►
From YouTube: April 25, 2022 Audit Committee
Description
Additional information at:
https://lims.minneapolismn.gov
A
A
B
D
A
So
if
a
committee
member
wants
to
be
recorded
as
voting
no
on
any
item,
please
go
ahead
and
you
know
ask
the
chair
immediately
after
the
vote,
to
ask
that
your
vote
be
recorded
as
a
no
in
the
record
or
you
can
ask
for
a
roll
call.
All
of
those
thanks.
So
next
we
have
acceptance
of
the
minutes.
From
our
last
meeting
our
regular
meeting
of
february
7th
2022,
may
I
have
a
motion
to
accept
those
minutes.
E
A
F
Good
morning,
audit
committee
members
chair
palmisano
good
to
see
everyone
in
person
again,
I'm
director
ryan,
patrick
the
internal
audit
director.
This
report
that
you'll
be
receiving
today
stems
from
a
larger
audit
contracted
by
the
communications
department,
a
piece
of
that
audit
involved,
conducting
a
review
of
city-wide
communications
spending
outside
of
the
communications
department.
H
H
And
so
just
to
kind
of
follow
up
on
ryan's
opening
remarks.
We
partnered
with
the
communications
department
to
perform
a
review
of
communications
spend
across
the
city
enterprise
outside
of
the
communications
department
as
a
result
of
the
2019
enterprise
communications
audit.
Essentially,
the
objective
of
this
review
was
to
develop
an
understanding
of
the
resources
that
are
used
throughout
the
city
enterprise
outside
of
the
communications
department,
for
certain
communications,
related
activities.
H
From
kind
of
an
approach
and
methodology
standpoint,
we
really
focused
on
distributing
a
survey
to
key
members
throughout
the
city
enterprise
who
may
have
communications
involvement,
embedded
communicators,
if
you
will,
across
other
departments,
looking
to
gain
an
understanding
of
resources
that
they
might
allocate
to
communications
activities
and
their
roles
that
are
outside
of
the
communications
department.
We
reviewed
a
sample
of
contracts
and
grants
across
the
city
as
well
from
various
departments,
to
further
identify
activities
that
could
be
embedded
within
grants
and
communications
grants
and
contracts.
H
I
should
say
communications
activities
outside
of
that
department
and
we
also
looked
at
accounts
payable
detail
from
the
past
few
years
across
the
department
as
well,
and
the
enterprise
to
get
an
understanding
of
payments
or
spend
that
were
made
for
communications
activities,
had
follow-up
discussions
with
various
members
of
the
procurement
team
and
the
communications
department
as
well.
To
further
understand
some
of
the
scope
of
this
work
as
well
to
verify
that
this
information
is
truly
communications
activities.
H
Then
so
results
of
our
our
work
did
identify
communications
activities
outside
of
the
communications
department,
kind
of
verified
some
of
the
suspicions
we
might
have
had
going
into
the
audit.
Based
on
the
2019
report.
We
identified
hours
based
on
the
survey
responses
that
other
departments
indicated
they
were
allocating
to
communications
activities
outside
of
the
communications
department
again
and
then,
over
the
past
couple
years,
looked
at
that
accounts
payable
information
to
identify
approximately
1.9
million
in
communications.
A
D
H
Yeah
we
focused
on
departments
that
had
embedded
communicators
within
them
already
that
we
worked
on
with
the
communications
department.
Obviously,
the
city
is
a
wide
enterprise,
and
so
we
had
to
kind
of
make
some
focused
reviews.
I
I
will
say
of
some
of
the
departments
that
we
thought
might
be
the
most
relevant.
We
certainly
wouldn't
expect.
D
H
Certainly,
I
think,
within
the
the
way
that
the
ottawa
scope,
there
certainly
are
likely
additional
activities.
Maybe
outside
of
the
scope
of
some
of
the
areas
we
focused
on
again,
we
were
trying
to
focus
on
areas
that
might
be
the
most
relevant
and
have
the
most
activity
just
based
on
our
our
knowledge
and
understanding
of
the
enterprise
activities
coming
into
the
project.
C
H
H
I
think
everybody
has
other
activities,
maybe
outside
of
the
scope
of
their
job,
that
they
have
to
perform
just
based
on
the
way
the
enterprise
works.
So
I
wouldn't
necessarily
say
it's
a
good
or
a
bad
thing.
I
think
we
were
just
trying
to
provide,
hopefully
some
transparency
for
the
communications
team
for
their
long-term
strategy.
I
think
thank.
C
D
Enough
touch:
okay,
sorry
yeah.
If
I
can
require
in
reading
report,
there
are
several
sections
and
graphs
here
specifies
different
amounts
of
money.
You've
summarized
here
that
there's
1.9
million
dollars
and
2021
that
were
activities
related
to
communications
outside
the
communications
department.
But
elsewhere
you
cite
760
thousand
dollars
of
in-scope
departments.
Annual
budgets
are
allocated
to
and
then
another
place.
We
have
a
graph
that
talks
about
sampled.
Contract
amounts
amounted
to
3.5
million.
H
Certainly
so
a
couple
differences,
the
the
contracts
and
grants
that
we
were
reviewing
were
over
a
larger
time
frame.
They
go
back
to
2016,
so
there
might
have
been
more
volume
of
information
in
scope
there.
So
you
might
see
a
larger
amount
there
with
the
1.9
million
that
you're
referencing
that
does
span
the
entire
city
enterprise,
excluding
the
communications
department.
It's
only
for
the
most
recent
two
years,
though
2020
and
2021
based
on
available
data
and
then
the
760
000
that
you're
referencing
is
based
on
survey
responses.
H
A
A
You
know
if,
if
this
figure
surprises
her
or
or
where
we
take
it
from
here,
what
the
recommendations
will
be,
as
you
know,
from
our
communications
department,
they
are
so
very
small
for
a
city
our
size,
and
I
think
we
just
need
to
be
strategic
and
help
to
manage
our
message
and
help
it
to
carry.
So
I
think
this
is
the
first
step
in
helping
us
to
do
that
better.
A
A
A
F
Thank
you,
chair
paul
masano
and
audit
committee
members
I'll
be
speaking
today
about
the
minneapolis
park
and
recreation
board
police
body,
worn
camera
biennial
audit.
You
may
be
familiar
with
these
types
of
audits.
We've
conducted
them
in
the
past.
Specifically
last
year
we
received
the
one
related
to
the
minneapolis
police
department
that
also
had
automated
license
plate
readers
park
board
does
not
employ
those.
So
that's
why
it's
not
attached
to
this
audit.
F
Just
for
background,
every
two
years,
police
departments
who
use
portable
recording
systems
so
body,
worn
cameras,
are
required
to
conduct
an
audit
per
state
law.
It
outlines
the
specific
categories
that
are
necessary
to
audit
and
so
generally,
in
even
years
we
present
park
boards
and
in
odd
years
you
see
minneapolis
police
department.
So
this
this
is
the
park
board's
required
biennial
audit
and
our
objectives
adhered
strictly
to
the
state
law
categories.
F
F
F
F
D
F
I'll
attempt
to
answer
those
questions,
chair
palmisano
vice
chair
fisher,
I'll
attempt
to
answer
those
questions,
knowing
that
I
was
not
the
one
who
performed
the
audit,
but
we've
had
similar
findings
in
the
past
related
to
downloading
of
data.
So
sometimes
that's
because
of
litigation
holds
and
for
other
reasons
the
department
will
do
that
when
an
item
is
downloaded
off,
axon
is
required
to
be
stored
in
in
the
same
manner,
so
you
complying
with
the
same
statutes
that
the
the
state
requires
for
the
videos
that
are
kept
in
the
axon
system.
F
D
Guess
I'm
sorry
I
ganged
up
on
you
with
that.
Your
recommendation
is
to
use
longer
passwords,
which
I
can
understand.
I
have
hundreds
of
passwords
and
I've
taken
to
dual
authentication
for
most
of
my
work
and
I'm
wondering
if
the
city
or
the
park
board
have
ever
considered
that
as
a
possible
safety
factor.
F
The
city
does
have
some
dual
authentication
for
for
some
city
applications
axon
maintains
the
system
in
which
body-worn
camera
videos
are
stored,
so
dual
authentication
for
the
axon
system
would
be
something
to
work
with
a
vendor
on.
I
don't
I
don't
know
if
that's
something
offered
by
axon,
but
that
would
be
another
security
layer
that
could
be
implemented.
C
Thank
you,
madam
chair
yeah,
I'm
just
kind
of
wrapping
my
head
around
the
scope
of
this
audit
and
it
appears
to
be
pretty
limited
just
to
access
and
storage
and
security
protocols.
Can
you
speak
to
any
other
kind
of
scopes
of
audit
within
bodybuilding
cameras?
Just
in
terms
of
you
know,
procedures
use
because
from
the
report
it
doesn't
look
like
it
really
gets
into
that
level
of
scope.
F
Yeah
sure
palmisano
committee,
member
payne-
that's
that
is
true.
This
is
pretty
strictly
adhering
to
state
law
requirements
in
the
past
internal
auditors
perform
more
comprehensive
testing
related
to
body
worn
cameras,
so
I
believe
in
2019
2017
there
were
other
other
times
in
which
more
work
was
done.
F
F
A
All
those
in
favor
of
that
motion,
please
signify
by
saying
I
opposed
that
carries
and
the
report
has
been
received
and
filed
will
be
published
today
and
we
will
work
on
getting
that
notification
to
the
state.
The
next
piece
is
our
report:
port
from
the
internal
auditor.
It
has
several
components
as
outlined
on
your
agenda.
A
F
Thank
you,
chair,
palmisano,
I'll,
be
walking
through
our
auditor
update
today.
Five
items
first
is
an
introduction
or
introductions.
We'll
talk
a
bit
about
the
government
structure
update
in
a
limited
sense.
I
will
report
back
per
committee
member
koski's
request
on
a
addition
of
public
safety
auditor
or
the
concept
of
a
public
safety
auditor,
we'll
talk
about
our
completed
and
in
progress,
audit
work
and
then
we'll
discuss
a
bit.
Our
prior
audit
issue
follow-up.
F
So
first
introductions
I'd
just
like
to
welcome.
We
have
two
new
staff
who
have
joined
the
internal
audit
team.
Since
our
last
meeting
we
have
allison
newman
who
comes
to
us
from
the
private
sector,
with
experience
in
both
audit
work
and
the
finance
sector
and
law
enforcement
experience,
she's
got
a
talent
and
interest
in
cyber
security
work.
So
it's
good
to
have
someone
with
that
that
interest
on
the
team
and
nikita
lane
comes
to
us
via
the
city
attorney's
office,
where
she
served
as
a
long-term
victim.
F
F
F
As
we
know,
question
1,
which
passed
the
voter
referendum
last
year,
made
some
pretty
massive
updates
to
how
our
city
government
functions.
A
part
of
that
involves
audit,
so
audit's
language,
which
previously
was
contained
in
code,
has
moved
into
charter.
It
has
some
new
requirements
for
the
audit
committee
and
obviously
we're
impacted
we're
a
very
unique
structure
in
the
enterprise.
We
always
were
in
the
sense
that
we
reported
to
the
audit
committee
and
not
the
normal
kind
of
chain
of
command.
F
Now,
given
the
clarity
in
the
executive
department's
lining
up
under
the
mirror,
we
have
the
clerk's
department
who
works
with
the
council
audit,
now
being
even
more
independent,
perhaps
than
it
was
before.
Given
that
we're
we're
in
charter,
we
have
a
new
appointment
requirements.
We
have
new
audit
committee
requirements,
so
this
is.
This
is
relevant
to
us.
Even
if
you
look
at
the
charter
and
the
language
looks
similar
to
the
way
it
looked
in
code,
obviously
the
importance
of
independent
oversight
perhaps
is
elevated
in
this
new
new
contacts.
F
So
before
I
launch
into
this
I'd
like
to
put
a
pin
or
a
flag
for
you
that
tomorrow,
there
will
be
a
more
detailed
presentation
on
the
subject
to
the
committee
of
the
whole.
That's
who
requested
the
work
we'll
be
talking
through
myself
and
city
clerk
carl
will
be
talking
through
the
the
larger
implications
for
the
legislative
branch.
If
you
will
at
that
meeting,
this
is
a
bit
of
a
digest.
F
So
the
large
group
presentation
is
tomorrow:
it'll
cover
executive
and
legislative
branches,
and
it
has
some
proposed
additions
to
the
city
auditor's
office,
which
is
what
we
are
now.
The
city
auditor,
the
office
of
the
city
auditor,
so
first
off
the
charter
creates
a
new
position
and
that's
the
city
auditor.
It's
established
in
charter,
it's
different
than
the
internal
audit
director
position
was
in
code.
F
Specifically,
the
city
auditor
is
pointed
to
a
four-year
term
by
the
audit
committee
and
can
now
be
removed
for
cause
so
that
that
specific
clause
wasn't
in
there
before
the
auditor
stays
in
place,
can't
be
removed,
except
for
engaging
in
malfeasance
or
something
of
that
nature.
It's
another
way
to
bolster
the
position
to
make
sure
that
it's
free
from
influence
from
outside
parties
or
politics
and
stuff
like
that,
just
to
really
carve
that
out
in
its
independent
nature.
F
We
still
perform
the
same,
comprehensive,
risk-based
audits
in
consultations
for
the
enterprise.
We
have
free
full
and
unrestricted
access
to
information,
so
the
work
of
internal
audit
and
the
core
audit
function
is
not
not
changing.
That
will
still
continue
and
it's
important
that
it
does
given
the
importance
of
oversight
in
the
new
system.
F
F
F
So
part
of
the
proposal
for
the
legislature,
given
that
the
legislature
no
longer
has
the
same
access
to
city
staff
that
they
did
in
the
past
to
perform
work
and
recognizing
their
important
new
and
an
elevated
role
in
the
legislative
process.
Legislating
policy
that
that
that
type
of
work,
what
was
requested
and
the
need
seems
to
be
legislative
analysts.
So
these
are
professional,
non-partisan
research
and
evaluations
as
directed
by
council.
F
If
council
wants
to
work
on
policy,
pass
legislation
they're
going
to
need
an
independent
nonpartisan
actor
who
can
help
perform
that
research
and
do
their
work?
Those
that
body
doesn't
currently
exist
today,
but
clearly
under
the
new
government
structure,
something
like
that
is
relevant
as
they
don't
have
the
same:
direct
interaction
with
department
staff
without
working
through
the
mayor's
office,
and
there
are
some
separations
of
powers
issues.
F
So
if
this,
when
staff
was
identifying
that
this
function
needed
to
occur
in
some
way
shape
or
form,
there
was
recognition
that
this
needed
to
be
an
independent
activity.
You
if
you
place
it
under
authority
of
the
council,
then
it's
tied
to
the
partisan
council,
even
though
they
may
take
direction
from
that
body.
F
If
they're
firewalled
off
from
that,
then
they're
independent,
free
to
deliver
unbiased,
non-partisan
information
back
to
council,
without
kind
of
the
fear
of
being
too
tied
too
closely
to
the
specific
legislators
who
are
passing
that
it
also
needs
to
be
strictly
firewalled
off
from
the
current
internal
audit
function.
These
are
two
separate
activities,
so,
if
you
think
about
this
activity
happening
kind
of
on
its
own,
enjoying
the
protections
that
the
independence
of
internal
audit
enjoys,
it
needs
to
be
firewelled
off,
because
these
are
two
separate
pieces
of
act.
F
These
are
two
separate
bodies
of
work
and
would
need
to
remain
distinct.
So
these
legislative
analysts
would
be
assigned
work
by
council
and
led
by
legislative
analysis
director.
So
it's
a
separate
business
line
but
would
enjoy
some
of
the
same
protections
as
the
current
internal
audit
function
enjoys
in
terms
of
independence,
free,
full
and
unrestricted
access
to
information,
and
things
of
that
nature.
F
I'd
note
that
the
current
charter
does
specifically
state
that
the
staff
and
internal
audit
can
can
work
on
projects
as
directed
by
other
units
of
the
city
government.
So
there
is
that
that
carve
out
there.
Although
generally
it's
been
applied
to
us
working
in
let's
say
on
consultations
with
the
department.
F
F
The
fiscal
analysts
use
their
tool
set
to
tie
costs
to
activities
and
assess
the
financial
impact
of
proposed
policy
and
legislative
proposals,
and
importantly,
they
would
work
with
the
council
during
the
review
of
the
mayor's
recommended
budget.
That's
a
really
important
function
that
the
council
has
and
for
them
to
have
an
independent
nonpartisan
staff
who
can
help
deliver
information
back
related
to
that?
F
F
There
will
be
a
new
appointment
cycle
for
audit
committee
members
and
that's
pending
that
part
of
the
whole
government
structure.
Change
is,
is
figuring
out
the
appointment
cycles
and
how
those
work-
and
that
is
going
to
require
council
kind
of
process
to
do
so
and
just
wanted
to
just
reiterate
one
last
time
for
the
audit
committee.
F
The
audit
charter
and
the
authority
of
the
audit
committee
is
is
unchanged
under
this,
so
you're
still
receiving
the
work
of
internal
audit,
overseeing
the
work
of
internal
audit,
approving
the
risk-based
audit
plan
and
audits
as
they
come
forth.
So
the
audit
committee
maintains
its
current
scope
of
authority
and
duties
that
doesn't
change
under
the
new
government
structure.
Just
the
primary
changes
in
the
composition
of
the
audit
committee.
F
So
that's
that
would
constitute
the
portion
on
the
government
structure
update.
I
can
take
some
questions
on
that.
I'd
also
note
that
again,
tomorrow
is
a
larger
presentation
so,
rather
than
getting
too
much
into
the
weeds
here
today,
I'd
say
reserve
some
of
that
until
the
council
presentation
tomorrow.
A
Thank
you.
Are
there
questions
or
comments?
This
is
a
really
broad
overview
of
some
of
the
bigger
changes
coming
and
it
connects
into
our
larger
government
restructure
work.
We
will
look
to
move
forward
in
appropriate
time
and
pretty
quickly
here
with
at
least
the
audit
committee
restructure
and
that
ordinance
effort.
F
F
Can
move
on
to
the
public
safety
auditor?
This
is
a
report
back
again
committee
member
koski,
along
with
the
government
structure,
updates,
requested
information
about
what
the
excuse
me,
I'm
used
to
having
a
glass
of
water
next
to
me,
because
we've
been
presenting
remotely-
and
we
don't
have
that
here-
but
public
safety,
auditor
reporting
back
on
that
function.
F
So
again
a
request
from
the
audit
committee
to
return
with
information
regarding
a
public
safety
auditor.
We
know
based
on
our
risk
assessment.
We
know
based
on
history,
that
public
safety
operations
represent
one
of
the
highest
risk
activities
and
merit
continuous
attention.
This
is
just
something
that
comes
up
constantly
and,
as
we
analyze
risk
for
the
city's
position,
we
know
public
safety
operations
fall
on
the
highest
end
of
the
spectrum,
and
we
also
know
that
currently,
the
city's
concept
of
public
safety
is
evolving.
F
A
public
safety
auditor
skill
set,
like
I
mentioned
before
this
is
part
of
the
internal
audit
activity.
You've
heard
us
do
public
safety
audits
in
the
past
audits,
with
the
police
department
that
type
of
work.
The
skill
set
follows
the
audit
industry's
best
practices
and
oversight
so,
where
you'd
see
the
certified
internal
auditor
or
red
book
standards
yellow
book
standards,
this
follows
the
normal
audit
process,
there's
also
additional
layers
of
information
specifically
for
law
enforcement
auditing.
But
this
is
public
safety
auditing,
not
not
specifically,
law
enforcement
auditing.
F
We
enjoy
the
free,
full
and
unrestricted
access
to
information.
We
have
a
structure
to
report
non-public
and
confidential
information,
which
is
important
for
this.
This.
These
are
the
tools
that
we
have
to
conduct
effective
oversight,
and
that's
why
it's
important
when
we're
thinking
about
one
of
the
highest
risk
activities
the
city
engages
in
you
have
a
department
who
has
the
tools
to
do
that
type
of
oversight
work.
F
We
know
right
now
and
you've
heard
me
say
this
in
our
risk
assessment
that
we
are
cognizant
of
the
fact
that
there
are
federal
and
state
investigations
going
on
right
now.
Implementation
for
these
is
likely
to
take
years.
It's
not
going
to
happen
overnight.
This
is
going
to
be
a
long
process
if
you
looked
at
past
department
of
justice
activities.
F
While
we
don't
know
the
scope,
the
outcome,
the
extent
of
what
they're
doing
right
now,
presumably
that
will
be
known
at
some
point
in
the
near
future,
and
this
program
can
supplement
that
monitor
progress
and
and
help
improve
operations
in
line
with
this-
and
I
think
the
thing
to
stress
about
this
public
safety
audit
position
is:
it
covers
the
entirety
of
public
safety
operations.
So
while
the
police
department
may
hire
internal
quality
control
or
quasi
audit
staff,
that's
for
the
police
department.
F
Our
concept
is
much
broader
in
that
we
think
about
emergency
management,
911,
311,
community
navigators,
our
concept
of
public
safety
is
much
broader,
and
these
this
position
or
these
positions
would
support
that
not
just
work
exclusively
with
the
police
department,
an
internal
audit
staff.
We
provide
and
build
institutional
knowledge
relationships,
trust
while
maintaining
independence.
That's
that's
again.
I
know
you
keep
hearing
me
harp
on
the
fact
that
we're
independent
we
do
have
relationships
across
the
city.
F
So
what
what
might
these
positions
do?
What
would
a
public
safety
auditor
do
in
the
internal
audit
arena?
Well,
first,
generally,
is
a
continuous
public
safety
risk
assessment.
If
you
think,
back
several
years
ago
after
the
murder
of
george
floyd,
internal
audit
did
a
rapid
risk
assessment.
Looking
at
law
enforcement
operations,
public
safety
arena,
this
was
prior
to
the
department
of
justice
and
state
department
of
human
rights
involvement.
F
Out
of
that
came,
the
field
training
officer
program
audit,
along
with
a
number
of
others,
you'll,
hear
reports
back
on
that,
but
this
this
position
would
be
responsible
for
engaging
in
this
continuous
public
safety
risk
assessment.
Looking
at
the
public
safety
operations
assessing
and
adding
recommending
additions
to
the
audit
plans
specifically
related
to
public
safety,
internal
audit
does
an
enterprise
risk
assessment.
So
we
we
are
always
assessing
risk
in
internal
audit,
but
our
our
mission
is
the
entirety
of
the
city,
not
just
one
one
specific
unit.
F
We
know
that
that
one
unit
generate
public
safety
generates
a
lot
of
work.
So
when
we're
doing
the
enterprise
risk
assessment,
it's
difficult
to
hone
in
and
just
spend
all
our
time
on,
that
this
position
could
spend
a
significant
more
because
they're
dedicated
to
that
assessing
risk
and
modifying
the
plan.
F
And
again
I
mentioned
that
rapid
risk
assessment
in
2020
that
generated
a
lot
of
work.
We
don't
necessarily
have
the
capacity
to
do
all
the
work,
but
we
know
the
risk
is
there
and
we
know
it's
it's
important
to
do
so.
This
position
provides
updated,
specific,
timely
information
on
public
safety
risks
that
an
enterprise-wide
risk
assessment
would
not.
F
The
work
would
be
reported
publicly
via
the
audit
committee,
knowing
well
full
well
that
some
of
the
information
may
be
confidential,
but
we
have
a
process
for
for
you
receiving
non-public
and
confidential
information,
and
then
we
also
know
that
new
and
high-risk
systems
through
this
position
could
receive
ongoing
audit
support
and
that
that
is
the
public
safety
auditor
discussion.
If
you
would
like
additional
information,
there
are
comparable
jurisdictions.
It's
something
we
looked
at
to
kind
of
inform
us
about
what
this
might
look
like
and
I'm
happy
to
answer.
Questions
related
to
it.
C
Thank
you,
madam
chair
yeah,
I'm
wondering
if
you
could
just
speak
to
a
concept
of
the
scope
of
the
public
safety
auditor.
So
you
know,
as
we
learned,
that
the
police
department
has
their
own
auditing
function.
It
seems
that,
like
there's
a
distinction
between
auditing
and
quality
analysis,
and
then
you
know
even
going
back
to
our
park
boards
body,
one
camera,
you
can
audit
for
compliance
of.
Just
you
know
security
access,
but
you're,
not
necessarily
auditing,
for
are
they
turning
the
cameras
on
and
you
know,
you're,
not
auditing.
C
You
know
what
types
of
behaviors
are
captured
on
camera
and
then
doing
an
analysis
there.
So
I'm
just
curious.
If
you
could
just
kind
of
high
level
talk
about
what
that
scope
might
be,
would
it
be
more
at
the
compliance
level
or
would
it
actually
aspire
to
get
into?
You
know
spot
checking
to
make
sure
that
one-on-one
interactions
are.
You
know,
following
our
policies
and
procedures.
F
Certainly-
and
I
I
can't
necessarily
speak
to
the
police
departments,
how
they're
going
to
structure
their
staff
doing
it.
I
know
I
know
the
audit
standards
as
outlined
by
the
red
book.
The
in
you
know
the
international
standards
that
we
follow
and
we
meet
that
criteria.
So
that's
how
we
perform
our
audit
work,
the
the
way
we
choose
audits
and
the
way
that
we
build
our
risk-based
audit
plan
is.
We
are
doing
kind
of
deep
dives
with
business
units
on
what
activities
they
engage
in
and
we're
assessing
how
much
risk
lies
there.
F
So
what
is
the
likelihood
and
severity
of
the
negative
event
occurring
and
when
we
rate
something
as
high
risk,
we
tend
to
spend
audit
time
there.
So
compliance
is
one
one
of
many
types
of
audits
that
are
done
and
park
board
body.
Worn.
Camera
audit,
I
think,
is
a
good
example
of
a
compliance,
strict
compliance
audit.
Where
we're
looking
at,
we
have
clearly
defined
standards.
Do
they
meet
those
standards?
The
majority
of
the
audit
work
that
you
get
back
from
us
goes
beyond
compliance
and
we're
really
looking
at
program.
F
Efficacy,
efficiency,
whether
or
not
there
are
appropriate
controls
in
place
to
make
sure
that
those
big
negative
events
don't
occur
so
the
public
safety
audit
position
or
a
public
safety
audit
work,
whatever
whatever
this
work
looks
like
is
going
to
be
more
broader
than
compliance
audits,
because
that's
that's
one
small
piece
of
the
pie:
the
full
pie
includes
everything
from
reputational
risk
to
public
safety,
risks
and
stuff,
like
that,
so
it
goes.
It
goes
pretty
far
beyond
just
that
that
compliance
angle.
D
F
F
The
report
back
shows
that
this
is
a
position
or
positions
that
dedicate
resources
specifically
to
this,
and
if
we
look
at
like
you
saw
in
the
risk
assessment,
you
can
look
at
activities
in
the
city
on
the
spectrum
of
low
risk
to
very
high
risk
and
in
the
high
risk
bucket
typically
tends
to
fall.
Public
safety
operations,
financial
transactions,
contracting
and
I.t,
and
cyber
security
are
just
to
pick
a
handful
of
things.
F
You
want
to
spend
as
much
of
your
audit
time
addressing
enterprise
risk,
so
we
can't
just
spend
as
general
auditors
all
of
our
time
in
one
specific
field,
despite
the
fact
that
there
may
be,
you
know
pro
more
than
enough
projects
to
spend
our
entire
audit
cycle
working
on
those
and
those.
So
there
are,
you
know
the
niche
fields
of
say
cyber
security
auditors,
who
that
is
their
their
entirety,
of
their
job
works
on
cyber
security,
testing
and
stuff,
like
that,
and
you
see
us
employ
them
like.
F
We
did
for
some
body-worn
camera
audits
and
some
it
work.
You
need
those
niche
specialties.
We
know
that
in
other
jurisdictions,
who've
also
assessed
their
public
safety
risk
as
high.
What
they've
done
to
address
that
is
is
putting
auditors
in
the
audit
shop
that
spend
the
entirety
of
their
time
working
on
public
safety
risks,
so
getting
getting
a
better,
more
comprehensive
picture
of
the
risks
involved
in
current
activities
in
public
safety
and
then
auditing
based
on
those
identified
risks.
I
can't
per
our
the
way
we
operate
an
internal
audit.
F
Currently
it
wouldn't
be
appropriate
for
us
to
just
focus
on
one
department
and
spend
all
of
our
time
there.
We,
the
enterprise,
is
broad
and
everyone
from
communications
to
intergovernmental
relations
to
regulatory
services.
All
merit
some
level
of
audit
involvement,
so
I
can't
dedicate
full-time
resources
to
just
public
safety,
but
it
would
make
one
could
see
how
it
makes
sense
to
add
that
function
to
internal
audit,
just
based
on
the
unique
risk
that
public
safety
functions
pose.
J
Thanks,
madam
chair,
a
quick
question,
you
mentioned
that
all
public
safety
functions
would
be
considered.
Could
you
I'm
just
kind
of
curious
to
know?
Would
the
audit
be
limited
to
the
community
safety
department
that
would
be
that's
going
to
be
defined
under
the
new
restructure
or
could
those
could
we
audit
beyond
and
reach
beyond
that
sata
311
or
regulatory
services.
F
Chair
palmisano
committee
member
koski,
if
it
relates
to
public
safety,
I
think
one
could
make
the
argument
that
it
would
fall
into
the
public
safety
auditor
role.
I'd
note
that
we
do
have
a
staff
we
we
perform
public
safety
audits
on
a
regular
basis,
so
one
could
define
the
public
safety
auditor
as
a
sign
to
auditing
risks
under
let's
say
a
department
of
community
safety,
but
that
wouldn't
prohibit
any
of
the
current
auditors
from
working
on
things
outside
of
that.
F
So
if
there
are
regulatory
service
needs,
maybe
they're
tied
to
public
safety,
and
perhaps
the
the
two
authors
can
work
together,
as
we
always
do
on
audit
projects,
and
things
like
that.
So
I
don't
think
we
have
to
worry
about
not
having
bodies
outside
of
the
the
current
proposed
department
of
community
safety
or
whatever.
Whatever
comes
out
of
the
government
structure,
change
not
getting
audit
attention,
it
wouldn't
prohibit
us
from
using
resources
on
that.
E
You,
I
think,
related
to
that,
under
this
proposed
structure,
would
the
rest
of
the
audit
shop
be
precluded
in
any
way
from
conducting
public
safety
audits?
Like
would
all
public
safety
audits
need
to
come
through
that
one
or
more
people
who
who
have
been
assigned
the
public
safety
auditor
function.
F
Like
our
current
internal
audit
staff
can
perform
public
safety
audits,
we
do
cyber
security
work
while
at
the
same
time
employing
vendors
to
do
that.
So
I
I
and
we
always
have
more
than
one
auditor
working
on
a
project,
so
this
is
dedicated
resources
to
that
that
sphere,
it
doesn't
would
not
preclude
the
rest
of
the
audit
team
from
also
working
on
projects
related
to
that,
and
some
of
that
is
based
on
capacity
skill
set
familiarity
with
the
subject
matter.
J
J
A
Director,
patrick,
could
you
just
tell
us
a
little
bit
about
some
of
the
different
cities
that
you've
studied
and
what
you
found
particularly
relevant,
or
notable
about
some
of
the
other
structures
with
I'm
not
asking
for
an
exhaustive
list
of
all
the
places
that
you've
looked
in
research.
But
I
know
that
I
have
in
the
longer
ago
passed
and
I'm
just
curious
what
you
have
seen
as
appropriate
peer
cities
to
take
a
look
at
certainly.
F
Thank
you,
chair
palmisano,
so
I
think
aurora
colorado
is
an
example,
king
county
washington,
los
angeles,
portland,
oregon
and
seattle,
as
well
as
generalem
up
top
my
head.
There
are
more
so
there
there
are
a
couple
different
ways.
You
see
this
function
playing
out
in
other
cities.
Aurora
is
a
good
example
because
they
place
they
have
a
specific
public
safety
auditor
shop
within
their
internal
audit
department
and
a
similar
government
structure.
Their
audit
performs
audits
in
compliance
with
the
standards
to
an
audit
committee
and
whatnot.
F
So
that's
that's
a
good
analog
to
what's
what's
happening
in
minneapolis
with
the
the
way
the
government
is
structured
and
that's
something
you
see
in
other
places
as
well.
So
that's
that's
one
model.
Is
you
use
the
internal
audit
function
but
dedicate
specific
specialty
resources
to
that
to
perform?
You
know
public
safety
oversight.
F
Other
places
have
a
different
body,
so
they
might
have
an
oversight
commission
or
something
of
that
nature
where
quasi
audit
work
is
done
so
work
that
looks
similar
to
an
audit
but
isn't
necessarily
the
same
as
a
normal
audit
doesn't
follow.
The
same
standards
might
be
reported
to
an
oversight
board
but
achieves
a
similar
effect
where
you're
doing
broader
level
oversight
based
on
risk
in
public
safety
operations.
F
There
are
places
that
have
kind
of
dual
systems.
Internal
audit
might
do
some
work.
The
police
department
has
its
own
quality
assurance
or
or
audit
staff
that
work
in
it.
So
their
la
is
an
example
of
where,
where
they
kind
of
do
both,
so
you
have
the
independent
look
and
you
have
the
police
department's
own
look.
A
A
F
F
So
this
is
a
a
monitor
that
is
outside
of
the
city
government
structure
reports
through
a
different
system
to
assess
compliance
with
the
consent
decree.
So
that's
a
that's
a
limited
role,
then
they're
doing
oversight,
work
they're,
looking
at
the
activities
of
a
city
that
is
under
consent
decree,
that's
that's!
The
scope
of
their
work
is
monitoring
progress
and
compliance
with
the
consent
decree.
F
You
see
them
the
independent
monitors,
often
what
they're
called
and
then
sometimes
that
that
function
is
broadened
out
and
becomes
a
more
general
oversight
system
for
a
police
department.
So
it
expands
kind
of
beyond
the
scope
of
just
looking
at
the
consent
decree,
but
that
was
a
that
is
how
some
of
these
systems
were
were
born
was
through
consent,
decrees,
recognizing
a
need
for
a
macro
level
oversight.
Look
at
law
enforcement
operations.
A
C
C
F
Chair
palmisano
committee
member
payne
I'd,
I
mean
the
two
spheres
of
work:
the
work
of
the
opcr
and
the
police,
conduct
oversight,
commission
and
internal
audit.
Don't
they
overlap
in
the
sense
that
they
both
look
at,
can
look
at
operation
like
public
safety
operations,
opcr.
That's
again,
looking
at
the
police
department,
public
safety,
auditor,
the
entirety
of
public
safety
operations.
So
that's
one
big
distinction
there
opcr
can
perform
research
and
study
work
along
with
you
know
its
support
of
the
police
conduct
oversight.
Commission
that
work
bears
similarities
to
audit
work.
F
It's
not
not
exactly
the
same
so
this
this
process
that
can
react
to
ongoing
events.
It's
a
bit
more
of
a
streamlined,
quick
ability
to
assess
an
issue
at
hand.
So
that's
it's
pretty
distinct
for
mod
at
work
where
we're
talking
about
doing
a
comprehensive,
risk-based
assessment,
building
an
annual
audit
plan
performing
tests
with
regularity.
F
C
And
I
know
that
pcoc
has
always
historically
had
a
challenge,
getting
access
to
data
and
navigating
data
practices,
laws
when
it
comes
to
some
of
their
work.
Is
there
a
potential
for
pcoc
to
have
me
at
least
some
mediated
access
to?
You
know
deeper
data
through
the
auditor
and
using
the
audit
process
as
a
way
of
kind
of
bridging
that
those
data
practices,
restrictions
that
can
still
allow
the
pcoc
to
do
their
work
is
that
a
potential
opportunity.
F
The
information
gathered
during
the
risk
assessment
helps
inform
what
might
go
on
the
audit
plan,
so
it
doesn't
dictate
it.
You
know
the
the
only
party
that
approves
the
risk-based
audit
plan
is
the
audit
committee
and
that's
proposed
by
the
auditor,
so
they
could
have
input
and
and
see
their
input
translated
into
audit
work
performed
by
internal
audit
and
that
work
can
be
reported
back,
so
they
they
have
access
to
the
information
that
the
audit
committee
does.
Just
through
our
reports
and
whatnot.
F
We
have
the
free,
full
and
unrestricted
access
to
information.
So
when
we're
perf
as
long
as
we're
working
within
the
confines
of
our
audit
standards
and
it's
attached
to
an
audit,
you
know
we're
entitled
to
access
to
that
information
to
perform
our
work.
That's
what
that's!
What
allows
us
to
you
know,
perform
quality
testing
and
really
get
into
the
the
nuance
of
an
issue.
F
I
Thank
you.
Thank
you.
You
know,
I
think
what
I'm
hearing
from
some
other
people
here
on
the
dias
is
that
you
know
the
there's
some
interest
in
other
types
of
oversight,
of
course,
for
public
safety.
But
it
seems
to
me
that,
even
though,
for
example,
the
park
board
body
worn
camera
result
is
kind
of
dry,
you
know,
but
I
think
it
also
speaks
to
looking
at
this
stuff
and
finding
early
indications
that
maybe
a
department
is
not
performing
well.
So
I
think
that's
a
really.
This
is
to
me
a
really
positive
idea.
I
The
other
thing
that
I
think
is
a
real
opportunity
and
it's
you
know
just
dawning
on
me-
I'm
not
a
member
of
the
city
council,
but
that
the
independence
of
the
audit
committee,
as
going
forward,
especially
I
think,
is
a
real
opportunity
to
put
this
role
in
that
department
or
in
that
unit
or
entity.
So
I
just
wanted
to
make
those
comments.
Thank
you.
Thank
you.
E
E
If
that
position
is
created
to
in
a
sense,
provide
context
for
pcoc,
especially
on
what
the
highest
risk
areas
are
for
any
public
safety
audits
that
involve
mpd
and-
and
I
think,
as
a
way
for
the
pcoc
to
be
grounded
in
that
audit
context
of
of
where
the
risk
lies
and
then
be
able
to
move
forward
with
projects
that
might
not
be
an
official
audit
but
might
be
like
you
were
saying,
a
quicker
way.
More
more
quickly
react
to
any
emerging
issues.
I'm
wondering
if
there
have
been
any
discussions
with
opcr
pcoc
around
this.
F
F
F
Yeah,
to
your
point,
I
think
providing
a
risk-based
assessment
of
where
issues
lie
in
the
police
department
were,
as
internal
audit
never
going
to
be
able
to
address
every
project
and
everything
that
we
we
see
there.
But
it
is
additional
information
and
information
back
to
any
relevant
body
in
the
city
that
these
are
areas
that
might
be
worth
spending
time
on.
F
You
had
two
completed
audits
back
today.
I
won't
reiterate
them
communications
and
park
board
body,
worn
camera
talk
about
kind
of
the
work
in
flight.
First
is
a
hiring
and
promotions
process
audit.
So
this
is
a
pretty
massive
effort
underway.
My
team
is
working
pretty
hard
on
this.
It's
quite
complex,
but
it's
looking
at
the
entirety
of
the
hiring
and
promotions
process,
specifically
processes
and
controls
related
to
hiring
and
promotion,
to
ensure
that
they're
operating
efficiently
and
sufficiently
to
attract
and
retain
staff.
F
So
if
you
recall
back
to
our
risk
assessment,
noting
that
employer
retention
and
onboarding
and
those
types
of
things
were
represented,
some
of
the
highest
risks
at
the
activity
highest
risk
the
city
was
facing
because
we're
losing
staff
we
need
to
replace
positions
that
are
vacant
or
as
a
retirement
wave.
These
are
people
are
familiar
with
the
context
in
which
this
is
happening.
F
H
F
And
feel
free
to
answer
questions
throughout
this
part
of
the
presentation
jumps
around
a
bit
next
project.
We're
working
on
right
now
is
internal
investigations,
process
audit,
so
we're
reviewing
the
city's
process
for
receiving
and
investigating
internal
complaints,
to
ensure
consistency
and
adequacy
of
investigations,
we're
in
planning
stage
on
this
as
well,
we're
going
to
be
requesting
process,
documentation
and
doing
walkthroughs
with
the
relevant
staff
so
that
we
can
finish
our
scoping
and
again
hoping
to
start
field
work
on
this
project
in
may.
F
What
we're
looking
at
specifically
here
is
not
the
grants
management
team,
because
that
a
team
exists
in
finance
who
does
that
work?
It's
the
work
is
not
fully
centralized.
Some
departments
manage
their
own
grants.
We've
worked
with
the
grant
management
team
in
the
past,
we've
worked
with
cped
in
the
past,
who
does
some
of
their
own
grant
management.
Now
this
is
looking
at
other
entities
in
the
city,
specifically
on
their
grant
management
outside
of
the
normal
grants
management
process.
F
F
We
have
our
longer
term
opcr
body,
worn
camera
audit
process,
so
that
that
is
something
that
came
out
of
the
state
department
of
human
rights
recommendations
was
that
the
office
of
police
conduct
review
do
some
kind
of
qualitative
review
of
body,
worn
camera
videos
and
so
upon
request
from
that
department.
We've
we've
been
assisting
them
when
they
need
help.
So
this
is
just
a
long
kind
of
ongoing
project
as
they
go
about
setting
that
up.
F
F
F
Talk
some
about
prior
audit
issue
follow-up,
so
the
first
relates
to
the
field
officer
field,
training,
officer
program,
the
fdo
program.
You
received
a
report
back
last
year,
where
we
consulted
with
the
fto
program,
issued
a
number
of
recommendations
for
changes
to
that
those
are
coming
due.
That
kind
of
the
timelines
are
starting
to
solidify
on
that,
and
so
we
received
an
update.
Last
week
we
haven't
seen
per
se
the
materials
we
we
got
a
pretty
detailed
list
and
explanation
of
of
what
activities
they've
engaged
in
this
isn't
an
this
wasn't
an
audit.
F
This
was
a
consultation,
but
there
were
recommendations
and
they're
reporting
back.
Similarly,
we
just
it's
it's
different
than
a
normal
audit,
a
consultation
so
what
they
reported
that
they've
completed
you
see
outlined
on
the
slides.
It's
a
lot
of
work
that
has
come
back
manuals
expectations,
they've
implemented
a
whole
new
software
tool
that
will
help
track
and
kind
of
improve
their
record.
Keeping
they've
now
started
wearing
a
patch
or
insignia
so
that
you
can.
Anyone
can
recognize
this
person
as
an
fto.
F
And
they've
been
working
with
their
fto
coordinators
and
precinct
supervisors.
If
you
recall
back
during
the
project,
one
of
the
issues
that
we
found
were
kind
of
stand-in
fto
and
a
lack
of
coordination
between
the
central
training
unit
and
the
people
working
in
the
field.
That
process
they've
they've
now
outlined
a
more
coherent
process
for
that
and
create
a
performance
review
process
for
field
training
officers
wasn't
something
that
existed
before
and
now
they've
updated
a
lot
of
their
records
and
forms
to
to
match
the
newer
values.
F
They're
working
on
quarterly
training
topics,
although
they
have
the
2022
plan
outlined
already,
but
establishing
a
long-term
training
vision
for
field
training
officers,
they're
working
on
in
progress
on
getting
internal
and
external
stakeholder
feedback,
to
revise
the
evaluation
form
and
providing
updated
evaluation
training.
So
that's
gonna
be
an
ongoing
thing
for
the
next
year
and
they're.
Exploring
incentive
pay
for
being
the
their
ftos
currently
get
some
incentive
pace,
so
they're
exploring
kind
of
industry
best
practices
on
what
that
looks.
Like.
F
We
had
one
audit
issue
closed
since
the
last
meeting.
2019
contract
amendments,
audit
phase,
one
issue:
two
was
closed.
The
department
accepted
the
risk
involved
in
the
activity.
We
have
five
open
audit
issues,
seven
overdue
audit
issues
and
we're
validating
two.
Currently,
the
audit
reports
with
open
audit
issues
are
quite
similar
to
the
ones
you've
seen
at
the
last
meeting.
F
F
We
have
police
off-duty
audit
issues
open
that
the
work
group
has
been
working
on
they're
lingering
contract,
amendment
audits,
the
park
board,
grant
administration
process
audit
and,
of
course,
from
last
year
end
of
last
year.
We
have
the
personal
and
work
issued
mobile
device
policies
and
controls
audit.
Those
are
in
progress
so
that
we
will
anticipate
having
an
update
should
have
mentioned
in
the
fto
section
that
it
perhaps
by
the
june
meeting
it
would
be
valuable
to
have
someone
from
that
program
actually
specifically
talk
about
their
progress
and
whatnot.
F
D
F
Thank
you,
chair,
palmisano
and
committee
member
fisher.
This
was
a
consultation,
so
our
follow-up
on
progress
is
a
bit
different
than
it
would
be
in
an
audit
say
with
open
audit
issues.
They
there
were
a
number
of
findings
in
that
report
and
obviously
they're
undertaking
a
lot
to
get
that
program
up
to
new
standards.
That
came
resulted
from
the
fdo
consultation,
perhaps
once
those
are
in
place.
F
A
So
I
remember
being
surprised
at
the
number
of
officers
that
were
field
training
officers
a
couple
years
ago
in
proportion
to
the
size
of
our
force.
It
was
a
sizable
number
of
trainers
and
I'm
just
curious
what
the
needs
are
now,
if
you
don't
have
that
information,
I
don't
expect
you
would
know
it
off
the
top
of
your
head,
but
I
was
just
curious.
F
J
F
Coming
on
board
the
more
people
you're
hiring
the
more
ftos
you
need,
and
if
you
recall
yes
during
the
presentation,
it
was
this
kind
of
a
sizable
number
of
the
the
percentage
of
the
police
department
that
was
required
to
make
sure
that
they
were
rotating
qualified
people
through
the
fto
program
and
not
using
the
same
limited
number
of
ftos
for
long
periods
of
time.
The
burnout
issue
was
one
that
was
noted
in
the
report
and
they've
taken
some
steps
to
address
that.
A
A
We
do
a
precinct,
precinct-specific
system
and
I'm
not
convinced
that
that's
the
best
way
to
manage
a
a
force
like
that,
and
I
will
be
curious
what
what
kinds
of
considerations
we're
going
are
have
been
looked
at
in
regards
to
how
we
run
our
current
field,
training
officer
program.
So
thank
you
if
you
would
carry
that
request
forward.
E
Thank
you,
chair
homizano.
Looking
at
the
open
audit
issues,
I
see
that
we
still
have
three
high
risk
issues
from
the
police
off
duty
audit,
and
I
know
you
mentioned
that.
There's
a
work
group
working
on
those
issues.
Could
you
expand
on
the
work
that
they're
doing
a
little
bit
more
and
if
there
are
any
timelines
that
you
could
offer.
F
Chair
paul
masano
committee,
member
singleton,
I'm
not
fully
up
to
date
on
the
work
of
the
work
group.
I
know
at
the
last
meeting
in
in
a
brief
discussion,
there
was
rfp
for
a
new
system
that
would
help
track.
Since
then,
I
believe
there
have
been
some
developments
and
a
look
by
the
city
at
how
off-duty
is
managed
in
general
whether
the
current
way
it's
managed
is
the
right
way
to
manage
it.
I
can't
speak
to
the
contents
of
that.