►
From YouTube: May 17, 2021 Audit Committee
Description
C
C
The
city
will
be
recording
and
posting
this
meeting
to
the
city's
website
and
youtube
channel
as
a
means
of
increasing
public
access
and
transparency.
This
meeting
is
public
and
subject
to
minnesota
open
meeting
law.
At
this
time,
I
will
ask
the
clerk
to
please
call
the
role,
so
we
can
verify
a
quorum
for
this
meeting.
B
E
D
C
Let
the
record
reflect,
we
have
a
quorum
colleagues,
our
agenda
is
before
us
and
due
to
the
nature
of
this
committee,
being
an
independent
committee,
may
I
have
a
motion
to
adopt
the
agenda
today.
C
D
B
C
A
C
Thank
you
that
carries
and
the
minutes
are
accepted.
Colleagues
are
a
new
business
item.
Today,
item
number
three
will
be
receiving
and
filing
the
minneapolis
police
department,
driver
and
vehicle
services
systems
access
and
breach
investigations.
Audit
report-
I
believe
this
also
then
publishes
that
report
for
this
presentation.
I'll
turn
it
over
to
director
patrick.
F
Good
morning
committee
members
chair
palmisano,
it's
good
to
see
everybody
again
after
a
bit
of
a
long
stretch
and
I'll
be
covering
the
audit.
We
conducted
related
to
the
dbs
system
and
happy
to
answer
any
questions
along
the
way.
I
don't
see
the
slide
up.
Could
we
first
jump
ahead?
F
Just
we
first
jump
ahead
to
slide
five,
I
think
that's
gonna
be
the
easiest
place
to
start
our
slides
are
laid
out
in
the
order
in
which
you'd
see
it
in
the
report,
but
I
think
I'll
start
with
the
background
section
since
it's
been
a
while,
since
we
discussed
it
so
back
just
some
background
on
on
how
we
got
here,
there's
a
federal
piece
of
legislation
called
the
driver's
privacy
protection
act
and
it
sets
up
protections
for
people
who
have
information
in
state
drivers,
vehicle
services,
databases,
so,
for
example,
that
might
be
your
driver's
license
photo
anything
that
you'd
have
on
your
state
id
or
driver's
license.
F
This
federal
act
really
puts
the
clamps
on
anyone
using
it
for
anything
other
than
a
pretty
specific
work
purpose.
So
law
enforcement
is
a
primary
user
of
that
and
in
kind
of
the
late
2009's
early
2010s,
there
was
a
number
of
instances
where
people
accessed
that
data
for
purposes
that
did
not
seem
work
related.
F
However,
some
of
that
information
wasn't
discovered
until
the
early
2010s
and
that's
when
lawsuits
started
to
roll
in,
specifically
that
people's
private
information
was
accessed
improperly,
you
know
against
the
dppa's
regulations,
so
this
audit
stems
from
a
lawsuit
that
that
came
about
in
the
mid
2010s,
alleging
improper
access
between
2009
and
2012.
F
and
as
part
of
the
settlement
for
the
suit
judge,
donovan,
frank,
requested
or
ordered
an
audit
be
conducted
of
the
current
practices
related
to
investigating
and
handling
dppa
violations
or
devia
inappropriate
access
of
dbs.
F
As
far
as
I
know,
this
is
the
first
instance
of
a
court
order,
audit
for
the
city
of
minneapolis,
but
we
were
happy
to
conduct
it,
look
at
those
practices
and
benchmark
them
kind
of
against
what
we
would
expect
from
officers
following
the
dppa
and
in
particular
we
were
looking
at
the
internal
affairs
division
as
they
were
one
of
the
primary
investigators
for
these
instances
of
misconduct.
F
So
we
can
go
back
to
the
beginning
slide
two,
so
our
objective
one
was
to
examine
the
internal
affairs
division
investigative
process
related
to
allegations
of
violations
of
the
dppa
and
then
beyond.
The
internal
affairs
division,
mpd's
or
minneapolis
police
departments
establish
controls
for
the
use
of
the
dvs
system,
so
not
just
investigations.
But
what
do
we
do
proactively
to
address
potential
violations
in
our
scope?
We
looked
at
internal
affairs
investigations
from
january
1st
2018
to
april
1st
2021..
F
Why
is
2018
a
relevant
date?
Well,
there
was
significant
guidance
from
the
state
related
to
what
should
happen
in
the
event
of
misuse
of
the
system,
particularly
an
officer
or
employee
who
misused
the
system
would
lose
their
access
to
the
dbs
system
and
there
is
no
appeals
process.
Once
it's
gone,
it's
gone.
You'd
no
longer
be
able
to
work
as
a
police
officer
in
the
state
of
minnesota.
This
is
a
statewide
issue
and
that
that
was
the
guidance
that
came
down
in
2018.,
so
we
can
move
to
the
next
slide.
F
So
how
did
we
do
this?
Well,
we
reviewed
policies
procedures
for
investigating
internal
affairs
complaints.
We
requested
a
sample
of
dppa
violation
cases.
During
that
time
period
we
attempted
to
compare
a
sample
of
dppa
violation,
investigations
to
non-dppa
investigations
for
consistency,
and
then
we
were
requesting
a
comparative
sample
of
dppa
investigations
to
determine
whether
they
involved
female
complaints
and
whether
those
differed
from
those
not
involving
female
complaints.
F
One
of
the
allegations
was
that
female
employees
or
women,
whose
information
was
accessed
their
cases,
were
treated
differently
than
those
who
weren't
and
in
a
moment,
I'll
kind
of
discuss
why
those
are
attempted
and
requested
and
not
review.
We
can
move
to
the
next
slide.
F
We
also
looked
at
dvs
access
controls.
So
how
does
someone
access
the
system?
What
training
are
they
provided?
So
these
are.
These
are
things
that
we
would
expect
beyond
just
investigations,
but
things
that
could
prevent
people
from
misusing
the
system
and
things
that
would
detect
whether
improper
searches
were
occurring.
F
So
one
interesting
result
and
I'll
kind
of
talk
through
some
of
the
other
parts
of
the
report.
First,
there
was
only
one
instance
of
an
allegation
of
an
improper
use
of
the
dbs
system
that
occurred
between
2018
and
2021.
F
We
were
trying
to
test
first
internal
affairs
process
for
investigating
these
types
of
complaints.
However,
since
there
was
only
one
one
investigation,
there
was
not
a
whole
lot
to
compare,
but
the
reason
why
we
close
this
without
any
issues
related
the
investigation
process
is
that
internal
affairs
no
longer
investigates
these
types
of
complaints
that
is
now
investigated
by
the
office
of
police
conduct
review.
F
We
found
no
instance
or
information
that
would
suggest
that
these
cases
were
investigated
any
differently
than
their
counterparts
and
any
type
of
other
police
misconduct
investigation
and
the
fact
that
they
are
now
reviewed
by
a
civilian
and
a
team
of
civilians
mitigated
some
of
the
the
potential
risks
that
were
noted
in
the
lawsuit.
So
as
far
as
the
internal
affairs
process
is
concerned,
and
the
gender
and
sex
of
the
the
complainant,
whose
information
might
be
improperly
accessed
with
one
case,
there's
not
enough
to
compare.
F
So
while
we
requested
it
to
see
one
instance
that
did
not
involve
an
improper
access
and
was
investigated
doesn't
allow
us
to
do
a
comparative
sample,
but
it
does
allow
us
to
conclude
and
see
that
the
process
followed
the
appropriate
track.
It
wasn't
treated
differently.
It
was
passed
to
the
opposite
police
contract
review,
where
a
a
normal
type
of
investigation
occurred,
so
that
that
first
set
of
issues
that
first
objective
related
to
internal
affairs.
We
noted
no
issues
in
the
second.
F
What
we
were
looking
at
were
controls
and
different
types
of
means
to
prevent
improper
access.
So
we
looked
at
first
preventative
controls
like
training,
our
officers,
train
and
notice
that
if
they
misuse
the
system,
they
will
be
terminated,
their
access
will
be
terminated
and
they
can't
work
as
a
police
officer.
Yes,
that
was
clear.
The
fbi
audits
training
records
every
several
years
so
that
we
know
every
officer
is
up
to
date
on
training
related
to
accessing
the
dbs
system.
F
We
also
learned
that
they
lose
access
to
the
system
within
a
pretty
short
period
of
time
when
they
separate
from
the
department
and
they
also
lose
access
to
the
system.
If
they
no
longer
have
access
to
a
city
terminal,
you
can't
access
the
dvs
system
without
logging
into
an
approved
terminal,
and
therefore
we
were
able
to
conclude
both
the
preventative
controls
via
training
and
then
preventative
controls
related
to
being
able
to
access
the
system.
When
you
shouldn't
have
access
those,
we
didn't
see
any
issues
there.
F
One
issue
we
did
note
was
that
instant,
that
the
vca
bureau
criminal
apprehension.
They
have
primary
control
over
the
system.
They're.
The
group
that
creates
accounts
they're
the
ones
who
monitor
dbs
searches.
They
they
are
the
primary
controllers
of
the
dvs
database
and
those
who
access
it.
Mpd
submits
its
rec
request
to
have
people
added
and
they
they
grant
permissions
and
monitor
searches
and
whatnot.
They
they
have
a
system
in
place.
It's
kind
of
a
high-level
system.
F
That's
a
that's
a
hot
list
of
individuals.
If
one
word
is
search
for
one
of
those
individuals
on
the
hot
list,
bca
would
be
notified,
it's
an
automated
flag
and
then
that
information
will
be
passed
along
to
the
minneapolis
police
department
to
look
into
whether
there
is
any
any
reason
for
that
search.
So
there's
there's
a
preliminary
process,
because
this
isn't
an
allegation
of
misconduct.
At
this
point
there
there
are
perfectly
legitimate
reasons
to
query
people
who
might
be
on
the
list,
but
the
the
first
line
would
be.
F
F
So
once
we
notified
them
within
a
very
short
period
of
time,
they
were
able
to
provide
a
policy
that
was
reviewed
by
the
department
and
incorporated
into
their
standard
operating
procedures.
It
clearly
outlines
all
the
steps
that
should
be
taken
in
the
event
that
they're
notified
of
a
person
being
searched
on
the
hot
list.
F
We
can
go
to
the
next
slide,
so
I
I
kind
of
covered
this.
The
btu
has
this
process.
There
was
a
management
action
plan.
They
agreed
to
develop
the
the
process.
We
had
a
target
remediation
date
of
april
30,
but
that
was
the
date
in
which
they
they
completed
the
standard
operating
procedure.
We
reviewed
it
deemed
it
sufficient
and
consider
this
item
closed,
move
on
to
the
next
slide.
F
That
may
be
it
there's
a
lot
of
work
that
went
to
this
audit
and
sometimes
it's
very
important
that
we
do.
We
do
work
specifically
to
indicate
that
a
process
is
working
successfully.
You
know
we'll
find
issues
when
they're
necessary
when
they're.
Not
it
just
shows
that
the
system
is
working
as
intended.
F
If
you've
read
the
report,
you
you
will
not
see
one
item
in
there.
It's
a
thing
we
noted,
but
not
something
that
has
a
finding,
because
the
party
is
not
a
party
they're,
not
an
oddity
and
that's
the
bca
their
system
for
their
hotlist
system.
It
it
will
indicate
when
someone
on
the
hot
list
is
searched,
but
it
might
not
have
caught
the
type
of
use
of
the
dvs
system
that
led
to
the
lawsuit
in
the
first
place.
F
Mpd
does
not
have
access
to
the
search
histories
of
their
own
own
users,
so
mpd
isn't
proactively
involved
in
monitoring
use
of
the
system.
That
would
be
that
would
fall
under
the
bca
they
they
may
be
doing
more,
that
we're
not
aware
of,
but
that
was
just
something
to
note
that
we
would
expect
to
see
some
type
of
detective
control.
F
That
is
a
control
that
finds
instances
that
may
be
red
flags.
Maybe
indications
of
misuse
notifies
the
appropriate
parties,
so
it
doesn't
prevent
it.
Doesn't
it
detects
and
and
then
it's
up
to
the
parties
to
correct
it,
so
you
would
see
that
in
the
report,
but
again,
that's
not
something
that
our
oddity
has
control
over
and
therefore
it's
not
a
finding
in
the
report,
I'm
happy
to
answer
any
questions
that
folks
might
have.
G
Fletcher,
thank
you,
chair
palmisano,
and
thank
you
director,
patrick
for
this
presentation.
I
was
actually
in
the
settlement
conference
where
we
kind
of
finally
resolved
this,
so
I
I
know
that
actually,
a
lot
of
the
accesses
were
related
to
training
and
probably
some
like
poor
judgment,
but
not
actually
malicious
use
and
any
kind
of
real
intent.
So
I
know
that
it
makes
sense
to
me
that
the
audit
would
largely
find
that
that
systems
are
working.
G
G
So
it's
hard
for
me
to
understand
how
they
would
know
if
there
was
a
problem
and,
as
you
said,
that's
not
a
very
documented
process,
so
it
does
feel
like
there's
a
gap
there,
where
some
ability
for
us
to
to
do
some
self-supervision
and
to
have
some
internal
checks
within
the
city
where
it's
closer
to
the
people
using
the
system
seems
like
it
might
be
beneficial,
I'm
a
little
skeptical
that
bca
would
have
the
visibility
into
our
operations
to
know
whether
the
system
was
being
abused.
G
So
is
there
some
future
work
that
ought
to
be
done
either
from
a
policy
perspective
or
internal
procedures?
F
Chair
paul
masano
committee,
member
fletcher,
that's
a
that's
a
good
question.
I
we
don't
have
the
ability
to
request
information
from
the
bca
in
the
in
the
same
way
that
we
would
one
of
our
internal
oddities.
So
it's
possible
that
there's
more
going
on
behind
the
scenes
that
I'm
aware
of
I
don't.
I
don't
want
to
state
conclusively
that
they
don't
have.
They
don't
have
other
monitoring
capabilities.
F
They
may
not
want
to
disclose
those
for,
for
various
reasons
I
don't
I
don't
know,
I
will
say
they
were
very
helpful
and
transparent
with
me
and
sharing
training
and
discussing
with
me
kind
of
how
how
they
monitor
the
system
to
a
certain
extent.
But
yes,
I
I
the
concern
is
in
the
is
in
the
audit
report
itself
that
that
I
noted
there
could
be
additional
follow-up
work
internally
to
see
if
the
bca
has
any
appetite
and
sharing
some
responsibilities,
but
that's
not
something
that
would
have
arose
from
this
audit.
F
It
wasn't
part
of
the
the
specific
audit
that
we're
doing
so
that
that
could
be
something
external
to
us.
Our
our
concerns
were
primarily
with
what
mpd
has
done
in
this
instance,
and
it
appears
that
they've
done
what
they
need
to
do.
You're
correct
in
that
it
seems
like
the
training
from
2006
through
2009,
didn't
really
give
a
good
indication
of
what
the
system
should
be
used
for
and
what
might
constitute
a
misuse.
F
C
Seeing
none,
I
will
make
a
motion
to
both
receive
file
and
it's
normal
with
our
audit
reports
to
publish
this
report
for
the
public.
Could
I
have
a
second
on
that
motion.
B
C
Thank
you
that
report
is
received,
filed
and
published
our
next
item
of
business
item
four
is
receiving
and
filing
an
update
of
our
internal
auditor
and
their
work
in
this
department's
work
in
progress
director,
patrick.
F
Thank
you
again,
chair,
palmisano
I'll,
be
presenting
the
auditor
update
today
with
some
participation
of
my
colleagues
in
the
department
we
could
move
to.
The
next
line
give
a
brief
introduction,
we'll
talk
about
our
in-progress
audit
work,
prior
audit
issue,
follow-up
and
continuous
monitoring
as
usual,
move
to
the
next
slide.
F
B
F
After
action
review,
that's
underway
in
audits,
coordination
of
that
contract,
we
have
meetings
set
up
in
the
future
related
to
the
body,
worn
camera
audit
program
that
the
office
of
police
conduct
review
is
launching
be
assisting
them
with
that,
but
that
project's
still
in
early
formation.
But
that
is
coming
up
and
then
I'd
just
like
to
also
note
that
we
have
both
department
of
justice
pattern
and
practice
review
and
the
continuing
minneapolis
or
I'm
sorry
minnesota
state
department
of
human
rights
investigation
to
the
minneapolis
police
department.
F
I
don't
propose
changes
to
the
audit
plan
at
this
meeting
right
now,
although
we
do
have
a
number
of
police-related
audits
on
the
plan.
However,
we
may
want
to
re-evaluate
and
discuss
potentially
at
the
june
meeting,
how
we
prioritize
projects,
given
the
significant
amount
of
work.
That's
going
on
that
we
don't
want
to
duplicate
now
that
federal
partners
have
come
in.
F
F
So
this
was
our
our
collaborative
work
with
the
field
training
officer
program,
particularly
with
the
training
division
in
the
minneapolis
police
department,
specifically
looking
at
criteria
for
selecting
field
training
officers,
ongoing
monitoring
and
evaluation,
evaluating
the
process
that
the
field
training
officers
use
to
appraise
recruits
or
now
they're
called
officers
in
training.
F
So
we
were
reviewing
program
manuals.
We
conducted
quite
a
few
interviews
with
a
variety
of
people
associated
with
the
program
and
you'll
note
that
this
is
in
reporting.
We've
we've
moved
to
the
next
slide.
I
describe
this.
F
We've
completed
our
field
work
and
issue
write-ups,
so
issue
write-ups
are
with
the
programs
management
as
of
march
31st,
so
in
the
interim
management
provided
initial
response,
which
was
helpful
in
that
they
agreed
with
the
issue
write-ups
that
we
sent
over.
So
they
accepted
the
issue
write-ups
that
not
we're
not
still
moving
back
and
forth
on
that
they
are
developing
a
comprehensive
long-term
plan
to
address
some
of
the
larger
issues.
F
In
the
report
we
have
which
you'll
see
in
the
future,
we
have
some
more
short-term
easier
to
remedy
issues,
and
then
there
are
some
things
that
are
larger
structural
issues
that
will
need
longer
term
planning.
They
did
have
a
significant
amount
of
responsibilities
during
the
month
of
april,
and
that's
that's
likely.
F
Why
is
why
we
have
don't
have
the
final
report
for
you
now,
because
we
want
a
thoughtful,
robust
management
response
and
that
one
that
was
prepared
in
in
just
anticipation
of
this
meeting
working
on
operation
safety
net
and
coordinating
new
training
based
on
state
law
changes.
They
had
a
lot
of
responsibilities
but
we're
in
regular
communication
with
them
when
they
issue
their
formal
management
response
and
we
deem
it
appropriate.
To
conclude,
you
know
complete
the
report
itself,
we'll
incorporate
those
into
the
report
that
we've
completed,
review
it
and
then
present
it.
F
So
we
we
do
intend
to
present
this
report
at
the
next
meeting,
we've
been
in
regular
communication
with
them,
and
this
seems
to
be
a
timeline
that
that
we
can
adhere
to
with
them.
We
have
to
be
respectful
of
their
time
moving
the
next
line,
any
any
questions
that
come
up,
I'm
happy
to
answer
along
the
way
as
well.
Please,
please
feel
free
to
jump
in
our
second
audit
that
we
are
working
on
right
now
is
in
field
work.
F
We've
made
significant
progress
on
it,
so
this
this
project
revolves
around
when
the
city
is
sued
or
settles
a
claim
prior
to
a
formal
filing
anytime.
The
city
essentially
pays
out
related
to
you
know:
potential
violations
by
the
city
of
minneapolis.
F
F
So
this
is
a
pretty
comprehensive
review
of
lawsuits
from
those
that
settle
in
those
that
paid
out
where
we're
reviewing
all
the
documentation.
We're
assessing
that
process
that
the
city
and
various
departments
use
to
respond
to
gaps
that
are
identified
in
in
those
lawsuits.
F
Verifying
is
kind
of
the
stage
we're
in
verify
verifying
in
the
ways
in
which
departments
have
responded
to
lawsuits
and
we've
selected
a
sample
determine
whether
control
gaps
cause
them
were
properly
addressed
by
the
impacted
departments.
F
So
this
is
an
enterprise-wide
project,
the
post-lawsuit
process
improvement
because
it
touches
so
many
different
departments.
Many
experience
lawsuits
some
more
than
others
clearly
so
to
review
these
and
and
to
work
with
all
the
various
responsible
parties
to
to
validate
what
is
what
is
taking
place
if
anything,
at
all,
it's
a
lot
of
work,
but
we're
we've
made
significant
progress
on
fieldwork
and
hope
to
have
a
report
to
you
soon.
C
G
C
Sorry
thank.
G
You
yeah
go
ahead.
Thank
you,
jeff
allison,
director
patrick.
I
know,
we've
had
some
conversation
about
and
there's
been
some
requests
in
the
public
safety
context,
for
specifically
for
after
actions
to
look
at
policy
changes,
training
changes,
anything
that
needs
to
happen
related
to
use
of
force,
liability
cases
related
to
incidents
where
mpd
has
killed.
G
Someone
is
this
that,
or
is
that
a
separate
process
are
those
lawsuits
and
and
settlements
a
part
of
what
we
would
expect
to
see
sort
of
analyzed
and
considered
for
the
policy
and
operation
changes
as
a
part
of
this
work.
F
So
your
your
point
is
taken
that
you
know
there
are
use
of
force
lawsuits
things
like
that
that
people
have
been
calling
for
what
we'd
like
to
see
and
determine
is:
is
there
a
process
and
something
that
is
kicking
in
on
a
regular
basis
whenever
these
instances
occur?
That
would
lead
to
that
type
of
analysis
that
you
were
you're
discussing
when
appropriate.
F
Does
that
answer
the
question?
I
know
it's
it's
it's
a
bit
kind
of
one
step
back
from
what
you
were
describing,
but
I
think
it's
important
to
to
analyze
whether
that
process
is
occurring
and
do
we
have
any
type
of
formal
structure
that
will
will
address
those
control
gaps
rather
than
doing
it
on
a
lawsuit
by
lawsuit,
piecemeal
basis.
G
Got
it
so
this
will
be
the
report
that
tells
us
that
we're
not
or
that
we
are
doing
some
sort
of
comprehensive
after
action.
But
it's
not
the
comprehensive
after
action
itself.
F
F
Yep
with
the
idea
that
if
we
by
analyzing
this
we'll
know
whether
or
not
that's
occurring,
and
if
it's
not,
then
what
what
do
we
put
in
place
to
make
sure
that
control
gaps
are
identified,
addressed
remediated
so
that
we
don't
find
ourselves
in
a
similar
situation.
Over
and
over.
E
Thank
you,
sir
palmisano.
My
question
is
just
in
terms
of
the
scope:
it's
is
it
just
focused
on
departmental
processes
and
procedures,
and
I
asked
that,
in
terms
of
other
cities,
I'm
not
talking
about
minneapolis.
I
know
there
have
been
lawsuits
that
have
been
the
result
of
lack
of
training
for
policy
makers.
E
I'm
thinking
mostly
development
and
open
meeting
law
are
the
ones
that
come
to
mind
most
frequently
and
I'm
just
curious
that
that
is
covered
in
in
this
kind
of
analysis
as
well
or,
if
that's
something
external
or
outside
of
the
scope.
Excuse
me.
F
Chair
paul
masano
committee
member
johnson,
if
I
understand
your
question
correctly,
it's
not
we're
looking
at
beyond
just
departments
and
kind
of
individual
lawsuits,
but
also
working
with
our
primary
clients
on
this
is
the
the
city
attorney.
So
the
scope
is
broad:
it's
not
limited
to
one
individual
department
or
or
several
departments
it's
as
the
kind
of
primary
player
oftentimes
in
in
lawsuits.
The
city
attorney
in
the
office
makes
sense.
F
You
know,
as
a
central
point
of
contact
they're
the
ones
we've
been
working
with,
so
our
analysis
should
cover
the
enterprise
and
and
all
the
various
parties
within
who
who
may
experience
a
lawsuit,
not
just
one
one
individual
department
or
kind
of
department
by
department
it's.
This
is
looking
at
it
from
a
central
point
of
contact,
as
it
spreads
out
across
the
enterprise.
E
Thank
you,
that's
very
helpful.
I
I
just
know
that,
when,
as
when
I
was
in
the
city
manager
role,
one
of
the
things
I
would
do
is
ask
folks
to
go
to
lmc
training
league
of
minnesota
city
training,
because
you
know
you
don't
know
what
you
don't
know
and
that's
true,
whether
it's
the
administration
or
whether
it's
anyone
else
involved
in
those
processes.
So
thank
you
appreciate
that.
B
Church
palmisano,
but
the
way
that
this
is
written
I
assume
park
board
lawsuits
are
not
being
included
in
the
analysis
being
done.
F
Chair
palmisano
committee,
member
music,
I
th
law.
These
are
lawsuits
that
were
resolved
and
involve
the
minneapolis
city
attorney
so
that
it
may
extend
beyond
to
park
board.
I
don't
I
don't
recall
specifically.
I
have
to
look
back
at
the
report.
I
don't
want
to
provide
you
an
answer,
but
I
can
follow
up
with
you
individually
to
let
you
know
that.
F
Move
to
the
next
slide,
so
we
are
currently
in
the
planning
phase
of
a
project
that
we
discussed
at
the
last
committee
meeting
and
that's
specifically
cell
phone
policies
and
controls
so
kind
of
mobile
device
management
policies
and
controls.
F
We
know
that
there
are
a
lot
of
mobile
devices
that
these
were
identified
in
our
covid
phase
2
and
our
risk
assessment
as
as
being
potentially
used
more
and
more
frequently.
We
know
that
mobile
devices
are
extremely
powerful
and
we
want
to
look
at
the
city's
policies
and
controls
related
to
their
use.
We've
had
very
productive
meetings
with
it,
they're
they're
very
engaged
in
this
project.
They
will
be
our
primary
contact,
along
with
other
other
departments
like
radio
shop
and
whatnot
who
manage
cell
phones.
F
So
this
project
is
moving
along
nicely
and
we'll
plan
to
finish
planning
and
begin
field
work
soon,
move
to
the
next
step.
I'm
going
to
turn
this
section
over
to
our
covid19
project.
Subject
matter
expert
and
that's
you
get.
She
is
been
working
on
these
throughout
the
past
year
and
I'd
like
to
give
her
the
opportunity
to
discuss
the
phase
three
project.
H
Thank
you.
Thank
you,
ryan.
Good
morning,
chair
palmisano
and
committee
members,
like
ryan
mentioned,
I'm
just
going
to
go
over
really
quickly.
Our
kobe
19
related
work.
We
are
currently
planning
phase
three
of
our
work
and
as
a
refresher
in
phase
one.
We
surveyed
audio
departments
across
the
country
to
assess
the
impact
of
the
pandemic
on
them
and
also
identify
some
best
practices
during
the
pandemic
and
anything
they
were
planning
to
do.
Post
post,
covet
19,
and
we
presented
those
results
to
the
other
committee.
H
H
Excuse
me,
our
comprehensive
audit
plan
for
2021
and,
what's
going
to
happen
in
phase
three,
is
that
we'll
review
the
city's
response
to
the
pandemic
overall,
so
we'll
first
obtain
and
review
documentation
from
the
continuous
improvement
team
within
the
city
coordination
coordinators
office.
They've
been
doing
some
work
related
to
that
and
we'll
get
their
data
analyze
it
and
see
what
we
can
incorporate
in
the
scope
of
our
work
and
in
addition
to
that,
some
of
the
items
that
we
will
potentially,
I
think
we
can
move
to
the
next
slide.
Yeah.
H
Thank
you
and
some
of
the
items
we
potentially
include
in
our
scope
will
be
the
business
continuity
and
disaster
recovery
plans
both
for
the
city
as
a
whole
and
for
individual
departments,
and
I
think,
there's
been
a
lot
of
work
going
on
to
have
departments,
develop
some
type
of
business,
continuity
and
disaster
recovery
plans
and
we'll
also
look
at
the
personal
cell
phone
usage.
Like
just
ryan
just
mentioned,
a
lot
of
people
have
been
using
their
personal
cell
phone
for
work
purpose
because
of
kobe
and
working
remotely.
H
So
we'll
have
more
detail
on
this
as
part
of
the
the
audit
work
that
we'll
do
related
to
cell
phone
policies,
controls
related
to
the
use
of
personal
and
work
issued
cell
phones
and
another
aspect
of
this
that
will
be
including
the
scope
of
phase
three
is
the
confidentiality
of
documents
with
remote
work.
H
Many
people
probably
ended
up
having
to
take
some
stuff
home
for
work
that
would
normally
be
considered
confidential
would
look
into
that
and
see
if
that
happened,
and
if
it
did
happen,
what
did
the
departments
do
about
it?
And
another
point
is
the
internet
connection
issues.
This
has
been
probably
an
issue
with
vpn
connections,
especially
at
the
beginning
of
the
remote
work
that
people
were
facing.
H
Did
this
have
an
impact
on
the
way
people
performed
on
their
work
on
the
deliveries
and
stuff
like
that,
and
the
last
point
would
be
the
availability
of
the
overall
city
services
during
the
pandemic,
with
people
still
able
to
access
all
the
services
they
needed
during
this
time
where
we
were
working
remotely
and
maybe
not
all,
services
were
like
functioning
a
hundred
percent
of
the
time.
H
C
E
Thank
you
to
your
promising.
I
was.
I
will
echo
echo
your
comments
right
there
in
terms
of
the
availability
of
city
services,
and
I
also
just
wanted
to
thank
you
for
doing
this
work,
because
it's
certainly
going
to
have
a
lot
of
broader
ramifications
for
work
at
home.
If
that
to
you
know
to
what
extent
that
can
be
continued
in
order
to
to
achieve
the
city's
goals,
and
so
it's
just
really
important
work,
and
I
wanted
to
thank
you
for
that.
H
C
Problem
yeah
anybody
else
with
comments
or
questions
about
the
kovid
19
phase,
three
project,
I'm
not
seeing
any
so
then
I
believe,
if
you
get
suggested,
we
turn
it
back
to
director
patrick
yeah.
Thank
you.
F
Thank
you,
chair
palmisano,
and
thank
you
again
for
that
update.
This
is
a
massive
project.
It's
going
to
take
time
and
it's
critically
important.
This
is
a
very
large
project
and
we'll
probably
break
it
down
into
smaller
chunks,
as
we
do
the
work,
but
we
intend
to
do
that,
I'm
starting
now
that
things
are
are
starting
to
change
and
we
may
be
moving
into.
F
I
don't
know
what
the
third
new
normal
that
we're
in
so
yeah
that
project
is
going
to
be
big,
but
we'll
we'll
continue
to
take
bites
out
of
that
work.
Next,
we're
going
to
discuss
prior
audit
issue
follow-up.
I'd
just
like
to
note
and
and
thank
my
team
for
working
really
hard
on
this.
This
is
something
we
prioritized
when
I
came
in
and
if
you
remember,
throughout
the
past
year,
we
had
a
number
of
open
audit
issues.
F
F
The
other
time
in
which
they're
important
is
sometimes
we
identify
gaps
and
controls
and
expect
a
management
response
and
a
follow-up
if
that's
not
occurring
we're
missing
that
benefit,
and
so
again,
I'd
like
to
thank
my
team
for
putting
in
a
lot
of
hard
work
over
the
past
year
on
this,
this
very
subject
and
we're
in
the
process
of
kind
of
redesigning
how
we
go
about
doing
this
in
the
future,
to
take
some
of
the
burden
off
individual
staff
and
make
sure
that
these
are
completed
in
a
timely
manner.
I
Thank
you
good
morning,
sean
massano,
my
mozilla
audit
committee,
so
you
just
go
to
the
next
slide.
So
since
the
last
audit
committee,
we
have
closed
out
17
audit
issues
that
includes
one
from
the
dvs
today,
but
we're
down
to
12
currently
that
are
either
open
overdue
or
we're
kind
of
finished
working
on
validating
and
the
next
couple
times
we're
getting
a
bit
more
detail
about
those
particular
issues
as
well
as
the
plants
going
forward.
I
But
just
like
a
year
ago,
we,
I
think,
we're
in
the
60s
70s
now
that
we
have
a
down
to
12,
which
is
a
lot
more
manageable
number
to
kind
of
keep
track
of
and
kind
of,
keep
following
up
on
and
making
sure
that
progress
is
being
made.
So
if
you
go
to
the
next
slide
here,
I'm
just
kind
of
one
note
is
that
a
lot
of
these
issues
are
older
ones.
I'm
like
three
four
five
years
old
rich
over
time
as
processes
change,
systems,
change,
priorities,
change,
budgets,
change.
I
It
makes
it
a
little
harder
for
somebody
using
the
original
management
action
plans
either
to
either
priorities
have
changed,
or
maybe
the
issues
have
been
fixed
through
other
plans
or
there's
larger.
The
issues
just
aren't
as
relevant
due
to
other
increases
and
fixes
so
each
for
each
issue
when
working
with
management.
Just
again,
I
get
a
better
understanding
of
where
things
are
currently
at
how
they're,
how
the
system
and
how
the
process
is
functioning
now
and
then
kind
of
the
plan
moving
forward.
I
So
the
next
slide
here
for
the
next
two
slides,
we
kind
of
have
a
little
bit
more
specific
detail
in
which
of
the
17
are
the
public
ones
that
we
may
have
to
close
out.
So
I'd
just
like
to
note
that
for
the
orchids
management
audit,
that
was
with
the
city's
clerk
office
from
2016-
and
we
invited
them
to
come
kind
of
speak
at
the
next
audit
community,
a
bit
more
about
the
work
on
that
one.
The
cpa,
loan
life
cycle
audit.
I
We
spoke
a
couple
other
committees
ago
about
that
new
system
without
new
processes
that
new
loan
system
that
they're
putting
in
place-
and
they
have
just
so
that
they've
been
able
to
essentially
make
that
go,
live
now.
So
the
next
couple
months,
they're
able
to
they're
rolling
out
that
system,
which
will
fix
all
the
kind
of
the
original
audit
issues
from
2016.
I
and
then
also
we've
been
working
a
lot
with,
particularly
it.
Let
me
go
to
the
next
slide
on
the
peoplesoft
finance
ones,
as
well
as
the
business
company
disaster
recovery,
ones
kind
of
currently,
where
they're
at
with
their
current
names,
with
pims,
with
some
of
these
systems,
that
sort
of
these
old
reports
and
kind
of
their
plans
moving
forward,
as
well
as
a
park
board
one
for
the
worker
safety,
one
which
is
another
older
one.
I
If
you
go
to
the
next
slide
here
here
are
the
current
ones.
Current
reports,
we
have
open
audit
issues,
so
we
currently
have
six
reports
currently
that
have
at
least
one
or
more
outstanding
audit
issues
dating
from
2017
to,
but
mostly
from
2018,
which
is
a
lot
more
current
kind
of
more
applicable
moving
forward
in
terms
of
being
with
the
match
management
action
plan.
I
The
original
risk
that
was
identified
on
the
next
slide
here
is
a
just
kind
of
original
usual
issue,
detail
which
now
is
down
to
one
side
of
the
public
area,
issues
that
we're
able
to
talk
about
and
kind
of,
currently,
where
they're
at
I'm
encouraging
your
kind
of
plans
moving
forward
to
continue
working
with
finance,
I.t
and
police
and
kind
of
these
three
main
areas
and
kind
of
having
some
meetings.
I
That
kind
of
hope
to
be
able
to
kind
of
provide
in
the
future
more
either
close
out
some
of
these,
particularly
the
contract
amendment
ones,
I
mean
as
well
as
the
park
board
ones,
and
they
provide
more
full
details
on
the
current
status
for
the
other
ones.
Now
that
we're
down
to
12
but
moving
forward,
we
hope
to.
I
I
think
it
does
because
ryan
said
that
now
that
we're
down
there
more
management
number
now
able
to
provide
more
more
relevant
details-
and
I
think
you
may
be
more
familiar
with
these
reports
as
well
since
they're
just
more
a
lot
more
recent
compared
to
ones
from
2016
to
2017,
which
a
little
bit
more
harder
to
place.
And
if
there's
that's
all
I
have
today.
So
if
there's
any
questions
I'll
take
them.
If
not
and
over
back
to
ryan.
C
I'm
not
seeing
any
unless
mr
fisher
was
that
you
do.
You
have
a
question
or
comment.
A
A
sense
of
urgency
to
get
the
police
off
duty
work
done,
I
it
is
overdue.
I
noticed
that
I'm
sure
we're
all
working
on
that,
but
it's
an
important
topic
for
the
city
to
get
to
the
bottom
of,
and
I'd
urge
some
effort
to
try
to
get
those
closed
out.
C
Sure
I
can
speak
to
that
a
little
bit
myself
as
one
of
the
people
on
the
off
duty
work
group.
We
have
been
continuing
to
meet
with
stakeholder
groups
during
this
time,
but
the
things
that
have
really
brought
a
lot
of
that
work
groups
ever
efforts
to
a
halt
really
started
with
covid
right
all
of
a
sudden
work
in
larger
get-togethers.
C
That
would
require
off-duty
officers
to
be
part
of
them
or
you
know,
large
events,
events
downtown
at
target
center
or
the
twin
stadium
or
u.s
bank
stadium,
all
of
those
really
ground
to
a
halt
in
march
of
last
year.
So
it
has
been
difficult
to
work
with
places
that
normally
contract
off
duty
because
they
have
been
so
busy
innovating
and
trying
to
adjust
to
a
very
changing
environment.
C
So
as
we
return
to
a
new
normal,
we
certainly
want
to
do
that
differently,
and
I
know
that
the
police
department
has
suggested
that
we,
we
pilot
something
different
with
off
duty,
but
we're
not
yet
ready
to
to
have
that
all
ironed
out
and
share.
But
I
do
want
to
assure
people
that
the
police
off-duty
audit
recommendations
are
not
being
ignored
not
at
all
and
that
we
are
looking
for
a
way
to
to
evolve.
This
whole
part
of
of
our
process.
F
Thank
you
sure,
palmisano
and
travis.
The
last
item
we'll
discuss
is
continuous
monitoring
and
much
like
the
open
audit
issues.
I'd
like
to
extend
another
thanks
to
my
team
who's
worked
very
hard
on
these
continuous
monitoring
projects,
they're
not
meant
to
be
perpetual
and
that
we're
going
to
continuously
monitor
a
subject
until
the
end
of
time.
F
We
really
have
results
and
goals
that
we're
moving
towards,
so
we
were
able
to
wrap
up
some
continuous
monitoring
projects,
and
we
will
keep
these
current
we're
not
obviously
eliminating
the
practice
of
continuous
monitoring
but
we'd
like
to
move
on
to
some
more
current
topics
and-
and
one
of
those
is
obviously
the
sexual
assault
kits
memo
from
last
year
to
provide
an
update
on
our
continuous
monitoring
projects.
I'd
like
to
turn
it
over
to
conlon.
J
J
From
january
1st,
two
main
fourth
233
kids
were
tested
in
just
that
for
four
months
period,
but
the
two
scientists
that
were
added
to
the
program
and
helped
make
that
difference
and
the
mpd
manager
management
expected
to
add
two
more
scientists.
I
mean
the
bc
will
add
that
two
more
scientists
shortly
and
the
management
play
is
explaining
that
they
will
complete
the
backlog
kit
testing
within
a
period
of
year.
From
now
so
that
that
will
conclude
the
updates
on
the
social
assortment,
so
I'm
happy
to
add
to
answer
any
question
we
may
have.
F
Thank
you
calmly
and
chair
paul
masano,
so
again
great
progress
on
the
kit
testing,
adding
two
more
scientists,
more
than
doubled
the
rate
and
adding
two
more
with
a
timeline
now
that
we
didn't
have
before
for
completing
testing,
significant
progress
and
hopefully
we'll
be
able
to
wrap
that
continuous
monitoring
project
again
in
the
near
future.
F
So
again,
thank
you
to
my
team.
They
worked
very
hard
throughout
this
pandemic
to
both
become
subject
matter:
experts
in
various
fields,
closing
audit
issues
and
completing
reports.
It's
been
a
challenging
time,
but
they've
been
doing
a
great
job
and
again
good
to
see
everybody
on
the
audit
committee
happy
to
answer
any
additional
questions
that
anyone
might
have.