flags,
any
irregularities
that
we
find
as
we
find.
Those
will,
of
course,
engage
the
internal
audit
division,
our
department
as
well
to
assist
us
with
that
auditing
component
and
as
needed.
D
We
would
engage
the
attorney's
office
or
in
the
city
coordinators
office
and
as
I
mentioned
previously,
we
will
also
work
closely
with
Jeff
Johnson,
as
he
has
a
finger
on
this
contract
and
we
will
begin
that
process
soon
and
we
will,
as
the
report
says,
have
some
sort
of
resolution
to
that
by
August,
8th
of
August
2019.
So
with
that
only
answer
any
questions
that
you
may
have
any.
E
A
G
You
think
you
chair,
Palmisano
committee
members,
again
I'm
Jeff,
Johnson
I'm,
the
executive
director
of
the
Minneapolis
Convention
Center,
but
also
as
part
of
my
role
with
the
city.
I
am
the
contract
manager,
I,
oversee
AEG
and
their
operations
at
the
Target
Center.
So
first
of
all,
I
want
to
thank
the
audit
department
for
working
with
us
and
bringing
this
forward.
G
So
if
we
look
at
item
number
two
as
outlined
in
the
report,
it
does
deal
with
management
of
customer
complaints.
Currently
AEG
receives
a
lot
of
inputs
from
different
sources.
They
have
a
survey
directly
with
Timberwolves
and
lynx
fans
that
they
get
feedback
from
and
then
they
also
take
feedback
from
members
that
are
client
customers
that
are
coming
to
events
like
concerts,
Minnesota,
State,
High,
School,
League
events,
and
they
take
those
comments
and
in
in
various
ways
either
in
person
at
the
event
or
after
the
event.
G
Emails
phone
calls
texts,
social
media,
and
so
what
the
audit
came
forward
and
the
internal
audit
department
came
forward
and
said
that
there
really
wasn't
a
centralized
area
where
we
could
put
all
of
that
information
together
and
then
watch
for
trends,
and
so
as
part
of
our
monthly
management
meeting.
We
will
make
sure
that
we
bring
all
of
that
information
together
at
the
management
meeting
and
talk
about
trends.
G
Talk
about
what
we're
seeing
and
where
issues
are
it's
so
that
we
can
make
sure
that
ahe
is
watching
those
customer
service,
complaints
or
issues
and
resolving
them
going
forward.
So
we
think
this
will
really
do
a
good
job
of
making
sure
that
those
issues
come
to
the
forefront.
If
I
may
I
know,
I
don't
have
to
talk
on
item
number
three,
but
if
I
could.
A
G
We
do
have
another
meeting
that
we
attend
monthly
and
generally,
that
meeting
has
been
a
capital
and
repair
meeting.
We
are
going
to
add
these
maintenance
issues
on
to
that
meeting,
and
so
every
month
we
will
sit
down
and
talk
about
maintenance.
Look
at
some
of
the
documentation
of
what's
been
done.
In
addition
to
talking
about
the
Capitol
and
repair,
we
also
have
a
city
employee.
G
He
is
a
project
manager
that
oversees
capital
projects
at
the
Target
Center
we're
going
to
engage
him
more
in
really
taking
on
more
of
an
ownership
of
these
maintenance
and
and
being
more
engaged.
He
works
with
AEG
staff,
almost
on
a
daily
basis
and
so
making
sure
that
that
is
a
focus
for
him
going
forward.
So
we
feel
like
again
great
information
coming
out
of
this
audit,
where
we
can
really
sharpen
the
pencil
and
make
sure
that
we're
watching
and
and
that
the
community
is
getting
a
great
return
on
its
investment.
G
As
you
noted,
the
Target
Center
is
a
great
facility
for
Minneapolis
I.
Think
the
renovation
I
have
not
heard
a
negative
thing
as
far
as
the
build-out
itself
and
and
how
it
has
really
been
put
into
action,
and
so
we're
very
excited
about
where
the
Target
Center
can
go
even
before
the
renovation.
We
knew
that
the
Target
Center
brought
over
100
million
dollars
in
economic
impact
to
the
city
each
year
and
this
renovation,
this
prod
project
itself.
G
A
G
Just
this
last
weekend
to
sold-out
shows
for
Eric
Church
coming
up
here
in
a
couple
of
weeks
to
sold-out
shows
for
sir
Sir
Elton
John,
sorry
that
I
didn't
hit
that
one
right,
but
again
a
lot
of
activity
all
of
the
high
school
tournaments
that
are
coming
up.
This
is
a
great
resource
for
the
community
and
a
great
thing
for
Minneapolis.
Thank.
A
You
all
right
with
that
I
think
we
can
go
ahead
and
I'll
make
a
motion
to
receive
and
file
the
AEG
contract
management
audit
report.
All
those
in
favor,
please
signify
by
saying
aye
aye
opposed
that
carries
all
so.
I
should
have
done
this
just
together,
but
I
also
to
direct
staff
to
publish
the
report.
All
those
in
favor,
please
say:
aye
aye
opposed
that
carries.
Thank
you.
Direct
your
Big
B
go.
B
Ahead,
Tara
Palmisano
audit
committee
members
I
wanted
to
take
a
moment
to
thank
Jeff,
Johnson
and
Lorie
Johnson
for
speaking
today
and
I
think
they're
a
good
example
of
how
collaborative
management
teams
can
produce
more
efficient
operations
for
the
city,
so
their
willingness
to
collect
data
and
analyze
data
and
having
the
expertise
of
Finance
contribute
to
the
oversight
of
the
AEG
Target
Center
contract
I
think
is
going
to
be
a
great
thing
going
forward.
So
thank
you.
A
Director
before
we
go
into
the
next
one,
a
question
from
the
days
before
we
started
today,
could
you
help
us
in
the
public
just
understand
the
difference
between
a
full
audit
like
we
just
did
and
what's
coming
next,
which
is
a
consult?
Could
you
just
help
us
sure
delineate
why
we
would
do
one
thing
versus
another
and
that
type
of
thing
sure
an.
B
Audit
is
an
independent
and
objective
review
of
a
process
or
a
department
activities.
We
there
would
be
a
specific
objective
and
scope
for
the
audit
and
we
would
follow
the
planning
risk
assessment,
fieldwork
and
reporting
processes
as
promulgated
by
Professional
Standards.
The
difference
in
a
consultation
is
that
a
consultation
might
be
requested
by
management
for
a
process
that
they're
developing
or
a
system
that's
being
developed,
or
they
might
want
a
review
of
a
model
or
a
framework.
So
it's
a
more
specific
target.
B
Generally,
a
lighter
lift
from
the
audit
department,
resources
and
there's
not
necessarily
audit
issues
that
would
come
out
of
a
consultation.
There
could
be
recommendations
for
management
that
don't
require
formal
management
responses.
I'd
like
to
note
that
there
could
be
formal
audit
issues
that
come
out
of
a
consultation
if
the
audit,
if
audit
detects
that
there
are
significant
risks
or
gaps
in
the
control
environment
that
are
not
being
adequately
addressed.
So
would
you
like
me
to
great
we
have
our
next
report?
H
Morning,
chair
Palmisano,
Audit,
Committee,
Thank
You,
director
Bigby,
as
you
mentioned,
this
was
a
consultation
on
the
timeliness
of
the
separation
process.
To
give
you
some
background,
a
new
process
was
put
in
using
a
tool
called
ServiceNow
to
basically
track
manage,
as
well
as
requests.
Sorry
request,
manage
and
track
all
of
the
termination
access
removals
from
the
city
Network.
This
was
put
in
in
November
2017
and
it
was
in
deployed
with
the
intent
of
minimizing
the
time
line
between
when
a
user's
last
day
of
access,
that's
needed
and
daily
access
was
terminated.
H
A
H
The
core
issue,
or
what
we
did,
that
one
was
more
on
the
timing,
this
aspect,
which
kind
of
drove
the
implementation
of
the
ServiceNow
tool
to
health
streamline
and
make
it
more
efficient
and
organize
it
so
yeah.
This
did
come
out
of
a
previous
review
that
was
done
on
the
HR
processes,
but
our
specific
work
was
more
around
the
timing
as
a
removal
of
access
and
not
necessarily
the
payroll
aspects.
I
see.
A
And
I
should
have
pointed
this
out
in
the
beginning,
but
we
do
have
our
HR
director
patients
Ferguson
here
with
us
as
well,
and
so
I
invite
audit
committee
members
to
to
perhaps
direct
questions
or
have
a
question
I'll
try
to
direct
it
to
the
appropriate
person.
I
apologize
I
probably
should
have
been
asked
patients
to
the
for
that
one,
but
go
ahead.
H
H
Good,
so
the
scope
and
approach
we
took
as
we
obtained
the
raw
data
from
ServiceNow
from
the
period
of
November
1st
2017
through
September
30th
2018.
So
we
had
11
months
worth
of
data
to
look
at.
We
put
it
through
a
pure
for
our
analysis
tools
and
the
results
were
it
took
about
21
days
or
20.9
0
to
be
specific
on
average,
for
removal
of
access
being
submitted
after
the
last
day
worked.
So
they
are
appendices
in
the
back
over
here.
H
H
A
couple
of
observations
we
noted
is
that
the
last
day
worked
and
ServiceNow
does
not
necessarily
equal
their
term
date
in
human
resources
files
and
the
main
reason
for
that
is
probably
because
of
benefits
expiration
extending
past
the
last
day
of
worked,
and
you
know,
and
the
other
one.
We
noticed
that
employee
IDs
were
not
consistently
noted
in
the
ServiceNow
tickets.
59
out
of
the
643
tickets
we
looked
at,
did
not
have
an
employee
ID
field
in
there.
H
It's
important
to
kind
of
put
that
in
for
multiple
traceability
and
comparison
for
audit
purposes,
as
well
as
completeness
of
the
entire
ServiceNow
ticket,
and
the
last
thing
we
noted
as
an
observation
was:
the
departments
are
not
accurately
entered
into
service.
Now
we
noted
one
employee
was
known
as
the
HR
department,
but
they
were
actually
part
of
the
internal
audit
department,
so
we
were
able
to
identify
some
data
inconsistencies
and
that's
why
our
recommendations
were
to
make
the
employee
ID
a
required
field
in
service.
H
Now
for
off-boarding
requester,
you
can't
even
complete
the
ticket
till
you
put
the
employee
ID
in
and
another
item
you
recommended
is
to
do
input,
quality
checks
or
a
direct
feed
from
PeopleSoft
HR.
That
ties
a
person's
department
accurately
together
in
the
tickets,
so
that
we
have
a
much
better
higher
quality
of
data
to
analyze.
D
I
You,
madam
chair,
mr.
de
souza,
two
questions.
Actually
I,
don't
know
if
you
did
the
man
the
on
the
computation
of
the
average.
That
was
the
twenty
point.
Nine
days
is
the.
Do
you
suppose
the
the
median
of
that
field
is
probably
closer
to
single
digits.
I
mean
it's,
it
looks
like
most,
people
did
yeah.
H
I,
don't
know
the
median
at
the
top
of
my
head,
but
it
would
indicate
based
on
statistics
that
I
know
that
it
would
be
around
this
single
digit
date.
I'd
see
a
bulk
of
that
is
in
the
single
digits.
There
are
some
that
go
into
the
11
to
17
mark,
as
you
can
see,
so
there
are
some
stragglers
out
there,
but
overall
it
the
process
is
working
and
it
is
working
a
lot
better
than
what
we
had.
Thank.
I
You
and
the
second
question
was
the
the
what
happens
at
twenty
point:
nine
days,
that
that
time
period
where
someone
is
someone's
leaving
but
their
access
is
that
turned
off
right.
If
that's
that's,
what
we're
talking
about
was
there?
Was
there
evidence
of
some
of
access
of
persons
accessing
the
system
after
their
departure
day?
That's.
H
A
great
question
we
had,
since
it
was
a
consultation
we
stopped
at
just
reviewing
this.
We
didn't
go
into
the
network
level
data.
We
wanted
to
see
how
effective
and
efficient
this
new
process
is
being
put
into
place,
and
that
would
be
the
next
organic
outcome
of
the
next
thought.
It
would
be
more
to
dig
down
deeper
into
network
specific
access,
but
it
comes
down
to
more
of
when's
the
actual
employees
last
working
dates.
Is
it
the
day
their
benefits
end,
or
is
it
the
day,
their
last
physically
working?
I
D
A
J
A
J
I
do
think
that
this
is
still
a
marked
improvement
over
what
we
had
previously
and
some
of
you
may
or
may
not
know.
This
is
going
from
a
manual
process
to
a
digital
process,
and
it's
also
about
taking
a
much
more
enterprise-wide
approach
which
we
did
not
have
before
now.
There
are
some
other
things
that
we're
also
doing
to
even
streamline
this
even
more.
We
have
a
work
group
comprised
of
various
people
within
the
enterprise.
That's
really
looking
at
even
moving
us
more
toward
a
digital.
J
What
we
call
in
a
digital
work
for
us,
and
so
we're
hoping
that
some
of
the
kinds
of
improvements
that
we're
having
across
departments
is
actually
going
to
help
drive
this
to
be
more
efficient.
And
what
prompted
that
workgroup
is.
Quite
frankly
because
we
are
going
to
be
are
in
the
process
of
moving
to
another
building.
And
we
want
to
make
sure
that
we're
having
a
much
more
efficient
process
in
place
that
we
are
not
having
as
much
paper
we're
going
to
go
to
more
of
a
paperless
system.
A
Thank
you.
Do
you
think
the
digital
workforce
that
you're
setting
up
do
you
think
that
would
help
drive
consistency
and
how
people
are
enabled
or
allowed
to
take
vacation
past
their
end
date?
Would
that
create
a
common
way
of
doing
that
because
it
seems
very
different
based
on
what
department
you
are
you.
J
Know
that's
a
good
question
and
I
don't
know
if
I
have
an
answer
for
that.
Quite
frankly,
I
think
that
that
is
one
of
the
pain
points.
Quite
frankly
in
the
city
is
around
this
whole
piece
around
vacations.
As
you
know,
and
many
of
you
know
and
I
think
that
that
was
in
part.
What
has
helped
to
raise
this
up
is
that
we
are
now
seeing
and
having
data
we
have
documentation.
That
shows
that
that
isn't
being
consistent
as
opposed
to
antidotal
data.
A
Would
invite
my
colleagues
to
look
back
to
that
audit?
It
was
a
few
years
ago,
but
it
was
about
employee
separations.
Mr.
Neal,
did
you
have
a
question
or
comment
one
question:
if
we
do,
if
we
do
consider,
if
we
are
able
to
correct
the
employee
ID
field
for
all
the
off
boarding
tickets,
if
we
did
have
employee
IDs
in
all
of
them,
how
exactly
would
that
address
some
of
the
issues
identified?
I
guess
maybe
that's
not
the
right
question
for
you,
but.
A
H
Sure,
chair
Palmisano
audit
committee
members
having
the
employee
ID
field
completed
and
filled
in
helps
us
to
correlate
the
ServiceNow
data
to
the
HR
file
data
and
PeopleSoft
based
on
employee
ID.
So
we
have
an
accurate
match
compared
to
doing
it
by
first
name
last
name,
which
may
result
in
a
potential
discrepancy,
because
we
could
have
multiple
folks
with
potentially
the
same
name.
So
it
helps
maintain
a
unique
identifier
and
in
order
to
help
provide
that
link
between
PeopleSoft,
a
char
and
the
ServiceNow
system.
Thank.
H
Jim
Meier,
just
to
let
you
know,
one
of
the
reasons
why
I
called
out
out
here
is
that
departments
are
not
accurately
entered
in
service,
not
tickets,
so
we
are
not
sure
how
many
of
those
I
miss
entered
or
how
many
of
those
are
accurate.
That's
the
other
issue
as
to
why
we
wanted
a
automated
sink
yeah
and.
H
A
E
Director
of
security
services
in
IT,
some
of
those
outliers
that
you
see
are
clean
up
from
several
years
of
accounts
issued,
especially
in
public
works.
It
happens
that
are
either
never
used,
and
if
we
don't
get
any
society
doesn't
get
an
off
boarding
request
or
any
kind
of
notification
that
that
person
is
gone.
We
don't
have
a
wave
telling
us
about
telling
any
or
you
know
turning
it
off,
because
we
don't
know
for
sure.
So
we've
been
doing
audits.
E
My
team
has
been
doing
audits
over
the
last
year
to
clean
up
a
lot
of
those,
so
I
think
what
you're
seeing
now
is
evidence
of
when
we
discover
one
of
these
abandoned
accounts,
we
closed
it
out.
We
run
it
through
an
off-boarding
process,
just
to
make
sure
that
everything
else
is
turned
off
that
needs
to
be
turned
off
besides
just
network
access,
so
that's
I
think
where
some
of
those
long
longitudinal
I
just
come
from.
Thank.
K
K
B
A
B
You
we
next
have
another
consultation
of
the
park
board:
body-worn
camera
compliance
of
readiness
review
you
get
as
the
lot
will
come
up
and
speak
to
the.
Why
we're
doing
this
consultation
and
then
I'd
also
like
to
note
in
our
audience
we
have
chief
AHA,
toe
and
lieutenant
Noble.
Who
will
speak
to
the
consultation
you.
A
C
Palmisano
committee
members
I'm
gonna
present
now
a
summary
of
our
consultation
of
the
park
board
body,
worn
camera
compliance
readiness.
This
was
requested
by
the
Park
Board
police,
as
they
wanted
to
make
sure
that
they
were
ready
for
an
upcoming
article
2020
and
through
this
consultation
we
wanted
to
assess
them.
The
park
board
police
readiness
to
demonstrate
compliance
with
state
statutes,
13.8
25,
portable
recording
systems
and
six
26.8
473
portable
recording
system,
adoption
written
public
policy
required.
C
And
as
a
result
of
this
consultation,
we
noted
opportunities
to
enhance
the
body,
worn
camera
policy
and
improve
monitoring
controls
to
better
prepare
for
the
by
you
know,
audit
that's
coming,
and
because
this
is
a
consultation,
we
communicated
all
the
results
to
detail.
The
results
with
the
oddity
and
I
will
actually
turn
it
over
to
them
to
speak
to
the
process
and
what
we
learn
from
from
it.
F
Chair
Palmisano
committee
members,
first
I
want
to
say
thank
you.
We
asked
the
audit
department
to
provide
this
consultation
in
anticipation
of
our
biennial
audit
that
will
take
place
the
end
of
2019
or
early
2020,
and
they
were
extremely
helpful.
So
first
thank
you
for
supporting
their
work
and
director
Big
B.
Thank
you
to
your
team
for
the
work
that
you
put
into
this.
F
We
learned
a
lot
from
the
consultation,
so
2018
was
the
park
board's
first
year
of
implementing
body
cameras
in
2017.
We
went
through
the
community
engagement
process
and
the
policy
development
and
implemented
body
cameras
in
January
of
2018.
So
over
the
last
year
we've
successfully
implemented
body
cameras.
We
saw
an
opportunity
after
that,
first
year
of
implementation,
to
review
our
policy
based
on
lessons
learned
from
MPD
and
as
best
practices
evolved
around
body
cameras.
F
We've
implemented
a
lot
of
those
best
practices,
a
few
of
the
opportunities
that
we
have
are
around
quality
assurance
and
managing
data
practices
in
the
park
board.
Data
practice
requests
actually
don't
come
through
the
police
department,
they're
handled
by
the
deputy
superintendent's
office.
So
it's
just
making
sure
that
that
those
processes
are
aligned
both
in
the
deputies
superintendent's
office
and
with
the
Park
Police
Department
and
then
bolstering
our
quality
assurance.
A
K
F
Yes,
Commissioner
Meyer,
so
we're
constantly
considering
policy
changes
around
body
cameras
based
on,
because
this
technology
is
so
new
and
the
laws
are
relatively
new.
There's
there
are
continual
interpretations
and
updates
made
by
the
legislature
so
leading
up
to
body
camera
implementation
in
2018.
There
were
significant
changes
around
data
practices
in
2016
and
2017
through
the
legislature
that
sort
of
led
us
to
the
policy
that
we
have
at
the
time
that
we
drafted
that
policy.
F
We
believe
that
that
was
a
model
policy,
but
as
body
cameras
have
become
more
common
in
law
enforcement,
and
we
have
had
the
opportunity
to
learn
through
implementation.
We
saw
after
a
year
of
implementation
that
it
was
a
good
time
to
review
our
policy
and
make
some
updates
I,
don't
know
that
we
will
review
that
policy
every
year
going
forward.
It
might
be
in
every
two
year
review,
but
it
is
important
that
we
make
sure
that
we're
complying
with
the
law
and
we're
following
best
practices.
K
B
B
K
B
K
B
K
For
the
other
recommendation,
you
recommended
that
testing
should
include
sampling
events
where
body
one
camera
recordings
are
expected
to
ensure
the
equipment
was
activated.
I
was
curious
about
that
one,
because
one
of
the
things
I
would
be
most
interested
in
knowing
is
first
of
all,
if
there's
compliance
I
think
are
they
being
activated
when.
K
F
Commissioner
Meyer
you're
speaking
to
the
quality
assurance
part
of
this
body,
worn
camera
program,
and
all
of
our
indications
is
that
our
compliance
with
policy
is
extremely
high.
We
are
working
with
more
formalized
how
we
do
quality
assurance
and
finding
a
good
way
to
go
in
and
randomly
sample
incidents
to
make
sure
that
officers
are
following
the
policy
appropriately.
K
L
K
C
F
K
I
B
Question
chair
Palmisano
audit
committee
members
I
wanted
to
also
reiterate
that
we
didn't
do
detailed
transaction
testing.
We
just
did
a
high-level
review
of
the
policy
for
policy
compliance
that
we
didn't
actually
test
footage
which
we
would
do
in
a
full
audit,
so
the
opportunities
for
enhancement
or
any
gaps
that
we
noted
are
in
the
the
spreadsheet
that
we
sent
to
management
so
for
obvious
reasons
before
they
actually
have
their
audit.
We
didn't
want
to
make
that
public.
B
A
B
So
we
we
are
trying
to
convert
our
annual
updates
to
the
audit
plan
into
a
rolling
audit
plan.
It's
just
the
depart
that
you're
on
share
promise
on
it.
Okay.
So
today
we
have
a
pretty
big
ask
for
adding
audits
and
consultations
to
our
audit
plan.
The
way
this
goes
out
seven
quarters
and
then
going
forward
every
time
we
close
audits
or
consultations.
We
would
ask
to
have
a
few
more
things
added
to
the
audit
plan
based
on
our
department
resources.
B
So
our
audit
plan
will
always
look
forward
about
seven,
eight
quarters
or
so
so
a
little
background.
The
city
of
Minneapolis
is
required
by
professional
standards
to
update
the
audit
plan
at
least
annually.
A
big
part
of
that
process
is
talking
to
city
leaders,
management,
department
directors,
so
we
conducted
interviews
starting
about
a
year
ago
and
then,
when
I
came
on
board,
I
started
meeting
with
City
Council
members
audit
committee
members,
most
recently
wrapping
up
with
department
director
meetings.
B
In
addition,
when
we
attend
other
committee
meetings
or
have
other
conversations
with
management,
if
we
note
risks,
we
track
them
in
a
workbook
that
we
have
to
keep
up
with
emerging
risks
and
concerns
from
management
and
I
will
talk
about
some
of
the
factors.
Other
factors
that
go
into
this
risk
assessment
process.
B
When
we
talk
about
risk
with
management,
they
are
not
all
familiar
with
the
same
terminology,
so
we
approached
the
conversations
with
management
by
talking
about
risks
and
risk
buckets.
So
we
talked
about
financial
risk,
which
is
pretty
obvious,
I,
think
compliance
could
be
compliance
with
contracts
or
other
regulations
or
laws
that
apply
to
that
program
or
activity.
B
Operational
risk
is
the
risk
that
your
department
or
your
programs,
goals
and
objectives
will
not
be
met.
Information
technology
risk
is
anything
relying
anything
pertaining
to
the
availability.
Security
of
data
cybersecurity
risk
is
risks
of
keeping
our
systems
and
our
databases
and
our
employees
safe
from
external
electronic
hacking
or
other
unauthorized
access,
public
health
and
safety
could
impact
I,
think
that
would
be
significant
for
the
park
board
and
other
activities
that
deal
with
the
public.
Public
works,
see
ped
health
department
and
then
strategic
risks
are
the
City
Council
the
mayor's
goals
and
objectives.
B
B
There
are
other
key
factors
that
are
important
for
prioritizing
City
risks.
It
includes
the
probability
and
impact
of
an
adverse
event
for
the
relevant
risk
categories.
So
when
we
talk
to
management
and
identify
key
risks,
now
we
have
to
measure
that
risk,
so
we
can
have
an
override
an
overall
citywide
view,
so
a
way
that
we
measure
risk
is
talking
about.
How
likely
is
it
that
something
will
go
wrong
and
that
there
will
be
an
adverse
event
and
then,
if
something
did
go
wrong?
What
is
the
impact?
B
B
Prayin
prior
and
current
audit
coverage
and
identified
issues?
So
once
we
have
some
risks
identified?
Have
there
been?
Has
there
been
any
audit
coverage
external
in
Tork
internal?
There
could
be
consultant
that
did
some
work
in
that
area
and
identified
issues
could
be
audit
issues.
State
auditor
issues
issues
from
external
consultants
that
were
hired
state
auditor
findings.
I
mentioned
that
a
internal
and
external
complaints,
including
fraud,
waste
and
abuse,
is
pretty
significant.
B
A
significant
number
of
incidents
of
fraud
are
identified
through
tips,
so
we
need
to
monitor
complaints
and
and
fraud
tips
that
come
in
and
what
activities
and
programs
are
those
related
to
the
strength
of
the
existing
control
environment.
If
we
know
that
there
are
significant
weaknesses
in
the
control
environment
and
and
the
impact
is
pretty
high,
that's
going
to
increase
the
risk
of
the
likelihood
that
there
will
be
audits
in
that
area,
the
maturity
of
management's
risk
assessment
and
risk
management
activities.
B
This
is
a
new
development
I
think
in
the
city.
The
private
sector
has
a
more
mature
risk
management
layer,
but
one
example
of
risk
management
at
the
city
would
be
the
internal
controls
team
that
has
identified
an
inventory
inventory,
financial
controls,
and
now
there
are
implementing
testing
of
those
controls
once
that
matures
an
internal
audit
can
do
limited
testing
of
that
process
and
that's
a
lighter
lift
from
internal
audit
resources.
In
addition,
the
Park
Board
is
an
example.
B
The
Park
Board
is
planning
on
designing
a
risk
assessment
program
and
once
that
matures
and
is
robust,
an
internal
audit
can
do
sample
testing
of
the
park
boards
risk
assessment
processes
and
management
action
plans.
It
offers
a
much
more
thorough
coverage
of
risk
citywide.
So
it's
very
exciting
to
see
these
processes
develop
in
the
city.
B
Another
factor
that
weighs
on
the
risk
assessment
process
is
management's
plans
to
implement,
implement
key
programs
or
key
systems,
so
it
is
advantageous
to
involve
internal
audit,
as
things
are
being
developed
that
way.
If,
if
we
notice
some
significant
gaps
or
risks
that
aren't
addressed,
you
can
address
those
before
you
actually
implement
your
program
or
system.
It's
a
lot
more
efficient
to
address
those
things
upfront
than
to
have
to
roll
back
and
redo
something
later
Thank.
A
B
Jericho
Misano
audit
committee
members.
That's
a
great
question
too,
to
give
you
a
picture
of
what
that
would
look
like
on
an
ongoing
basis.
An
example
would
be
an
investigation
and
let's
assume
that,
as
the
result
of
the
investigation,
we
noticed
a
significant
deficiency
in
a
computer
system
and
then
we
noticed
that
this
deficiency
impacted
multiple
departments.
B
So
we
could
either
do
a
consultation
with
management
to
fix
that
and
make
sure
that
all
risks
have
been
addressed
or
a
management
can
say:
that's
okay,
we
don't
need
your
help,
we're
going
to
fix
it
ourselves,
and
then
we
would
put
it
on
the
audit
plan
as
being
a
significant
risk
and
something
that
we
need
to
make
sure
is
closed
in
the
future.
So
that's
one
way
as
things
happen
over
time
and
there
are
emerging
risks.
A
B
Then
whether
we
can
either
push
back
or
delay
some
audits
that
are
on
the
plan,
or
we
can
remove
some
audits
that
are
on
on
the
audit
plan.
We
would
just
need
to
be
able
to
defend
why
we're
doing
that
and
our
overall
risk
assessment
process.
We
could
also
add
to
plan
keeping
everything
the
same
and
hire
additional
resources.
A
Okay,
I
do
want
to
point
out
that
mr.
Fisher,
who
can't
be
here
this
morning,
did
offer
this.
As
you
know,
he
teaches
at
the
law
school,
he
says,
he's
prepared
many
risk
management
plans
and
he
teaches
this
method
of
doing
so
it
at
the
law
school
and
the
law
schools
in
which
he
is
taught.
So
he
says
he
fully
approves
of
the
design
and
approach
is
submitted
by
director.
Baby
I
too,
am
inclined
to
support
this.
A
B
B
B
So
this
is
a
very
high
level
inherent
risk
heat
map
for
the
city,
because
the
heat
map
can
get
very
busy.
We
didn't
break
down
departments
by
their
key
functions,
although
it
is
broken
down
in
more
detail
in
our
workbook
I
wanted
to
mention
that
we
added
succession
planning
which
of
course,
is
not
a
department
or
a
program,
but
it's
a
thematic
issue.
That's
impacting
all
city
departments,
and
even
though
we've
talked
about
it,
HR
has
addressed
this
significantly
over
the
last
couple
of
years.
B
A
B
On
this
heat
map
itself,
we
didn't
we
passed
it
by
departments
for
feedback,
and
nobody
asked
for
any
adjustments,
but
is
behind.
The
heat
map
is
all
based
on
Management,
Department
discussions
and
then
the
other
inputs
that
I
mentioned
current
audits
and
that
sort
of
thing
this
I
wanted
to
mention
that,
just
because
an
area
is
in
high
risks
such
as
police,
this
is
inherent
risk.
B
K
B
We
think
about
patron
safety,
the
police
activity,
aquatic
safety
which
ended
up
on
our
audit
plan
this
year.
So
what
are
things
that
could
go
wrong
and
result
in
loss
of
life,
for
example,
that
inherently
is
risky.
So
that's
why
it's
higher
up
and
then
the
the
park
boards
a
risk
assessment
program
potential
program
is
a
great
way
to
provide
coverage.
I
think
an
assurance
to
the
park
board
that
they're
they're,
covering
and
looking
at
those
risks
any
other
questions
so
far.
Thank.
A
You
I
think
that
you've
really
hit
the
nail
on
the
head
in
terms
of
succession
planning
in
terms
of
the
employee
makeup
and
the
aging
workforce
that
that
we
have
here.
That's
the
only
category
well
that
in
extreme
weather
events
are
kind
of
the
two
separate
categories
that
seem
to
span
the
city
Enterprise
higher
than
911
is
the
City
Clerk's
office.
Could
you
also
comment
on
that?
We're
sorry
the
probability
is
higher,
not
the
impact
so.
B
Just
going
to
so
I
think
one
thing
that
makes
the
city
clerk
higher
than
maybe
they
would
like
is
the
whole
responsibility
for
data
governance,
specific
to
record
retention,
and
we
have
a
consultation
in
progress
right
now
for
record
retention.
We
have
the
state
of
the
data
report
that
the
city
clerk
is
responsible
for,
and
those
right
now
are
all
open
audit
issues
that
need
to
be
addressed.
A
They're,
a
Dodge,
nothing
works
without
the
clerk's.
It
is
interesting
in
an
anecdotal
story
that
has
been
shared
with
me
by
our
city.
Clerk
is
that
in
in
some
other
cities,
they've
gone
through
exercises
of
what
are
the
essential
functions
and
the
City
Clerk's
office
in
those
other
cities
has
become
one
of
the
top
most
essential
functions,
and
it's
it
wouldn't
often
be
seen
that
I
think
by
the
public
until
you
understand
that
they're
responsible
for
the
data
of
our
city.
So
thank
you.
Thank.
B
B
Page
2
is
the
the
first
page
that
has
some
items
if
it
says
remove.
There
is
one
item
we're
asking
to
remove,
which
is
the
fleet
services
division
consultation.
Originally,
we
were
going
to
work
with
Public
Works
on
designing
a
new
model
for
managing
their
fleet
services.
However,
after
speaking
with
Public
Works
Director
Robin
Hutchinson
they've
already
implemented
this
process,
so
they
they
designed
their
model
and
implemented
a
new
process.
So
this
specific
consultation
we
are
going
to
remove
from
the
audit
plan.
Then
the
next
few
things
are.
B
We
have
14
audits
that
we
would
like
to
add
to
the
audit
plan
and
they
are
lined
up
according
to
quarter
and
based
on
what
we
think
our
resources
can
cover.
So
the
the
first
one
is
the
park
board
enterprise
risk
management
program.
They
have
asked
for
internal
audits,
consultation,
just
a
little
help
in
training
and
getting
it
rolled
out,
possibly
piloting
their
first
one
or
two
divisions
or
programs
with
them,
and
then
management
would
own
it
and
go
forward
with
it.
After
that
also
the
public
works,
3-1-1,
sidewalks,
snow
and
ice
removal.
B
We've
had
many
complaints
and
much
interest
from
city
council.
So
after
talking
with
Public
Works
and
3-1-1,
we
I
think
we
think
we
identified
where
some
key
problems
were
and
responding
to
sidewalk
snow
and
ice
removal
complaints.
So
we
actually
will
start
our
our
first
information
gathering
section
session
with
our
IT
Auditor
next
week.
B
Contract
amendments
is
an
important
review.
We've
been
queuing
up
and
we
think
because
of
risk,
we
will
put
that
sooner
on
the
audit
plan,
and
this
would
just
this
would
involve
reviewing
contract,
amend
amendments
over
a
period
of
years
and
determining
whether
those
amendments
were
proper
or
whether
some
of
them
were
to
get
low
bidding
and
then
increase
the
price
of
a
contract
through
amendments.
B
The
the
next
one
is
the
follow-up
to
the
MPD,
the
Minneapolis
Police
Department
equity
and
recruiting
review
this.
The
first
one
we're
doing
now
is
from
the
beginning
of
the
application
process
through
hire.
Then
we've
been
asked
to
do
a
follow-up
review,
which
we
think
will
be
a
great
consultation
once
somebody
is
hired
into
the
MBT
MPD
department.
B
What
are
the?
What
is
the
data
showing
how
they
progress
throughout
their
careers?
So
we
just
want
to
look
at
demographics,
who's,
getting
dropped,
who's,
leaving
and
who's
getting
promoted
and
roll
that
up
to
a
dashboard,
I
think
you'll
be
able
to
visualize
that
better.
Once
we
finish
the
first
review
and
see
the
dashboard,
we
have
a
few
data
sets
down
already,
and
the
whole
project
will
be
done
in
about
two
weeks
than
the
four.
The
second
review.
A
B
Yes,
chair
Palmisano
audit
committee
members.
We
have
there
was
a
delay
because
of
resources
to
do
the
data
entry,
so
it
turned
out
that
all
of
the
data
is
manual
for
every
class,
so
hundreds
of
applicants
for
every
class
for
eleven
data
sets
I
believe
and
we
started
with
one
or
two
resources
and
it
took
8
to
15
hours
per
data
set
to
enter
the
data
into
a
database
to
do
these
analytics.
So
that's
another
problem
is
having
manual
data.
You
can't
it's
very
hard
to
report
on
it
in
a
timely
manner.
B
B
The
data
Lake
IT
general
controls
consultation
is
designed
to
help
IT,
while
they
they
have
a
data.
Lake,
that's
already
rolled
out,
it's
still
being
developed,
they're,
adding
new
data
all
the
time.
We
want
to
make
sure
that
that
data
is
properly
secured.
So
are
our
basic
IT
controls
in
place
and
operating
effectively.
B
Revenue
and
collections
is
designed
to
start
later.
This
year
the
finance
department
is
implementing
a
new
process
to
centralize
revenue
and
collections.
Rather
than
doing
a
consultation,
they
preferred
to
develop
the
program
and
pilot
it,
and
then
we
are
coming
in
to
do
an
audit
later
this
year,
once
they've
implemented
the
new
process.
B
B
The
next
ad
we
are
asking
for
is
procurement,
ABC
system,
post
implementation,
user
access
management
review.
This
is
the
new
automated
platform
for
procurement
bidding
and
management
has
asked
us
to
come
in
and
do
their
user
access
roles
and
reviews
later
this
year
that
they
want
to.
They
just
went,
live
actually
I
think
they're
going
live
today,
February
11th,
and
they
want
time
to
fix
the
knee
bugs
and
follow
their
complaints
for
a
little
while
make
sure
that
they
have
their
user
access
roles
and
responsibilities
in
place
and
operating
effectively.
B
Then
we'll
come
in
and
do
our
audit.
The
next
dad
is
municipal,
ID
privacy,
IT,
general
controls.
Assuming
this
program
continues
to
roll
out.
This
will
be
a
great
opportunity
for
IT
IT
audit
to
be
involved
early
on
and
identify
any
potential
gaps
and
controls
before
the
program
is
rolled
out
security
incident
incident
event.
Monitoring
review
is
an
IT
audit.
After
discussions
with
management,
we'd
like
to
queue
that
up
for
20/20
quarter
to
park
board
patrons
safety,
audit
aquatics,
specifically
q2
2020.
B
B
We
don't
know
what
that
one
will
be
yet
and
then
the
last
item
on
here
is
the
body
worn
camera
compliance
on
it,
we'd
like
to
save
a
spot
for
park
board,
specifically
and
possibly
Minneapolis
Police
Department,
we're
not
sure
if
we
will
do
their
audit
or
if
they
will
hire
an
external
party,
and
we
will
know
exactly
what
quarter
as
soon
as
we
hear
back
from
Park
board.
Thank.
I
B
Chair
Palmisano,
council
members,
sorry
hon
committee,
members,
committee,
member
neil.
The
reason
why
there's
so
many
added
right
now
is
because
we
had
been
doing
an
annual
risk
assessment
where
we
would
add
on
audits
for
the
next
year.
So
this
is
our
time
to
add
on
we're
currently
in
our
last
audit
with
that
was
on
the
prior
audit
plan.
But
we
are
adding
more
audits.
So
just
we're
not
going
out
just
one
year
we're
going
out
almost
two
years
and
then
from
now
on
we
would
only
be
adding
as
we
close
audits
and
consultations,
so.
I
A
Super
so
this
would
change
our
current
yearly
work
plan
to
the
integrated
rolling
audit
plan.
Are
there
any
other
questions
or
concerns?
I
already
said
my
piece
earlier:
all
right
I
did
want
to
take
separate
and
specific
action
on
this,
instead
of
just
having
it
roll
up
into
the
rest
of
the
report,
so
I'd
like
to
move
to
approve
the
integrated
rolling
audit
plan
and
then
we'll
continue
this
method
going
forward.
All
those
in
favor,
please
signify
by
saying
aye
aye.
L
A
B
B
Our
grant
management
audit
is
in
progress.
As
a
reminder,
the
objective
is
to
review,
grant
management
processes
citywide
to
determine
whether
they
are
adequate
and
ensure
grant
compliance.
We've
completed
our
key
walkthroughs
for
the
planning.
Our
scope
memo
is
to
be
distributed
later.
February
the
scope
memo
is
generally
distributed,
one
to
two
weeks
before
field
work
can
begin,
so
we
expect
to
begin
field
work
the
first
week
of
March
it
may
we
may
report
April
audit
committee,
but
if
not
April
would
probably
be
the
following
audit
committee.
B
The
park
board
risk
assessment
and
management
consultation
would
like
to
meet
with
park
board
with
Jennifer
Ringgold
I
believe
that
the
deputy
superintendent
would
like
to
meet
with
us
in
March
to
talk
about
planning
and
walk
through
some
examples
and
I
think
she's
preparing
a
presentation
for
the
park
board.
Commission
records
management,
consultation,
we've
combined
C,
ped
and
Public
Works,
because
it
has
involved
into
a
bigger
citywide
process,
which
is
great.
We
had
a
our
last
meeting
was
last
week
and
they
are
deciding
management
is
deciding
which
Oversight
Committee
would
be
best
to
drive
this.
B
So
we
have
the
the
planning
to
move
to
the
new
facility
managing
records
and
files,
understanding
data
classification,
getting
resource
to
resources,
to
scan
files,
implementing
the
write
record
retention
policies
then
citywide.
We
also
need
to
oversee
those
processes
on
an
ongoing
basis,
not
just
for
preparing
to
move.
B
Equity
and
MPD
recruiting
data
analysis,
and
we
just
talked
about
that.
So
we
expect
February
20th
for
all
the
data
entry
to
be
complete.
Then
we'll
have
the
dashboard
ready
and
we
can
summarize
our
findings
neighborhood
and
community
relations.
They
are
neighbor
ncra's
working
with
the
city
coordinator
to
finalize
their
2020
program.
B
Our
internal
audit
console
looks
specifically
at
their
audit
policy,
so
we
have
as
NCR
at
the
neighborhood
associations
that
receive
funds,
and
we
also
wanted
to
see
a
finance
policy
implemented
where
neighborhood
associations
must
agree
to
having
a
proper
control
environment
for
handling
their
funds
received
by
the
city.
The
finance
policy
is
still
in
draft,
so
I'm
not
ready
to
close
this
consultation.
If
management
decides
to
not
implement
finance
policies,
then
internal
audit
can
close
the
consultation
and
we
could
queue
it
up
for
an
audit
later
on.
A
Director
Bigby,
my
understanding
is
that
feedback
is
being
asked
on
the
2020
draft
plan,
I
think
through
the
end
of
March.
After
that
there
will
be
more
of
a
rewrite
I'm
not
on
that
particular
committee.
But
what
I
heard
from
NCR
staff
was
that
then
there
will
be
a
rewrite,
then
it
will
be
adopted
by
City
Council.
So
are
you
saying
you
would
need
to
wait
until
the
end
of
that
to
come
up
with
a
protocol
or
it
would
become
part
of
the
package
that
comes
before
City
Council,
possibly.
B
I
think
we
could
probably
could
close
out
the
consultation
sooner
if
we
saw
the
finance
policies
were
developed
and
part
of
the
program.
I.
Don't
imagine
the
city
coordinator
would
remove
that
part
of
the
program.
I
think
everybody
is
looking
for
strong
controls
to
ensure
our
money
is
spent
appropriately,
money
that
is
given
to
neighborhood
associations
so
specifically
related
to
the
audit
policy
and
controls
to
minimize
the
risk
of
fraud,
waste
and
abuse.
Once
we're
confident
those
controls
are
in
place,
then
I
think
we
can
close
our
consultation.
B
Results:
Minneapolis
is
ongoing.
We
most
recently
reviewed
sheephead
metrics
and
provided
feedback
to
the
results.
Minneapolis
team
we're
going
to
keep
this
consultation
open
until
any
programs
that
are
queued
up
have
gone
through
the
process.
We
have
known
others
in
the
queue
at
the
moment:
enterprise
complaint
management
processes
we
most
recently
book
sorry
benchmarked
with
other
local
governments
and
had
a
multi
cross-functional
stakeholder
meeting
to
discuss
those
benchmarks.
What
other
cities
are
doing?
B
There's
not
a
lot
of
centralization
and
complaint
management
with
cities
of
our
size,
although
to
local
governments,
do
have
a
very
efficient
and
streamlined,
centralized
complaint
management
process.
So
now
we
management
have
to
decide
on
the
pros
and
cons
of
centralizing
or
not
centralizing,
complaint
management.
What
that
will
look
like
and
whether
we
need
a
new
system
to
handle
those
complaints.
B
Internal
audit
will
still
monitor
the
risks
of
not
having
a
centralized
complaint
management
process.
There
are
other
mitigating
controls
that
can
be
put
in
place
with
a
decentralized
process
and
management
will
continue
monitor.
Sorry,
internal
audit
will
continue
monitoring
until
we're
ensure
those
key
risks
are
addressed.
B
M
Palmisano
Kimmie
numbers
I'm
just
here
to
provide
a
quick
update
on
our
efforts
to
close
up
fire.
Our
issue
is
enemies
also
those
I'm
suggest
kind
of
some
summary
statistics.
We
currently
have
29
open
audit
issues
with
flow
17,
our
issue
since
the
last
time,
and
we
have
29
that
we
to
meet
call
about
validation,
progress
which
I'll
touch
on
in
a
couple
slides
as
well
as
we
do
have
11
or
she
was
expected
to
close
in
next
quarter
and
then
just
some
stats
from
the
last
couple
of
our
20
meetings.
M
We
do
not
have
any
overdue
other
issues.
I'm
a
Japan
has
better
very
proactively
subject
to
working
chemicals
out
and
firing
like
their
details
and
support
for
the
issues
and
I
will
select
a
point.
I
would
give
a
we
also
like
to
recognize
management
finance
for
the
work
in
closing
out
I'm,
not
issue
from
the
payroll
audit,
I'm,
pretty
sure
issue
number
one
payroll
register
is
not
reconciled
to
the
general
ledger,
I'm
really
in
ahead
of
schedule
as
well.
M
Now
so
these
next
couple
slides,
we
have
a
summary
detail
of
the
current
open,
our
issues,
a
twenty
nine
of
them
most
of
them
as
well
as
issue
aiding,
as
well
as
issued
due
date.
So
most
of
the
issues,
the
rest
code
currently
identified
as
moderate
and
the
are
expected
to
close.
You
know
in
the
next
quarter
to
the
end
of
2019,
and
then
here's
just
kind
of
somebody
asked
each
other
that
we
do
have
we
get
at
the
ones.
Today.
M
The
are
issues
army
force
presented,
stay
on
there
as
well
I'm,
the
current
expected
due
dates
and
then
kind
of
issue
valuation
progress.
This
is
ones
that
management
has
to
put
submit
a
report,
support
for
in
the
form
of
documentation,
receipts
invoices
kind
of
asserting
that
they
resolve.
The
current
audit
issue
and
processes
are
made
on
it
and
then,
once
that
progress
once
we
get
that
information
we
go
through,
CAD
mixer
would
be
validate.
M
We
do
some
cash
to
make
sure
that
the
on
issue
has
been
satisfactory,
mediated
and
that
there's
no
through
us
identifying
the
audio
issues
close
our
family.
So
it's
kind
of
a
process
and
that's
why
there's
currently
twenty
nine
of
them
in
progress
because
is:
can
we
work
through
them
real,
quick
management
if
the
weather
is
not
sufficient
or
if
there's
kind
of
other
issues
and
making
sure
that
results
are
figure
enough,
that
we
can
assess
actually
close
about
and
then
so
you
can
does
occur.
M
So
the
seventeen
close
are
issues
all
through
this
process,
and
we
expect
these
in
the
next
several
weeks
and
kind
of,
as
you
continue
through,
to
be
able
to
close
up.
Many
of
these
are
issues
where
next
audit
committee
meeting
and
then
there's
more
sort
of
us
ratings
or
so
moderate,
and
there
is
one
higher
issue:
the
Federation
of
duties.
Peter
process
are
that
we're
currently
validating
better
than
that.
M
Those
are
there
as
well
as
we
do
in
this
past
beauty
for
without
to
audits,
completely
unprofessional,
Jack
and
HR
file,
maintenance
and
attention
on
it,
and
we
do
expect
a
number
of
audits,
including
application
security
view,
the
IT,
a
programming
project
or
project
management,
console
I'm,
empathy,
probably
evidence
room,
please
body
cameras
see
Padawan
cycle,
otherwise
a
few
others
to
be
able
to
completely
closed
down
by
the
next
time
product
committee,
as
you
gotta
eat
the
evidence
so
that
well,
that's
all
I
have
for
the
art
issues
and
I
was
not
saying
for
questions
any.
A
Thoughts
or
questions
I
have
one
I
want
to
point
out
that
an
issue
rating
of
moderate
is
is
significant
and
in
the
private
sector.
That
would
there'd
be
a
lot
of
questions
and
comments
from
people
at
management.
On
that
I
see
a
significant
decrease
in
the
number
of
open,
odda
issues
since
last
fall.
So
can
you
comment
on
that?
Yeah.
M
So
we
kind
of
Baskin
wants
been
working
to
cut
broccoli,
follow-up
in
management
and
will
be
working
on
making
sure
that
kind
of
working
through
the
process
and
making
sure
that
they
understand
that
they
have
other
issues
and
kind
of
holiday
can
go
about
meeting
them
as
I'll
just
kind
of
being
about
tracking
them
in
the
track
as
soon
as
they
come
up
and
making
sure
that
we're
certain
constant
reminders
like
I'm,
just
kind
of
eating
that
concept
feedback
on
which
is
kind
of
as
something
that
we've
been
working
on
the
past
couple
months.
Thank.
N
Cherry
Palmisano,
can
you
hear
me
cherry
Palmisano
audit
committee
members
good
morning?
My
name
is
Danny
hunt
and
I
am
in
an
internal
audit.
In
turn,
following
our
internal
audit
issues
update,
we
provide
an
update
on
state
auditor,
open
issues.
The
city's
2017
comprehensive
annual
financial
report,
external
audit
performed
by
the
office
of
the
state
auditor,
resulted
in
the
following
issues.
The
state
auditor
is
in
the
process
of
reviewing
the
status
of
these
issues
and
will
provide
an
update
when
the
review
is
complete.
N
The
open
issues,
our
monitoring
of
internal
controls,
Finance,
has
indicated
that
internal
controls
and
procedures
have
been
documented
and
the
testing
of
controls
phase
has
begun
issue
number
two
prior
period.
Adjustment
finance
corrected
the
prior
period
adjustment
in
April,
2000
18
and
is
in
the
process
of
reviewing
their
policies
and
procedures
for
the
preparation
of
its
financial
statements.
N
Issue
number
three
withholding
affidavit
for
contractors.
This
issue
is
still
in
progress
and
issue
for
the
uniform
guidance,
written
procurement
policies
and
procedures.
Finance
has
updated
the
relevant
policies
and
procedures.
However,
this
issue
is
still
in
progress.
Next,
we
have
the
2017
state
auditor,
Minneapolis,
Park
and
Recreation
Board
copper
audit
identified
one
new,
find
one
new,
finding
related
to
internal
control
over
financial
reporting
and
one
reoccurring,
finding
related
to
federal,
grant
cash
management
and
reporting
requirements.
N
The
first
issue
relates
to
management
practices,
capital
projects,
the
the
capital
projects,
accountant
that
was
agreed
upon
in
the
plan
to
address
this
issue
is
now
on
site
and
the
finance
department
is
making
progress
towards
better
management
practices
related
to
capital
projects,
and
the
second
issue
relates
to
federal
grants
and
the
accounting
of
associated
income
expenditures.
The
finance
department
is
making
progress
towards
we're
mediating
the
federal
grants,
cash
management
and
reporting
requirements.
B
N
N
We
also
have
emerging
risks,
which
include
economic
trends
and
other
conditions
that
could
impact
the
ability
of
our
city
to
function
as
intended,
and
some
example
of
these
emerging
risks
include
succession
planning,
as
mentioned
labor
shortage,
federal
government
shutdown,
data
security,
scarce
resources,
broadband
technology,
preparedness
and
preparedness
to
meet
future
pension
and
benefit
liabilities.
As
far
as
our
policies
and
procedures,
department,
policies
and
procedures
updates
are
complete
and
will
be
reviewed
again,
at
least
annually.
B
A
You
I
appreciate
that,
since
we
haven't
in
lieu
of
having
more
regular
meetings,
we
have
very
substantive
meetings.
So
thank
you
to
my
colleagues
for
letting
us
do
this
robust
update.
Certainly
a
lot
of
work
has
been
happening
in
your
department,
I'm
gonna
move
to
receive
and
file.
This
update
all
those
in
favor,
please
signify
by
saying
aye
aye
opposed
that
carries
before
we
go
into
the
last
topic.
I
just
want
to
make
a
brief
announcement
and
pleased
to
share
that
the
mayor's
office
has
indicated
their
their
intent
to
extend
mr.
A
David
Fisher's
appointment,
so
mr.
David
Fisher
will
be
reappointed
to
our
Audit
Committee
he's
the
mayor's
appointee.
So
thank
you
for
indulging
me
that
the
next
item
on
the
agenda
is
the
police
information
management
system,
also
known
as
PIMs
IT
security
audit
report
I'm
going
to
ask
managing
City
Attorney
Susan
Trammell
to
please
explain
the
reason
why
the
meeting
could
be
closed
to
discuss
this
agenda
item
Thank.
L
You,
chair
Palmisano,
the
open
meeting
law
chapter
13,
do
point:
oh
five
subdivision
three
parens
d
permits
the
closure
of
a
meeting
to
receive
security
briefings
and
reports
to
discuss.
Issues
related
to
security
systems,
should
discuss
Emergency
Response
procedures
and
to
discuss
security
deficiencies
in
or
recommendations
regarding
public
services,
infrastructure
and
facilities.
L
If
disclosure
of
the
information
discussed
would
pose
a
danger
to
public
safety
or
compromised
security
procedures
or
responses
before
closing
a
meeting
under
this
paragraph,
the
public
body
in
describing
the
subject
to
be
discussed
must
refer
to
the
facilities,
systems,
procedures,
services
or
infrastructures
to
be
considered.
During
the
closed
meeting.
A
Thank
you
so
I
moved
to
adjourn
room
315,
which
is
right
across
the
way
here
for
the
purpose
of
a
closed
session.
Pursuant
to
Minnesota
statute,
chapter
13
D
point
O,
5,
subdivision
3
D
to
receive
the
police
information
management
system,
IT
security,
audit
report
and
discussed
the
contents
thereof.
Are
there
any
questions?
All
those
in
favor?
Please
signify
signify
by
saying
aye
all.