The URL can be used to link to this page

07 24 2018 Agenda Packet AGENDA YELM CITY COUNCIL MEETING TUESDAY, JULY 24, 2018, 6:00 P.M. Website Viewing: Clicking on agenda items will open associated documents including staff reports, resolutions, ordinances, etc. Note: some agenda items may not have attachments. Call to Order - 1. 2. Roll Call - Agenda Approval - ACTION 3. Special Presentations Potential uses for current city hall building 4. Boys and Girls Club VFW American Legion 5. Public Comment - the meeting recorder. For items NOT on the agenda, comments will be welcomed at this time. For items on the agenda, comments will be welcomed at the scheduled time of that agenda item. Consent Agenda: ACTION 6. a. Minutes: Regular Meeting Minutes June 26, 2018 Payables: Check #1332 Check #1626 Totaling $2,102,914.09 b. 7. Public Hearing none scheduled 8 New Business: a. Ordinance No. 1046, Modifying Title 5 Business License ACTION Presenter: Finance Director, Joe Wolfe Attachments: Staff Report, Ordinance No. 1046 Internal Audit Engagement Letter ACTION b. Presenter: Finance Director, Joe Wolfe Attachments: Staff Report, Engagement Letter c. Ordinance No. 1047 Budget Amendment ACTION Presenter: Finance Director, Joe Wolfe Attachments: Staff Report, Ordinance No. 1047 Old Business: none scheduled 9. Department Updates by City Administrator, Michael Grayum 10. Council and Mayor - 11. Councilmember Curry represents Yelm on the following committees: Senior Center Thurston County Solid Waste Advisory Committee (SWAC) Yelm Finance Department Yelm Public Safety Committee Committee Authority Liaison Councilmember Carmody represents Yelm on the following committees: Intercity Transit Authority Yelm Finance Department Committee Yelm Community & Economic Development Committee Nisqually River Council Thurston County Courthouse Advisory Committee Councilmember Colt represents Yelm on the following committees: S. County Yelm General Government Committee Yelm Community & Economic Development Committee Councilmember Stillwell represents Yelm on the following committees: Thurston County EDC Council Emergency Operations Board Yelm General Government Yelm Public Safety Committee Committee Thurston County Law & Justice Council Councilmember Wood represents Yelm on the following committees: Thurston Regional Planning Yelm Public Works Committee Board Committee TComm 911 Admin Board Councilmember DePinto represents Yelm on the following committees: South Thurston Economic Yelm Public Safety Committee Development Initiative group Hazardous Weather Task Force (STEDI) Yelm Finance Committee Councilmember Kaminski represents Yelm on the following committees: Yelm Public Works Committee Thurston Thrives Coordinating Council Yelm Economic Development Committee Mayor Foster represents Yelm on the following committees: Community Investment Yelm Emergency Operations Partnership (CIP) Board South Sound Military and Thurston Regional Planning Community Partnership (SSMCP) Council Board (Elected Officials Council) RMSA Board 12. Executive Session none scheduled 13. Correspondence - (Correspondence is available upon request). Nisqually River Council letter dated June 28, 2018 14. Adjourn Upcoming Meetings: Study Session Meeting, Tuesday, August 7, 2018, 6:00 pm, Public Safety Building City Council Meeting, Tuesday, August 14, 2018, 6:00 pm, Public Safety Building City Council Meeting, Tuesday, August 28, 2018, 6:00 pm, Public Safety Building MEETING INFORMATION All regular Yelm City Council meetings are audio recorded. A $5.00 per CD (prepaid) fee is required. For information about obtaining a copy of the proceedings, please call 360.458.8402. Public comments are welcome. However, in order to proceed with scheduled agenda items the allowable time per speaker is limited to three (3) minutes and the number of speakers is limited to five (5). Public Comments related to items not on the agenda will be welcomed during the Public Comment period. Public Comments related to items on the agenda, will be welcomed at the scheduled time of that agenda item. reasonable accommodations for people with disabilities. If you are a person with a disability and in need of reasonable accommodations to conduct business or participate in government processes or activities, please contact Lori Mossman, at 360.458.8402 at least four (4) working days prior to the scheduled event. The City of Yelm is an equal opportunity provider and employer. The Preliminary Agenda and Approved Council Minutes are available at www.yelmwa.gov. For information on the Americans with Disabilities Act and the Title VI Statement, click this link: http://www.ci.yelm.wa.us/human-resources/. Agenda Item 6. a. Minutes Page 1 of 3 YELM CITY COUNCIL REGULAR MEETING TUESDAY, JULY 10, 2018 MINUTES PUBLIC SAFETY BUILDING 206 MCKENZIE AVE. YELM, WA 1. Mayor Foster called the meeting to order at 6:00 p.m. 2. Roll Call Present: EJ Curry, Molly Carmody, Cody Colt, Tad Stillwell, Joe DePinto and Terry Kaminski. Absent: Tracey Wood. 18-085 MOTION BY MOLLY CARMODY TO EXCUSE TRACEY WOOD FROM THE MEETING. SECONDED BY TAD STILLWELL. 6-0, MOTION CARRIED. 3. Agenda Approval 18-086 MOTION BY MOLLY CARMODY TO APPROVE THE AGENDA WITH THE AMENDMENT TO THE JUNE 24, 2018 MINUTES TO INCLUDE THAT COUNCILMEMBER DEPINTO ARRIVED IN PERSON TO GIVE HIS COUNCIL INITIATIVE. SECONDED BY EJ CURRY. 6-0, MOTION CARRIED. 4. Special Presentations- none scheduled 5. Public Comment- Suzie LeFurgey spoke on Homelessness. James Blair spoke on unmarked patrol cars and single use plastics. Victoria Mattoon spoke on fireworks and speed bumps. 6. Consent Agenda a. Minutes Regular Meeting Minutes June 26, 2018. b. Payables: 18-087 MOTION BY MOLLY CARMODY TO AMEND THE JUNE 26, 2018 MINUTES TO INCLUDE THAT COUNCILMEMBER JOE DEPINTO WAS PRESENT IN TIME TO GIVE HIS COUNCIL REPORT. SECONDED BY EJ CURRY. 6-0, MOTION CARRIED. 7. Public Hearing Resolution No. 593, 2019-2024 Six Year Transportation Improvement Plan Mayor Foster opened the Public Hearing at 6:21 pm and Public Works Director Chad Bedlington gave a presentation. Mayor Foster closed the Public Hearing at 6:50 pm. 8. New Business a. Resolution No. 593, 2019-2024 Six Year Transportation Improvement Plan 18-088 MOTION BY MOLLY CARMODY TO ADOPT RESOLUTION NO. 593 ESTABLISHING THE 2019 2024 SIX YEAR TRANSPORTATION IMPROVEMENT PLAN FOR THE CITY OF YELM. SECONDED BY EJ CURRY. 6- 0, MOTION CARRIED. 9. Old Business none scheduled 7-10-18 Agenda Item 6. a. Minutes Page 2 of 3 10. Department Updates by City Administrator Michael Grayum- Updates given by Mayor Foster. 11. Mayor and Council Initiatives Councilmember Carmody reminded everyone of the upcoming Seattle to Portland this Saturday and to drive carefully with 10,000 cyclists in town. Councilmember Carmody encouraged the General Government Committee to work on creating a Homeless Task Force issue. Councilmember Stillwell is unable to attend the Thurston County Law & Justice Council meeting and will send out an email to see if anyone is available to attend in his absence. Councilmember DePinto asked for the General Government Committee to address the Homeless Task Force issue. City Administrator Michael Grayum and Community Development Director Grant Beck did a great job speaking to the Joint Legislative Task Force on Water Resource Mitigation. Councilmember DePinto would like to see the Fireworks issue be brought to an upcoming Study Session. Councilmember Kaminski attended the Thurston County Chamber Luncheon at the Yelm Community Center. Mayor Foster thanked Councilmember Tracey Wood for his role as Mayor Pro- Tem while Mayor Foster attended the Association of Washington Cities Conference in Yakima. Mayor Foster Chaired the Thurston Regional Planning Council Board meeting, participated in the Justin Norton Fundraiser, reminded everyone that the Annual Water Quality report is in the mail, the Seattle to Portland (STP) will take place this Saturday, two applications have been accepted for the 2018 Lodging Tax money, Chat with the Chief will be Wednesday, July 11 at 1:00 pm at Mr. nd the 2 Annual UFO Festival is Friday Sunday, July 27-29, nd the 2 Annual Jazz Festival is Saturday, August 4 from 5:00 pm- 11:00 pm and National Night Out is August 7, 5:00 pm-7:00 pm. 12. Executive Session none scheduled 13. Correspondence included 18-089 MOTION BY CODY COLT TO ADJOURN. SECONDED BY MOLLY CARMODY. 6- 0, MOTION CARRIED. 14. Adjourned 7:05 pm. __________________________ Attest: _________________________ JW Foster, Mayor Lori Mossman, City Clerk 7-10-18 Agenda Item 6. a. Minutes Page 3 of 3 These minutes record the official actions of the Yelm City Council. Complete recordings are available on the city website at www.ci.yelm.wa.us. 7-10-18 Agenda Item 6. b. Payables Page 1 of 32 VOUCHER APPROVAL FORM The following is a list of checks approved for payment at Tuesday, July 24th council: Payroll June 20th Draw $28,000.77 Payroll July 5th $207,726.70 Payroll A/P Checks, EFTs, & Drafts $226,409.09 A/P Checks, EFTs, & Drafts$1,636,882.92 Utility Refunds$3,894.61 TOTAL$2,102,914.09 Timberland Bank check number 1322 through check number 1626. Check dates 6/21/2018 through 7/16/2018 ____________________________ /_______________________________/________________________________ Mayor Council member Council member ____________________________/________________________________/________________________________ Council member Council member Council member ____________________________/_______________________________ Council member Council member CITY CLERK:___________________________________________ ATTEST: The above checks approved and signed by a majority of the Yelm City Council, are hereby approved for payment passed on a motion by______________________________________________at a regular council meeting held this 24th day of July 2018. 32 of 2 Payables b. Page 6. Item Agenda 32 of 3 Payables b. Page 6. Item Agenda 32 of 4 Payables b. Page 6. Item Agenda 32 of 5 Payables b. Page 6. Item Agenda 32 of 6 Payables b. Page 6. Item Agenda 32 of 7 Payables b. Page 6. Item Agenda 32 of 8 Payables b. Page 6. Item Agenda 32 of 9 Payables b. Page 6. Item Agenda 32 of 10 Payables b. Page 6. Item Agenda 32 of 11 Payables b. Page 6. Item Agenda 32 of 12 Payables b. Page 6. Item Agenda 32 of 13 Payables b. Page 6. Item Agenda 32 of 14 Payables b. Page 6. Item Agenda 32 of 15 Payables b. Page 6. Item Agenda 32 of 16 Payables b. Page 6. Item Agenda 32 of 17 Payables b. Page 6. Item Agenda 32 of 18 Payables b. Page 6. Item Agenda 32 of 19 Payables b. Page 6. Item Agenda 32 of 20 Payables b. Page 6. Item Agenda 32 of 21 Payables b. Page 6. Item Agenda 32 of 22 Payables b. Page 6. Item Agenda 32 of 23 Payables b. Page 6. Item Agenda 32 of 24 Payables b. Page 6. Item Agenda 32 of 25 Payables b. Page 6. Item Agenda 32 of 26 Payables b. Page 6. Item Agenda 32 of 27 Payables b. Page 6. Item Agenda 32 of 28 Payables b. Page 6. Item Agenda 32 of 29 Payables b. Page 6. Item Agenda 32 of 30 Payables b. Page 6. Item Agenda 32 of 31 Payables b. Page 6. Item Agenda 32 of 32 Payables b. Page 6. Item Agenda Agenda Item 8. a. Ordinance No. 1046, Amending Title 5 Business Licensing Page 1 of 15 City of Yelm STAFF REPORT To: Mayor JW Foster Yelm City Council From: Joseph Wolfe, Finance Director Yelm City Council Finance Committee th Date: July 12, 2018 (for July 24 City Council Meeting) Subj: Updates to the City of Yelm Municipal Business Licensing Code wĻĭƚƒƒĻƓķğƷźƚƓ City staff recommend adoption of ordinance 1046, amending Title 5 YMC to update the process and procedures to obtain business licenses through a combined license application and renewal process. The Department of Revenue Business Licensing System (BLS) will then facilitate all application and renewals. .ğĭƉŭƩƚǒƓķ In 1977, the Legislature created a combined business licensing service to streamline application and renewal of state business licenses. Since 1997, the service has also supported local business licensing. The present iteration of the state Business Licensing Service has been housed at Revenue since 2011. It is the clearing house for state an more than 25 state agency licensing programs and dozens of cities. In March 201, BLS completed its tax and licensing systems replacement to be even more responsive to both business and city needs. The web-based system interface provides real-time updates to license account and on-demand access to complete state tax and local license data. The user-friendly online portal for licensing is accessible to city staff once the secure access is approved. /ǒƩƩĻƓƷ {źƷǒğƷźƚƓ The City has historically managed the municipal business licenses process in the Administrative Services Department. The Finance Department took over management of the process in 2015, and has been issuing business licenses since that time. Engrossed House Bill 2005 passed unanimously in 2017. The bill, now codified as Chapter 35.90 RCW, requires three actions by cities with business licenses and local B&O taxes. The law: 1.Requires all cities with business licenses to administer their business licensing through the state's Business Licensing System (BLS) by 2027 or FileLocal by 2020; 2.Establishes a task force on local B&O tax service apportionment under RCW 35.102.130 to report to the Legislature by October 2018. July 19, 2018 Page 1 of 5 Agenda Item 8. a. Ordinance No. 1046, Amending Title 5 Business Licensing Ordinance No. 1046 Page 2 of 15 Modifying Yelm Municipal Business licensing Code 3.Requires cities with business licenses to establish a workgroup to create a model business license ordinance with a minimum threshold and a definition of "engaging in business" by July 2018 for adoption by all business license cities by January 1, 2019; The minimum threshold in the model ordinance would: Only apply to general business licenses, not regulatory licenses or other local taxes; Allow cities to require registration with no fee for businesses under the threshold; Not apply to businesses with a location in the city; and Apply a minimum threshold of $000 per year in the city. Department of Revenue and City staff recently reviewed the business licensing process and procedures set forth in Title 5 of the Yelm Municipal Code (YMC). This effort allowed us to update the existing municipal code in order to comply with the requirements of Chapter 35.90 RCW and do some clarification code. These changes provide the legal authority to administer their business licensing through the state's Business Licensing System and otherwise comply with the requirements of Chapter 35.90 RCW. Upon passage of this ordinance, the City of Yelm will be in line with the requirements of Chapter 35.90 RCW and a artners receive 100 percent of their license fees collected through BLS. Administration of business licensing through BLS will be provided at no charge to all local governments. Funding for BLS operations is produced by businesses paying a $19 application handling fee regardless of the number of licenses being requested, including the tax registration and other required licenses. The processing is included in that same $19. An $11 annual renewal processing fee is charged. It is limited to one $11 fee per business location per year whether the business has one license endorsement at the location or 100. All businesses already experience the $19 fee when they file their application, and most hold licenses requiring an annual renewal as well, making it a familiar, cost- effective, and streamlined process for businesses working in Washington State. .\[{ ĬĻƓĻŅźƷƭ Ʒƚ ĬǒƭźƓĻƭƭʹ One-stop online business licensing for hundreds of state and city registrations Intuitive licensing "wizard" for new applicants Fast online application and renewal - City limits locator (GIS) to ensure licensing with the appropriate city or cities On-demand license printing No trip to city hall Toll-free and online customer service .\[{ ĬĻƓĻŅźƷƭ Ʒƚ ƷŷĻ /źƷǤ BLS processes all applications and renewals Reduced printing/mailing costs Reduced city staff time Local regulatory control Increased compliance and revenue -party systems. For most cities, the Model Licensing Ordinance should be adopted by the city by October 17, 2018 with a January 2019 effective date. The City of Yelm is scheduled for early adoption of the new law on September Page 2 of 5 Agenda Item 8. a. Ordinance No. 1046, Amending Title 5 Business Licensing Ordinance No. 1046 Page 3 of 15 Modifying Yelm Municipal Business licensing Code 20, 2018, requiring passage of this ordinance now in order to meet business license fee change notice requirements. If the City does not complete partnership with BLS, it may no longer issue business licenses after December 2022. Page 3 of 5 Agenda Item 8. a. Ordinance No. 1046, Amending Title 5 Business Licensing Page 4 of 15 ğĬƌĻ Њ {ǒƒƒğƩǤ ƚŅ hƩķźƓğƓĭĻ /ŷğƓŭĻƭ Ʒƚ źƷƌĻ Ў ƚŅ ƷŷĻ Ļƌƒ aǒƓźĭźƦğƌ /ƚķĻ /źƷğƷźƚƓ /ƚƒƒĻƓƷƭ Added wording to indicate the occupational permit is separate from and in 5.02.010 K. addition to the business license. Added wording to indicate the Home Occupation permit is separate from and in 5.02.035 addition to the business license. 1.Changed the application process to have it directed through BLS; 2.Added wording to show the occupational permit and application is separate 5.02.040 from and in addition to the business license; and 3.Added wording to allow applying for the Home Occupation permit in conjunction with the business license application through BLS. Changed the establishing of the term of the license as being done through BLS and 5.02.050 A. & B. allowed for proration to synchronize the expiration date with the BLS record. Added wording to allow for the combined application of both the business license 5.02.060 D. and the home occupation permit. Added two new subsections to address the combined license application and 5.02.060 E. & F. renewal process charging fees for all licenses involved, as well as the BLS handling and late renewal fees. 5.02.070 Modified the preamble to allow for variable exemption applicability of the section. Changed the wording to exempt nonprofit businesses only from the license fee - with the intent to allow creation of a nonprofit city business license. Also changed 5.02.070 A. the required proof of status to allow for other IRS nonprofit categories other than being limited to just subparagraph (3). {{Note: If the decision is to note have a specific license for Nonprofits, this change is not required.}} Added wording to retain the original intent of this subsection as fully exempting 5.02.070 B. the activity form any license requirement. Added wording necessary to implement the new model license threshold 5.02.070 D. requirements. Added wording to specify the occupational permit is separate from and in addition 5.03.010 to the business license under chapter 5.02 Adding direction that the reference to the business license application as stated in 5.04.025 chapter 5.04 is that which is required to be submitted through BLS, as directed in chapter 5.02. Suggested to simply delete this section since the provisions for the term of the 5.04.030 license are given in chapter 5.02, as modified to accommodate the BLS process, and do not need to be repeated here. July 19, 2018 Page 4 of 5 Agenda Item 8. a. Ordinance No. 1046, Amending Title 5 Business Licensing Ordinance No. 1046 Page 5 of 15 Modifying Yelm Municipal Business licensing Code Table 1 Summary of Changes to Title 5 YMC Added wording to indicate the cabaret license is separate from, and in addition to 5.12.010 the business license under chapter 5.02. Clarified that the business license required of a TNC in this subsection is that from 5.18.030 A. chapter 5.02. Clarified that the business license required of a TNC driver in this subsection is that 5.18.030 B. from chapter 5.02. Clarified that the city TNC license is separate from and in addition to the business 5.18.040 A. license required of a TNC in 5.18.030 and chapter 5.02. 5.18.040 D. Added a designation that the TNC license fee is to be paid directly to the city. Added wording that the annual fireworks permit is separate from and in addition 5.32.040 A. to the a business license that may be required under chapter 5.02. 5.32.040 B. Changed the word "License" to read "permit" Redirected the reference to the business license as that as provided in chapter 5.40.020 5.02 (rather than 5.04). Modified the preamble to accommodate the business license application being 5.40.030 submitted through BLS under chapter 5.02. Suggesting to delete this subsection since it appears the licensing of Pawnbrokers is actually a regular business license, albeit requiring a police background investigation before issuance. But, as a regular business license application, 5.40.030 E. submitted through BLS, this particular item will not be collected through the BLS process. It is suggested that this could be included in the broad allowance being added to 5.40.040 (see next entry) Adding wording to accommodate the city clerk receiving information about an application rather than the actual application itself, and added a provision for the police chief to request additional information from the applicant to properly 5.40.040 complete the background investigation (intended to accomodate the deletion of 5.04.030 E. from the information to be gathered in the business license application). Also changed the term of the city clerk 'issuing' the license, to 'approving' the license \[issuance through BLS\]. Added wording that the adult entertainment licensing is separate from and in 5.52.040 A. addition to the business license that may be required under Chapter 5.02. Added wording that the adult entertainment individuals' licenses are separate from and in addition to a business license that may be required under chapter 5.52.050 A. 5.02 (in the event that an individual might be considered both a business owner needing a business license as well as an individual needing the individual's license provided for in the section). Page 5 of 5 Agenda Item 8. a. Ordinance No. 1046, Amending Title 5 Business Licensing Page 6 of 15 CITY OF YELM ORDINANCE NO. 1046 AN ORDINANCE OF THE CITY OF YELM AMENDING TITLE 5 OF THE YELM MUNICIPAL CODE, UPDATING BUSINESS LICENSING REQUIREMENTS AND PROCEDURES, AND ADOPTING THE NEW MODEL BUSINESS LICENSE ORDINANCE AS REQUIRED BY CHAPTER 35.90 RCW WHEREAS, the 2017 State Legislature passed Engrossed House Bill (EHB) 2005, requiring all cities with business licenses to administer their business licensing through the state's Business Licensing System (BLS); WHEREAS, EHB 2005, now codified as Chapter 35.90 RCW, requires Washington Cities and Towns with business licenses to create a model business license ordinance with a minimum threshold and a definition of "engaging in business"; and WHEREAS, the Department of Revenue and City staff recently reviewed the business licensing process and procedures set forth in Title 5 of the Yelm Municipal Code (YMC) and; WHEREAS, City staff recommend amending Title 5 YMC to update the process and procedures to obtain business licenses through a combined license application and renewal process, to have that application process directed through the Department of Revenue Business Licensing System, WHEREAS, the City Council reasonably believes that adoption of this Ordinance is in furtherance of the health, safety, and welfare of citizens of the City; NOW, THEREFORE, THE CITY COUNCIL OF THE CITY OF YELM DOES ORDAIN AS FOLLOWS: Section 1. The Business Licenses and Regulations Code Section 5.02.010 YMC is hereby amended as follows: 5.02.010 Definitions. The following definitions shall apply in construing the provisions of this chapter, except where otherwise declared or clearly apparent from the context: alers, retailers, service providers, towing operators, peddlers, canvassers, solicitors, for-hire vehicles, limousine services, pawnbrokers, secondhand dealers and junk dealers engaged in with the object of economic gain, benefit or advantage to the person, firm or corporation, or to another person or class, directly or indirectly, whether part-time or full-time, whether resident or nonresident except those businesses or activities for which licenses of franchises are required by any other chapter or section of the Yelm Municipal Code as now or hereafter enacted or amended. E. city clerk/treasurerFinance Director of the city of Yelm. F-hire vehicle, whether or not the person is the owner of or has any financial interest in the vehicle. G, or continue in business, and also the exercise of corporate or franchise powers as well as liquidating a business when the liquidators thereof hold themselves out to the public as conducting such business. H Agenda Item 8. a. Ordinance No. 1046, Amending Title 5 Business Licensing Page 7 of 15 I-ncludes all vehicles used for the transportation of passengers for compensation, except chartered and scheduled buses, vehicles not for hire by the general public such as vans operated by hotels, employers, churches, schools and retirement facilities and ride share vehicles. The term primarily includes taxicabs and limousines. J-driven, unmetered, unmarked luxury motor vehicle pre- arranged for transportation meeting the definition in RCW 46.04.274. Limousines differ from -arranged fare, are unmetered, unmarked, and are not available for spontaneous hire. Kn additional requirement for certain businesses performing occupations, that by their nature present a heightened public safety risk, including: for-hire vehicle driver, locksmith, or solicitor. L M Ns, partnerships or associations either acting by themselves or by servant, agent or employee. The singular shall include the plural. O receiver, assignee, trustee in bankruptcy, trust, estate, firm, co-partnership, joint venture, club, company, joint stock company, business trust, corporation, association, canvasser, peddler, solicitor, society, or any group of individuals acting as a unit, whether mutual cooperative, fraternal, nonprofit or otherwise, and includes the United States or any instrumentality thereof, for whom a valid business license may be required therefrom under the provisions of this chapter. P Qthe meaning of this chapter is any person who, either as a principal or agent, goes from door to door or from place to place and enters upon any private property within the city and thereon engages in any of the following activities: 1. Sells, takes orders for, or offers to sell or take orders for, any goods, wares or merchandise whether or not collecting in advance for such goods, wares or merchandise; and/or 2. Sells, takes orders for, or offers to sell or take orders for services, whether or not collecting in advance for the performance of such services; and/or 3. Sells, takes orders for, or offers to sell or take orders for the making, manufacturing, or repairing of any article or thing whatsoever, whether or not collecting in advance for the performance of such services; and/or 4. Seeks contribution or donations. R vehicle wrecker or by a vehicle adapted to that purpose, whereby motor vehicles are towed or are otherwise removed from the place where they are disabled. S and which activity is not generally or customarily characteristic of activities for which dwelling units are intended or designed; such activity is clearly incidental or secondary to the residential use of a dwelling unit; and is conducted only by persons residing in the dwelling unit; provided, -care 2004). Section 2. The Business Licenses and Regulations Code Section 5.02.035 YMC is hereby amended as follows: 5.02.035 Home occupation permit. No person shall operate a business in their home within the city without first obtaining a permit from the city. The home occupation permit is in addition to the business license provided for in this chapter.(Ord. 996 § 2, 2015; Ord. 953 § 1, 2012). Agenda Item 8. a. Ordinance No. 1046, Amending Title 5 Business Licensing Page 8 of 15 Section 3. The Business Licenses and Regulations Code Section 5.02.040 YMC is hereby amended as follows: 5.02.040 Application and renewal. Application for a business license shall be made with the city of Yelm, giving such information as is deemed reasonably necessary to enable the enforcement of this chapterthrough the Business Licensing Service of the Washington State Department of Revenue. Application for an occupational permit shall be made directly with the city of Yelm giving such information as is deemed necessary to enable the enforcement of this chapter. The occupational permit is in addition to the business license provided for in this chapter. Application for a home occupation permit shall be combined with the business license application submitted to the Business Licensing Servicemade with the city of Yelm giving such information as is deemed reasonably necessary to enable the enforcement of this chapter. (Ord. 953 § 1, 2012; Ord. 820 § 3, 2004). Section 4. The Business Licenses and Regulations Code Section 5.02.050 YMC is hereby amended as follows: 5.02.050 License term or expiration. A. Initial lLicenses are issued for a calendar yearon an annual basis but will be set to expire on a date established by the Business Licensing Service and expire on December 31stmust be renewed on or before that expiration date to continue in business in the city. B. Renewals are mailed annually in the month of DecemberThe license term and respective fee amount may be prorated to synchronize the license expiration date with the expiration date established by the Business Licensing Service. (Ord. 820 § 3, 2004). Section 5. The Business Licenses and Regulations Code Section 5.02.060 YMC is hereby amended as follows: 5.02.060 Fee. A. Initial. The business licensing fee for any business or activity required to be licensed is $35.00 for the first year of operation, or fraction thereof, or for the first year or fraction thereof under a new business license, whether issued for a new business or after a change in business activity requiring relicensing. B. Renewals. The business licensing renewal fee for any business or activity required to be licensed shall be $25.00 for the second year of such busine for each subsequent year or fraction thereof during the continued operation of such business. C. Occupational permit fee: $70.00 (permit $25.00, background check fee $35.00 and fingerprinting $10.00 fee D. Home occupation permit fee is a one time fee of $50.00, which is in addition to the business license fee for a single amount due of $.00 to be submitted through the Business Licensing Service. D. In addition to the city license fees, applications submitted through the Business Licensing Service must include the total fees due for all other licenses requested, as well as the application-handling fee authorized by RCW 19.02.075. E. In addition to the city license fees, renewals submitted through the Business Licensing Service must include the total fees due for all other licenses being renewed, as well as the renewal-handling fee authorized by RCW 19.02.075. Renewals submitted through the Business Licensing Service after the license expiration date will be assessed a late renewal penalty authorized by RCW 19.02.085 in addition to all other fees due. (Ord. 953 § 1, 2012; Ord. 820 § 3, 2004). Agenda Item 8. a. Ordinance No. 1046, Amending Title 5 Business Licensing Page 9 of 15 Section 6. The Business Licenses and Regulations Code Section 5.02.070 YMC is hereby amended as follows: 5.02.070 Exception Applicability of provisions. This Some or all of the requirements of this chapter shall not be applicable toas described below: A. Nonprofit organizations as recognized by the state of Washington and federal government (i.e., Internal Revenue Code Section 501(c)(3)) are exempted from the city business license fee. B. The sales of daily newspapers, whether subscriptions are taken or not, or to the dissemination of news and information is exempted from all requirements of this chapter. C. The occupational permit fee for a for-hire or limousine license shall be waived upon showing that the applicant has procured an occupational permit for the time frame in question, with full fee paid, and background check made, from one of the cities listed in YMC 5.03.070. (Ord. 953 § 1, 2012; Ord. 820 § 3, 2004). D. For purposes of the license by this chapter, any person or business whose annual value of products, gross proceeds of sales, or gross income of the business in the city is equal to or less than $2,000 (or higher threshold as determined by city) and who does not maintain a place of business within the city, shall submit a business license registration to the Director or designee. The threshold does not apply to regulatory license requirements or activities that require a specialized permit. Section 7. The Business Licenses and Regulations Code Section 5.03.010 YMC is hereby amended as follows: 5.03.010 Occupational Permit Required. This chapter is enacted to regulate the practice of certain occupations that, by their nature, present a heightened public safety risk to the public. The occupational permits required by this chapter are in addition to the business license that may be required under Chapter 5.02 YMC. A. For-Hire Vehicle Driver/Operator. It is unlawful for any person to drive a for-hire vehicle and pick up any passenger within the city without first obtaining an occupational permit therefor in the manner provided by this chapter. B. Locksmith. It is unlawful for any person to act as a locksmith in the city without first obtaining an occupational permit pursuant to the provisions of this chapter. C. Solicitor. It is unlawful for any person to act as a solicitor, within the meaning and application of this chapter, without first obtaining an occupational permit in the manner provided by this chapter. (Ord. 953 § 3, 2012). Section 8. The Business Licenses and Regulations Code Section 5.04.025 YMC is hereby amended as follows: 5.04.025 Registration/license requirements. Application for a business license shall be made with the city of Yelm, through the Business Licensing Service, as provided for in Chapter 5.02 YMC, giving such information as is deemed reasonably necessary to enable the enforcement of this chapter. (Ord. 820 § 3, 2004). Section 9. The Business Licenses and Regulations Code Section 5.04.030 YMC is hereby repealed: 5.04.030 Registration/license certificates. Initial licenses are issued for a calendar year and expire on December 31st. Renewal notices are mailed annually in the month of December. (Ord. 820 § 3, 2004). Agenda Item 8. a. Ordinance No. 1046, Amending Title 5 Business Licensing Page 10 of 15 Section 10. The Business Licenses and Regulations Code Section 5.12.010 YMC is hereby amended as follows: 5.12.010 License Required. It is unlawful for any person to conduct, manage or operate a cabaret within the corporate limits of the city, and no person shall conduct, manage or operate such a cabaret within the corporate limits of the city, unless such person has a valid and subsisting license from the city so to do obtained in the manner herein provided. This license is in addition to a business license that may be required under Chapter 5.02 YMC. (Ord. 89 § 2, 1959). Section 11. The Business Licenses and Regulations Code Section 5.18.030 YMC is hereby amended as follows: 5.18.030 Yelm business license required. A. It is a violation of this chapter for any TNC to operate in the city of Yelm without a current and valid city of Yelm business license as provided for under Chapter 5.02 YMC. B. It is a violation of this chapter for any TNC driver, who is an independent contractor affiliated with a TNC, to operate in the city of Yelm without a current and valid Yelm business license as provided for under Chapter 5.02 YMC. It is the responsibility of the TNC to communicate this requirement to TNC drivers. C. TNC drivers must keep a copy of their business license in their vehicle when logged on and requirement to TNC drivers. D. Except as described in subsections B and C of this section, the TNC shall have no obligations as to TNC driver business license requirements. (Ord. 1013 § 2, 2016). Section 12. The Business Licenses and Regulations Code Section 5.18.040 YMC is hereby amended as follows: 5.18.040 TNC license required. A. It is a violation of this chapter for any TNC to operate in the city of Yelm without a current and valid city of Yelm TNC license. This license is in addition to the business license that is required under YMC 5.18.030 and Chapter 5.02 YMC. B. The administrator or designee may issue a TNC license; provided, that the TNC applicant submits an affidavit sworn under penalty of perjury, on a form provided by the city, that to the best of the this chapter, including, but not limited to, all driver, vehicle, insurance, and operational requirements. C. The TNC license shall be effective for one year. D. The annual TNC license fee shall be $1,000 and shall be paid in full at the time of submitting all initial and renewal applications to the city. (Ord. 1013 § 2, 2016). Section 13. The Business Licenses and Regulations Code Section 5.32.040 YMC is hereby amended as follows: 5.32.040 Permits. A. Any person, firm or corporation selling fireworks within the city, either as a wholesale dealer or as a retail dealer, shall be required as a condition of such operation to secure from the city clerk/treasurerDirector effective for the full calendar year in which the permit is secured. The city clerk/treasurerDirector is directed to issue such permits to those dealers complying with the terms of this chapter and the Chapter 70.77 RCW upon application and payment of the permit fee. The permit is in addition to a business license that may be required under Chapter 5.02 YMC. B. The original and annual license permit fee shall be $30.00 for each separate retailer or retail outlet. Agenda Item 8. a. Ordinance No. 1046, Amending Title 5 Business Licensing Page 11 of 15 C. A person who sells fireworks without a permit is guilty of a misdemeanor. (Ord. 600 § 1, 1997). B. Upon conviction of a second and subsequent offense by fine not exceeding $100.00. (Ord. 596 § 5, 1997). Section 14. The Business Licenses and Regulations Code Section 5.40.020 YMC is hereby amended as follows: 5.40.020 License Required. No person shall engage in any business defined in YMC 5.40.010 without first obtaining a city business license pursuant to the provisions of Chapter 5.045.02 YMC and the provisions of this chapter. (Ord. 264 § 2, 1982). Section 15. The Business Licenses and Regulations Code Section 5.40.030 YMC is hereby amended as follows: 5.40.030 License Application. Before a license shall be issued as provided for in this chapter, an application therefor shall be filed with the city clerk/treasurerDirector in such form as may be prescribed from time to time by the citythrough the Business Licensing Service. Such application shall be accompanied by the business license fee required under Chapter 5.045.02 YMC. Such application shall contain: A. The full name and residence address of the applicant; B. The location where the business is to be conducted; C. The mailing address of the business; and D. The nature of the business to be conducted; and E. The place of residence and nature of business or employment of the applicant during the preceding five years. (Ord. 264 § 3, 1982). Section 16. The Business Licenses and Regulations Code Section 5.40.040 YMC is hereby amended as follows: 5.40.040 License Issuance. Within five days after receipt of the information regarding an application for a license by a business conducting activities governed by this chapter, the city clerk/treasurerDirector shall refer the application to the police chief who shall investigate the character of the applicant. The police chief is authorized to request such additional information from the applicant as may be necessary to properly complete the investigation. The police chief shall advise the city clerk/treasurerDirector in writing of the results of such investigation within 30 days after the application is filed. If, after receipt and review of the report by the police chief, the city clerk/treasurerDirector shall determine that the applicant is of a law-abiding character and that the place of business is in the proper zone for the conduct of such business, the city clerk/treasurerDirector shall issue approve a business license for the conduct of such business. (Ord. 264 § 4, 1982). Section 17. The Business Licenses and Regulations Code Section 5.52.040 YMC is hereby amended as follows: 5.52.040 Licensing of adult entertainment business. A. No person, firm, partnership, corporation, or other entity shall operate an adult entertainment business without first obtaining a license issued pursuant to this chapter. Such license is in addition to a business license that may be required under Chapter 5.02 YMC. B. Prior to the issuance of a license, the applicant must be qualified according to the provisions of all applicable city ordinances, the laws of the United States and of the state of Washington. The premises must meet the requirements of all applicable laws, ordinances, and regulations including Agenda Item 8. a. Ordinance No. 1046, Amending Title 5 Business Licensing Page 12 of 15 but not limited to the International Building Code, and the Yelm Unified Development Code. All premises and devices must be inspected prior to issuance of a license. C. An application for an adult entertainment business license must be submitted to the city clerk/treasurerDirector in the name of the person or entity proposing to conduct the adult entertainment business on the premises and must be signed by the person and certified as true under penalty of perjury. An application must be submitted on a form supplied by the city clerk/treasurerDirector, which must require the following information: 1. For the applicant and for each applicant control person, provide: name(s), date(s) of and mailing and residential address(es); 2. The business name, business address, federal tax identification number, state of Washington master business license number and business telephone number of the business or proposed business, together with a description of the nature of the business; 3. Whether the business or proposed business is the undertaking of a sole proprietorship, partnership or corporation. If a sole proprietorship, the application shall set forth the name, address, telephone number and principal occupation of the sole proprietor. If a partnership, the application shall set forth the names, addresses, telephone numbers, principal occupation and respective ownership shares of each partner, whether general, limited or silent. If a corporation, the application shall set forth the corporate name; a copy of the articles of incorporation, including date and place of incorporation; and the names, addresses, telephone numbers and principal occupations of every officer and director of the corporation, and every shareholder having more than five percent of the outstanding shares of the corporation; and evidence that the partnership or corporation is in good standing under the laws of Washington; and the name and address of the registered agent for service of process; 4. For the applicant and all applicant control persons, a description of business, occupation or employment history for the three years immediately preceding the date of the application; 5. For the applicant and all applicant control persons, all criminal convictions or forfeitures within five years immediately preceding the date of the application, other than parking offenses or minor traffic infractions, including the dates of conviction, nature of the crime, name and location of court and disposition; 6. Whether the applicant or a partner, corporate officer, or director of the applicant holds another license under this chapter or a license for similar adult entertainment or sexually oriented business, including a motion picture theater, or a panorama, from another city, county or state, and if so, the name and address of each other licensed business; 7. A summary of the business history of the applicant and applicant control persons in owning or operating the adult entertainment or other sexually oriented business providing names, addresses and dates of operation for such businesses, and whether any business license or adult entertainment license has been revoked or suspended and the reason for the revocation or suspension; 8. Authorization for the city of Yelm, and its agents and employees, to seek information to confirm any statements set forth in the application; 9. The location and doing-business-as name of the proposed adult entertainment business, including a legal description of the property, street address, and telephone number, together with the name and address of each owner and lessee of the property; 10. Two two-inch by two-inch photographs of the applicant and applicant control persons, taken within six months of the date of application showing only the full face; 11. A complete set of fingerprints for the applicant or each applicant control person, taken by the law enforcement agency for the jurisdiction, or such other entity as authorized by the law enforcement agency; 12. Each applicant shall verify, under penalty of perjury, that the information contained in the application is true; Agenda Item 8. a. Ordinance No. 1046, Amending Title 5 Business Licensing Page 13 of 15 13. A scale drawing or diagram showing the configuration of the premises for the proposed adult entertainment business, including a statement of the total floor space occupied by the business, and marked dimensions of the interior of the premises. Performance areas, overhead lighting fixtures, and service areas shall be clearly marked on the drawing. An application for a license for an adult entertainment business must include building plans which demonstrate conformance with city adopted building code requirements. D. Applications shall be accompanied by a nonrefundable fee as set by resolution of the city council; however, until such fee is set by such a resolution, the fee shall be $500.00. E. Within five days of receipt of a properly completed application for an adult entertainment business license, the city clerk/treasurerDirector shall transmit copies of such application to the police department and community development department. F. Within 30 days of receipt of a properly completed application for an adult entertainment business license, the city clerk/treasurerDirector shall issue the license unless advised by the community development department that the use or proposed use of the premises does not have regulations; or the city clerk/treasurerDirector is advised by the building department that the buildings upon the subject premises fail to meet the requirements of the building, fire, mechanical or plumbing codes applicable to the proposed use; or the city clerk/treasurerDirector is informed by the police department that the owner, partner, or stockholder holding more than five percent of the outstanding shares of the owning corporation has been convicted of or forfeited bail for any crime which may reasonably indicate a likelihood of future violation of the terms of this chapter by such owner, partner, or stockholder. Issuance of the license required in this chapter shall not constitute a waiver of or exemption from the application of any land use, building, health or safety laws pertinent to the proposed use. G. An adult entertainment business license shall expire on December 31st of the year for which it is issued or renewed. H. An adult entertainment business license may be renewed by submitting a new application and following the application procedure set forth hereinabove; provided, that a renewal application shall not be submitted prior to September for the following calendar year. I. If, subsequent to the issuance of an adult entertainment business license, a person or entity acquires a significant interest based on responsibility for management or operation of the business, notice of such acquisition shall be provided in writing to the licensing administrator, no later than 21 calendar days following the acquisition. The notice required must include the information required for the original adult entertainment business license application. J. The adult entertainment business license, if granted, must state on its face the name of the person or persons to whom it is issued, the expiration date, the doing-business-as name and the address of the licensed adult entertainment business. The license must be posted in a conspicuous place at or near the entrance to the adult entertainment business so that it can be easily read when the business is open. K. A person granted an adult entertainment business license under this chapter may not operate the adult entertainment business under a name not specified on the license, nor may a person operate an adult entertainment business, or an adult entertainment device under a designation or at a location not specified on the license. (Ord. 995 § 15 (Exh. D), 2015). Section 18. The Business Licenses and Regulations Code Section 5.52.050 YMC is hereby amended as follows: 5.52.050 Licensing of managers, entertainers, and employees. A. A person may not work as a manager, assistant manager, or entertainer at an adult entertainment city clerk/treasurerDirector. Such license is in addition to a business license that may be required under Chapter 5.02 YMC. An applicant city Agenda Item 8. a. Ordinance No. 1046, Amending Title 5 Business Licensing Page 14 of 15 clerk/treasurerDirector containing the information identified in this subsection. A nonrefundable license fee must accompany the application. The city clerk/treasurerDirector shall provide a copy of the application to the police department for its review, investigation and recommendation. An following information: 1. The fingerprints taken by the police department (or such other entity as authorized by the police department or licensing administrator), social security number, and any stage names or nicknames used in entertaining; 2. The name and address of each business at which the applicant intends to work; 3. A complete statement of all convictions of the applicant for any misdemeanor or felony violations in the jurisdiction or any other city, county, or state within five years immediately preceding the date of the application, except parking violations or minor traffic infractions; 4. Documentation that the applicant has attained the age of 18 years. Any two of the following are acceptable as documentation of age: photograph and date of birth; birth; c. An official passport issued by the United States of America; d. An immigration card issued by the United States of America; or e. Any other identification that the licensing administrator determines to be acceptable and reliable; ties or services to be rendered; 6. Two two-inch by two-inch color photographs of applicant, taken within six months of the date of application, showing only the full face; 7. Authorization for the city, its agents and employees to investigate and confirm any statements in the application. B. Applications shall be accompanied by a nonrefundable fee as set by resolution of the city council; however, until such fee is set by resolution, the fee shall be $100.00. C. The city clerk/treasurerDirector sha police department within five days after its receipt. D. The city clerk/treasurerDirector dar days from the date the complete application and fee are received, unless the city clerk/treasurerDirector is informed by the police department that the applicant has been convicted or forfeited bail to a crime or crimes which would indicate a reasonable likelihood that the applicant would violate the terms of this chapter if so licensed; or the city clerk/treasurerDirector determines that the applicant has failed to provide any information required to be supplied according to this chapter, had made any false, misleading or fraudulent statement of material fact in the application, or had failed to meet any of the requirements for issuance of a license under this chapter. If the city clerk/treasurerDirector determines that the applicant does not qualify for the license applied for, the city clerk/treasurerDirector shall deny the application in writing and shall cite the specific reasons therefor, including applicable laws. E. The manager, entertainer and employee license shall expire on December 31st of each year in which it is issued or renewed. F. The manager, entertainer and employee license may be renewed by submitting a new application and following the application procedure set forth hereinabove; provided, that a renewal application shall not be submitted prior to September for the following calendar year. G. Every entertainer and employee shall provide his or her license to the adult entertainment business manager on duty on the premises prior to his or her performance. The manager shall retain the licenses of the entertainers readily available for inspection by the city, its agents, and employees, at any time during business hours of the adult entertainment business. Agenda Item 8. a. Ordinance No. 1046, Amending Title 5 Business Licensing Page 15 of 15 H. The city clerk/treasurerDirector may request additional information or clarification when necessary to determine compliance with this chapter. authorized by Chapter 42.17 RCW. Nothing in this subsection prohibits the exchange of information among government agencies for law enforcement or licensing or regulatory purposes. (Ord. 995 § 15 (Exh. D), 2015). th Adopted by the Yelm City Council at a regular meeting thereof this 24 day of July, 2018 J.W. Foster, Mayor Authenticated: Lori Mossman, City Clerk Agenda Item 8. b. Internal Audit Engagement Letter Page 1 of 54 City of Yelm STAFF REPORT To:Mayor J.W Foster Yelm City Council From:Joseph Wolfe,Finance Director Date:July 24, 2018 Subj:Internal Audit Engagementletter with Clifton Larson Allen, LLC for risk assessment andinternal control review Attach:Internal Audit Engagement Letterincluding Scope and Budget Proposal to provide professional internal audit services to City of Yelm Recommendation AuthorizeMayor Foster and Finance Director Wolfe to sign the Internal Audit Services Engagement Letter with Clifton Larson Allen, LLP(CLA), attached as appendix 1. Background The City of Yelm will be making several changes to our financial processes as we transition to a new City Hall building andnew Financial ManagementSoftware during 2018. This work will requireexpert consultation,includinga risk assessment and internal controls reviewas we develop financial processes andinternal controls for our new operating environment. Once these processes and controls are completed, the City will continue to work with CLA to evaluate the efficacy of the controls and adjust as necessary. Current Situation The Finance Departmentand the City Council Finance Committee issued an RFP for internal audit services in May 2018. We receivedthree responses to thatRFP. We evaluated the responses from the three accounting firms and selected CLAto provide these services to the City based on their expertise with auditing governmentalentities, the resources they have available to them, their reasonablepricing, and the quality of the team. The work will be accomplished in phases. The City will consult with CLA during our transition from InCode to BIAS softwarethroughout 2018.The internal audit work, including a financial risk assessment and internal controls review will be completed during 2019, after the deployment of our new financialmanagementsoftware and the move to the new City Hall. CLA has agreed to partner with the City as we developour systems Agenda Item 8. b. Internal Audit Engagement Letter Page 2 of 54 and controls at little to no costand providethe internal audit services during 2019, with the option to continue to implement a 5-year internal audit plan. Totalcosts per yearestimated as follows: CLA has developed a blended rate per hour that CLA proposes is $170/hour for risk assessment services and $130/hour for internal audit services. This estimate can fluctuate based on project complexity and scope. As such, CLA has committed to work with the City to ensure the specific internal audit workplan addresses risk areas and is performed within the established budget. This agreement will not require a budget amendment, as adequate funding for the 2018 work is alreadyappropriated in the2018 budget. There will be a budget line item in the 2019 and 2020 budgets for this work. Agenda Item 8. b. Internal Audit Engagement Letter Page 3 of 54 CliftonLarsonAllenLLP 10700NorthupWay,Suite200 Bellevue,WA98004 Main4252506100x11546,Fax 4252506050 www.claconnect.com June21,2018 CityofYelmFinanceDepartment JosephWolfeΑFinanceDirector CityofYelm 105YelmAve.W. Yelm,WA98597 Re:InternalAuditServices DearJoseph: Wearepleasedtoconfirmandoutlineourunderstandingofthetermsandobjectivesofourengagementand thenatureandlimitationsoftheinternalauditconsultingservicesCliftonLarsonAllenLLPΛͻ/\[!ͲͼͻǞĻͲͼͻǒƭͲͼand ͻƚǒƩͼΜwillprovideforTheCityofYelmΛͻƷŷĻ/źƷǤͲͼͻǤƚǒͲͼͻǤƚǒƩͲͼorͻƷŷĻĻƓƷźƷǤͼΜ͵Ifitmeetswithyourapproval, thisletterwillserveasanagreementmadebyandbetweenCLAandtheCity. Objectives MeetingtheneedsoftheCityasyoudefinethemisourhighestpriority.Weunderstandthatyouneedthe performanceofspecifiedinternalauditprocedures.Simplystated,youhaveidentifiedthefollowingobjectives forthisengagement: 1.Performenterprisewideriskassessmentservices 2.Obtainanunderstandingofthedesignofinternalcontrols. 3.Testcontrolsinplaceforoperatingeffectiveness. 4.Reportweaknessesinthedesignandoperationofinternalcontrols. WewillperformtheengagementinaccordancewiththeStatementonStandardsforConsultingServicesissued bytheAmericanInstituteofCertifiedPublicAccountants.Wewillnotperformmanagementfunctions,make managementdecisions,oractorappeartoactinacapacityequivalenttothatofanemployee.However,wewill provideadviceandrecommendationstoassistthe/źƷǤ͸ƭmanagementinperformingitsfunctionsandmakingits decisions. Approach Ourapproachemphasizesactiveinvolvementbythe/źƷǤ͸ƭmanagementthroughouttheprocess.Theconsulting engagementwillincludeperformanceoftheinternalauditproceduresidentifiedintheattachedsupplement(s). Ourengagementplanandestimatedhoursaresummarizedintheattachedsupplement(s).Ifnecessary,our approachandproceduresmaybemodified.Anychangestoourplanwillbediscussedwithmanagement. Agenda Item 8. b. Internal Audit Engagement Letter Page 4 of 54 June21,2018 CityofYelm Page2 Ifmodificationsorchangesarerequiredduringthecourseoftheengagementthatarebeyondtheinitialscope ofservices,orifyourequestthatweperformanyadditionalservices,wewillprovideyouwithaseparate e agreementoraddendumforyoursignature.Suchseparateagreementoraddendumwilladviseyouofth additionalfeeandtimerequiredforsuchservicestofacilitateaclearunderstandingoftheservices. Uponrequestoftheentity,CLAshallmakeitsresourcesavailabletoprovideadditionalfinancial,regulatory,and operationalconsultingservicestotheentity.Thetermsandfeesofsuchanengagementwouldbedocumented inaseparateengagementletter. Scopeofservices Becauseourengagementwillnotconstituteanexaminationmadeinaccordancewithattestationstandards establishedbytheAmericanInstituteofCertifiedPublicAccountantsoranauditmadeinaccordancewith illnotexpressanopinionorany auditingstandardsgenerallyacceptedintheUnitedStatesofAmerica,wew otherformofassuranceonanyoftheitemsspecifiedintheattachedsupplement(s)oronthefinancial statementsoftheentitytakenasawhole.Also,wewillnotexpressanopinionorprovideanyassuranceonthe effectivenessoftheĻƓƷźƷǤ͸ƭinternalcontroloverfinancialreportingoranypartthereof. Ourengagementwillnotincludeadetailedexaminationofalltransactionsandcannotbereliedontodisclose errors,fraud,misappropriationsofassets,orviolationsoflawsorregulationsthatmayexist.However,wewill informyouofanysuchmattersthatcometoourattention.Ifasaresultoftheengagementorthroughother means,matterscometoourattentionthatcauseustobelievethattheselectedrecordsandtransactionsare notpresentedinaccordancewithaccountingprinciplesgenerallyacceptedintheUnitedStatesofAmerica (U.S.GAAP)orarenotincompliancewithapplicablelawsandregulations,wewilldisclosethosemattersinour report.Suchdisclosure,ifany,maynotnecessarilyincludeallmatterswhichmighthavecometoourattention hadweperformedadditionalprocedures,anexamination,oranaudit. Clientinformationrequirements curacy,completeness,andreliabilityofalloftheĻƓƷźƷǤ͸ƭdata Theentityagreesitissolelyresponsiblefortheac andinformationthatitprovidesCLAforourengagement.Theentityagreesitwillprovideuswithallnecessary informationonorbeforethedatewerequesttoallowustoadheretotheprojectschedule.Alistofinformation weexpecttoneedandthedatesrequiredwillbeprovidedinaseparatecommunication. Managementresponsibilities Managementisresponsiblefortheproperrecordingoftransactionsintheaccountingrecordsandforthe preparationoffinancialstatementsinconformitywithU.S.GAAP. ntifyingapplicablelawsandregulationsandensuringtheentitycomplieswith Managementisresponsibleforide them.Managementisresponsiblefortakingtimelyandappropriatestepstoaddressanycomplianceconcerns, noncompliance,orrecommendationsthatwemayidentify. Managementisresponsibleforthedesign,implementation,andmaintenanceofeffectiveinternalcontrolover financialreportingandovercompliance,includingevaluatingandmonitoringongoingactivities,(1)relevantto thepreparationandfairpresentationoffinancialstatementsthatarefreefrommaterialmisstatement,(2)to preventanddetectfraud,and(3)toensurethattheentitycomplieswithapplicablelawsandregulations. Forallnonattestserviceswemayprovidetoyou,includingtheseinternalauditconsultingservices,the/źƷǤ͸ƭ managementagreestoassumeallmanagementresponsibilities;overseetheservicesbydesignatingan individual,preferablywithinseniormanagement,whopossessessuitableskill,knowledge,and/orexperienceto Agenda Item 8. b. Internal Audit Engagement Letter Page 5 of 54 June21,2018 CityofYelm Page3 understandandoverseetheservices;evaluatetheadequacyandresultsoftheservices;andaccept responsibilityfortheresultsoftheservices. Theprocedureswillbeperformedwiththeunderstandingthatmanagementoftheentityisresponsiblefor: (1)designatinganindividualwhopossessessuitableskill,knowledge,orexperience,preferablywithinsenior ent,toberesponsiblefortheinternalauditfunction,(2)determiningthescope,risk,andfrequencyof managem internalauditactivities,includingthoseperformedbyCLA,(3)evaluatingthefindingsandresultsarisingfrom theinternalauditactivities,includingthoseperformedbyCLA,and(4)evaluatingtheadequacyoftheinternal auditproceduresperformedandthefindingsresultingfromtheperformanceofthoseprocedures. Deliverables Wewillmaintainongoingcommunicationwiththeliaisonassignedtoworkcloselywithusandwillmeetwith managementleaders,asrequested,regardingthestatusofourprogressthroughoutthisengagement.Wewill ngagementinaformalreporttomanagementandthosechargedwithgovernance documenttheresultsofthee summarizingtheproceduresperformed,theresultsofthoseprocedures,andanyrecommendationsthatwe mayhave. Ifforanyreasonweareunabletocompletetheengagement,wewillnotissueareportasaresultofthe engagement. Timing ThisagreementshallbecomeeffectiveasofthedatesignedbytheCityandcontinuethroughcompletionof servicesasdescribedinthesupplements.Wewillstartperformingourservicesbasedonamutuallyagreeable scheduletobedetermineduponcontractacceptance. Personnel Ourfirmhasadoptedateamapproachtoclientservice,whichmeansthatCLAwillprovidetheentitywitha teamofpeoplewhohavetherelevantknowledgeandexperiencetoperformtheworkplanoutlinedinthe supplement.BrianPyewillleadtheoverallengagement.BrianPyewillprovideprimarycontactandproject management.Wewillalsoutilizeyourstafftoassistuswiththeinternalauditprocedureswheneverpracticable. Paymentforemploymentofourpersonnel ThisagreementshallbecomeeffectiveasofthedatesignedbytheCityandcontinuethroughcompletionof servicesasdescribedinthesupplements.Intheeventthatyouemployoneofourprofessionalemployees duringtheperformanceoftheprojectorwithinoneyearafterithasbeencompleted,inordertocompensateus forlostbenefitsandthecostoflocatingandtrainingareplacement,youagreetopayusasumequaltofifty percentoftheannualsalaryyoupaytotheemployeeduringtheirfirstyearofemployment. Scopeofagreement ThisagreementappliestoallaspectsofourrelationshipandtoanyotheroradditionalservicesCLAmayrender totheentityatanytime,unlesstheyarecoveredbyaseparatewrittenagreementthattheentityandCLAboth sign. Professionalfees Ourprofessionalfeesfortheservicesdescribedthroughoutourproposalarebasedonthelevelofexpertiseof theindividualswhowillperformtheservices.Theactualcostisdependentonthelevelofexpertiserequiredto completetheproject,andthedesiredtotalworkplanhoursagreedtobytheCity. Agenda Item 8. b. Internal Audit Engagement Letter Page 6 of 54 June21,2018 CityofYelm Page4 TheblendedrateperhourthatCLAproposesis$170/hourforriskassessmentservicesand$130/hourforinternal auditservices.Basedonourcurrentunderstandingofyourneedswehavesummarizedourriskassessment approachintofivephases: Annual Fee For Internal Audit Services Estimated Fee Year1Riskassessmentandinternalauditservices$40,000 Year2Riskassessmentandinternalauditservices$25,000 Year3Riskassessmentandinternalauditservices$25,000 Year4Riskassessmentandinternalauditservices$25,000 Year5Riskassessmentandinternalauditservices$25,000 Wewillworkwithyoutosetthespecificscopeandlevelofeffortforeachproject,andthenassignappropriate teammemberstocompletetheagreedassignment.InputwillbeprovidedbyaSubjectMatterSpecialistwhere appropriate,withthefieldworktobeperformedbyseniorsandstaffasassigned.Ourengagementleaderswill superviseallfieldworkandreviewallworkperformedbyourteam.Theywillalsoworkwithyouintheissuance ofthefinalreports.Actualtravelexpenseswillbebilledasincurred. Basedontheresultsoftheriskassessment,CLAwillworkdirectlywiththe/źƷǤ͸ƭprojectliaisontodevelopan internalauditplanthatmeetsyourneedsandexpectations.Theplanwillidentifythenumberofinternalaudits youwouldliketohaveperformedandthetimeframeofexecutionforeach.Basedontheinternalauditplan,we willdevelopindividualworkordersthatclearlydefinethescope,timingandbudgetforeachinternalauditproject weperform.Totalhoursandrelatedfeesforallinternalauditserviceswillbedevelopedbasedontheauditplan andagreedtobytheCity. RateCard Basedonourcurrentunderstanding,weestimateablendedrateasdefinedbelowfortheabovementioned internalauditservices.Thisestimatecanfluctuatebasedonprojectcomplexityandscope.Assuch,wehave includedtheratesperlevelinthebelowtable.Wewillworkwithyoutoensurethespecificinternalauditwork thintheestablishedbudget.CLAservicesfortheCitywillbepriced planaddressesriskareasandisperformedwi basedonthefollowinghourlyrates: TitleRate Principal$250 Manager$180 Senior$150 Staff$125 Agenda Item 8. b. Internal Audit Engagement Letter Page 7 of 54 June21,2018 CityofYelm Page5 Invoicing,financecharges,andcollectionexpenses Feesandreimbursementswillbedueandpayablethroughouttheproject,followingtheĻƓƷźƷǤ͸ƭreceiptofan invoicefromCLA.Compensationforservicesisduewithinthirty(30)daysofthebillingdate.Financechargesof oneandonequarterpercent(1.25%)permonthwillbeaddedtoanypastdueamounts.CLAhastherightto immediatelyterminateourservicesifpaymentforourfeesorcostsisnotmadetousinatimelymanner.Inthe eventthatanycollectionactionisrequiredtocollectunpaidbalancesdueus,reasonableattorneyfeesand expensesshallberecoverable. IntheeventCLA'sservicesareterminatedforwhateverreasonduringtheproject,theentitywillpromptly compensateCLAforallprofessionalservicesrenderedandoutofpocketexpendituresthroughthedateof termination. Otherfees Youalsoagreetocompensateusforanytimeandexpenses,includingtimeandexpensesoflegalcounsel,we mayincurinrespondingtodiscoveryrequestsorparticipatingasawitnessorotherwiseinanylegal,regulatory, orotherproceedingsthatweareaskedtorespondtoonyourbehalf. Financechargesandcollectionexpenses Youagreethatifanystatementisnotpaidwithin30daysfromitsbillingdate,theunpaidbalanceshallaccrue interestatthemonthlyrateofoneandonequarterpercent(1.25%),whichisanannualpercentagerateof15%. Intheeventthatanycollectionactionisrequiredtocollectunpaidbalancesdueus,reasonableattorneyfees andexpensesshallberecoverable. Mediation Anydisagreement,controversy,orclaimΛͻ5źƭƦǒƷĻͼΜthatmayariseoutofanyaspectofourservicesor relationshipwithyou,includingthisengagement,shallbesubmittedtononbindingmediationbywrittennotice ΛͻaĻķźğƷźƚƓbƚƷźĭĻͼΜtotheotherparty.Inmediation,wewillworkwithyoutoresolveanydifferences tialmediator.Themediationwillbeconductedasspecifiedbythemediator voluntarilywiththeaidofanimpar andagreeduponbytheparties(i.e.,youandCLA).Thepartiesagreetodiscusstheirdifferencesingoodfaith andtoattempt,withtheassistanceofthemediator,toreachanamicableresolutionoftheDispute.Eachparty willbearitsowncostsinthemediation.Thefeesandexpensesofthemediatorwillbesharedequallybythe parties.AnyDisputewillbegovernedbythelawsofthestateofMinnesota,withoutgivingeffecttochoiceof lawprinciples. Limitationofremedies Ourroleisstrictlylimitedtothetasksandprojectsdescribedinthisletter,andweoffernoassuranceastothe resultsorultimateoutcomesofthisengagementorofanydecisionsthatyoumaymakebasedonour nicationswithyouorourreports.Youwillbesolelyresponsibleformakingalldecisionsconcerningthe commu contentsofourcommunicationsandreports,fortheadoptionofanyplans,andforimplementinganyplansyou maydevelop,includinganythatwemaydiscusswithyou.CLAhasnodutytoensurethattheĻƓƷźƷǤ͸ƭ accounting,billing,coding,compliance,orreimbursementpractices,systems,orreportscomplywithapplicable lawsorregulations,allofwhichremaintheĻƓƷźƷǤ͸ƭsoleresponsibility. YouagreethatitisappropriatetolimittheliabilityofCLA,itspartners,principals,directors,officers,employees, andagents(eachaCLAparty)andthatthislimitationofremediesprovisionisgovernedbythelawsofthestate ofMinnesota,withoutgivingeffecttochoiceoflawprinciples. Agenda Item 8. b. Internal Audit Engagement Letter Page 8 of 54 June21,2018 CityofYelm Page6 YoufurtheragreethatyouwillnotholdCLAoranyotherCLApartyliableforanyclaim,cost,ordamage, whetherbasedonwarranty,tort,contract,orotherlaw,arisingfromorrelatedtothisagreement,theservices is providedunderthisagreement,theworkproduct,orforanydeliverables,plans,actions,orresultsofth engagement,excepttotheextentauthorizedbythisagreement.InnoeventshallanyCLApartybeliabletoyou foranyindirect,special,incidental,consequential,punitive,orexemplarydamages,orforlossofprofitsorloss ofgoodwill,costs,orattorneyfees. Theexclusiveremedyavailabletoyoushallbetherighttopursueclaimsforactualdamagesthataredirectly causedbyactsoromissionsthatarebreachesbyaCLApartyofdutiesowedunderthisagreement,butany recoveryonanysuchclaimsshallnotexceedthefeesactuallypaidunderthisagreementbyyoutoCLA. Indemnity YouagreetoindemnifyandholdharmlessCLA,itssuccessorsandaffiliates,officers,employees,andagents fromanyclaimsbroughtorassertedbyanyotherperson,thirdparty,orgovernmentalbodyforanyloss, sonableexpensesincurredindefending damages,liabilities,remedies,orcauseofaction,andfromanyrea againstanysuchclaimsoractions(includingattorneyfees)arisingfromorrelatingtotheservicesperformedby anyCLAparty. Timelimitation Thenatureofourservicesmakesitdifficult,withthepassageoftime,togatherandpresentevidencethatfully andfairlyestablishesthefactsunderlyinganydisputethatmayarisebetweenyouandanyCLAparty.The parties(youandCLA)agreethat,notwithstandinganystatuteorlawoflimitationsthatmightotherwiseapplyto adispute,includingonearisingoutofthisagreementortheservicesperformedunderthisagreement,for breachofcontractorfiduciaryduty,tort,fraud,misrepresentationoranyothercauseofactionorremedy,any actionorlegalproceedingbyyouagainstanyCLApartymustbecommencedasprovidedbelow,oryoushallbe foreverbarredfromcommencingalawsuitandfromobtaininglegalorequitablerelieforrecovery.Anactionto mmencedwithintheshorterofthefollowinglimitationperiods: recoveronadisputeshallbeco Withintwelve(12)monthsfromthedateofourlastbillingforservicesperformedunderthis engagementletter,or Withintwelve(12)monthsaftertheterminationbyeitherpartyofeitherthisagreementortheeƓƷźƷǤ͸ƭ ongoingrelationshipwithCLA. Theselimitationperiodsapplyandbegintoruneveniftheentityhasnotsufferedanydamageorloss,orhasnot becomeawareoftheexistenceorpossibleexistenceofadispute. Confidentialityandrestricteduseofinformation formationsuppliedbytheentitytousinconfidenceandCLAwillnotdiscloseittoanyother CLAwillholdthein personorparty,unlesstheentityauthorizesustodoso,itispublishedorreleasedbytheentity,itbecomes publiclyknownoravailableotherthanthroughdisclosurebyus,ordisclosureisrequiredbylaw.This confidentialityprovisiondoesnotprohibitusfromdisclosingyourinformationtooneormoreofouraffiliated companiesinordertoprovideservicesthatyouhaverequestedfromusorfromanysuchaffiliatedcompany. Anysuchaffiliatedcompanyshallbesubjecttothesamerestrictionsontheuseanddisclosureofyour informationasapplytous. TheentityagreesanyreportsordeliverablesCLAprovidestotheentityareonlyfortheinternaluseofthe ĻƓƷźƷǤ͸ƭmanagement.Theymaynotbedistributedtoanyotherpersonorparty,foranypurpose,withoutour Agenda Item 8. b. Internal Audit Engagement Letter Page 9 of 54 June21,2018 CityofYelm Page7 priorwrittenconsent.Theentityfurtheragreestoholdanyinformation,reports,ordeliverablesthatCLA providestotheentityinconfidenceandagreesthattheentitywillnotdisclosesuchtoanyotherpersonor comesthenpublicly party,unlessCLAauthorizestheentitytodoso,itispublishedorreleasedbyus,oritbe knownoravailableotherthanthroughdisclosurebytheentity. CLAmay,attimes,usesubcontractorstoperformservicesunderthisagreementandtheymayhaveaccessto yourinformationandrecords.Anysuchsubcontractorswillbesubjecttothesamerestrictionsontheuseof suchinformationandrecordsasapplytoCLAunderthisagreement. TheworkpapersforthisengagementarethesoleandexclusivepropertyofCLAandconstituteconfidentialand proprietaryinformation.Wedonotprovideaccesstoourworkpaperstoyouoranyoneelseinthenormal courseofbusiness.However,wemayberequestedtomakecertainworkpapersandpoliciesandprocedures relatedtoservicesperformedavailabletoregulatoryagenciespursuanttoauthoritygiventothembylawor regulation.Ifrequested,accesstosuchworkpapers,policies,andprocedureswillbeprovidedunderthe supervisionofCLApersonnel.Furthermore,uponrequest,wemayprovidecopiesofselectedworkpapers, policies,andprocedurestotheregulatoryagencies.Thoseagencies,mayintend,ordecide,todistributethe copiesorinformationcontainedthereintoothers,includingothergovernmentalagencies. Workpapersdocumentingaccounts,entityactivities,andfindingswillbegiventotheentityattherequestof management.Managementwillbeprovidedwithanycopiesoftherelatedworkpapersitconsidersnecessary. Legalcompliance Theentityagreestoassumesoleresponsibilityforfullcompliancewithallapplicablefederalandstatelaws, rulesorregulations,andreportingobligationsthatapplytotheentityortheĻƓƷźƷǤ͸ƭbusiness,includingthe accuracyandlawfulnessofanyreportstheentitysubmitstoanygovernmentregulator,authority,agency,or entity.Theentityalsoagreestobesolelyresponsibleforprovidinglegallysufficientsubstantiation,evidence,or supportforanyreportsorinformationsuppliedbytheentitytoanygovernmentalorregulatorybody,orforany insurancereimbursementintheeventthattheentityisrequestedtodosobyanylawfulauthority.CLA,its successors,affiliates,officers,andemployeesdonotassumeorundertakeanydutytoperformortobe responsibleinanywayforanysuchduties,requirements,orobligations. Recordretention Ourworkingpapers,includinganycopiesofyourrecordsthatwechosetomake,areourpropertyandwillbe retainedbyusinaccordancewithourestablishedrecordsretentionpolicy.Thispolicystates,ingeneral,thatwe willretainourworkingpapersforaperiodofsevenyears.Afterthisperiodexpires,ourworkingpapersandfiles willbedestroyed.Furthermore,physicaldeteriorationorcatastrophiceventsmayshortenthetimeourrecords areavailable.TheworkingpapersandfilesofourfirmarenotasubstitutefortheĻƓƷźƷǤ͸ƭrecords. Other Thisagreementwillremainineffectuntilitisterminatedbyeitherpartyonthirty(30)dayswrittennotice,with orwithoutcause.Intheeventoftermination,thetermsofthisagreementshallsurviveandremainineffect. Anynoticesunderthisagreementshallbesenttotheentityattheaddressnotedaboveandtousat: CliftonLarsonAllenLLP Attn:DavidHoagland,Principal 10700NorthrupWay,Suite200 Bellevue,WA98004 Agenda Item 8. b. Internal Audit Engagement Letter Page 10 of 54 June21,2018 CityofYelm Page8 Agreement CLAappreciatestheopportunitytoassisttheCityandbelievesthatthisletteraccuratelysummarizestheterms ofourengagement.Thisletterconstitutestheentireagreementregardingtheseservicesandsupersedesall prioragreements(whetheroralorwritten),understandings,negotiations,anddiscussionsbetweenyouand CLA.Ifyouhaveanyquestions,pleasecontactus. Iftheentityagreeswiththetermsofthisengagementasdescribedinthisletter,pleasesign,date,andreturna copyofthecompleteagreement,includingthesupplement,tous.Byreturningthisletterofengagement,the Cityisauthorizingustocommenceourservices. Sincerely, CliftonLarsonAllenLLP DavidHoagland,PrincipalCPA BrianPye PublicSectorLeader Principal 4258281546 6123973139 dave.hoaglund@claconnect.com brian.pye@claconnect.com Acceptanceandacknowledgement OnbehalfofTheCityofYelm,Iacknowledgethatthetermsofthisagreementaccuratelystateour understandingwithCLA,andTheCityofYelmagreestobeboundbythem. Authorizedgovernancesignature: Title: Date: Authorizedmanagementsignature: Title: Date: Agenda Item 8. b. Internal Audit Engagement Letter Page 11 of 54 June21,2018 CityofYelm Page9 SupplementtoEngagementLetter I NTERNAL A UDIT Therearesixphasesinourinternalauditapproach.Thefollowingtablesummarizesthephasesandour approach. PHASE1:DEFINETHEENGAGEMENT Ourteamwillvalidatetheoverallinternalauditservicesprojectscopebasedonconsultationwithkey stakeholdersasdesignatedbytheCity.WewillvalidateourunderstandingofthehƩŭğƓźǩğƷźƚƓ͸ƭexpectations fortheproject,includingthefollowing: Refineandtailorthemethodologyandapproach Definerolesandresponsibilities Establishcommunicationprotocolstoensurethemostrespectfulandefficientworkingrelationshipis createdattheverybeginningoftheprocess Definedetailedprojectplanandmilestones Identifyresourcestobeutilizedandlogisticalarrangements DevelopstrategiestomitigatedisruptiontothehƩŭğƓźǩğƷźƚƓ͸ƭdaytodayoperations ProvidetheOrganizationleaderswithanorientationtotheinternalauditservicesproject,asrequested bytheCity Inaddition,pertinentdatawillberequestedtoutilizeduringtheplanningprocess.Requesteddocumentsand informationwillinclude,butnotbelimitedto: Organizationcharts Policiesandstandardoperatingprocedures,asapplicable Priorriskassessmentreports,internalauditresults,performanceaudit,thirdpartyreportsandexternal ğǒķźƷƚƩ͸ƭreports,strategicplan,etc. PHASE2:DEVELOPRISKMODELANDUNIVERSE(Seedetailedapproachbelow) OurteamwillbeginbyunderstandingthehƩŭğƓźǩğƷźƚƓ͸ƭbusiness,risks,existingcontrolstructure,objectives, goals,andstrategiesandgainafurtherunderstandingoftheauditableareasbasedontheresultsofyour previousassessments.Wewillalsoassessexternalandinternalrisksrelatedtoeachoftheprogramsand/or functionsidentifiedbytheCity.ThefactorsidentifiedinthisphasewillallowCLAtofocusoninternalcontrolsof higherriskversusbasiccontroltesting. PHASE3:DEVELOPAUDITPLAN Agenda Item 8. b. Internal Audit Engagement Letter Page 12 of 54 June21,2018 CityofYelm Page10 WewillaligntheinternalauditplanwiththehƩŭğƓźǩğƷźƚƓ͸ƭstrategyandfocusonareasofgreatestrisk.CLA willdeveloptheannualinternalauditplanusingariskbasedapproach.Thehighestrankedriskswillgenerate themostattentionandresourcesandwewillworkwiththeOrganizationmanagementtotailorthespecific internalauditplantobethemostcosteffectiveandefficient.CLAwillworkwithOrganizationmanagementto agreeonthescopeandtimingofthespecificinternalauditprojects.Wewillscheduletheinternalauditsduring theleastdisruptivetimesforOrganizationprocessownerssothattheauditcanbecompletedefficientlyand effectively. Inaddition,CLAwillperformanongoingassessmentoftheinternalauditplantoensureitcontinuestoalign withkeyrisksoftheOrganization.Ifchangesoccur,CLAwillworkwiththeCitymanagementtoadjusttheaudit plantomeetthekeyobjectivesandrisksoftheOrganization. WewillassignaCLAservicedeliveryteamtowiththerightcompetenciestobringtherequiredmixoffinancial, operational,regulatory,andinformationtechnologyskillsinyourindustry. PHASE4:DESIGNAUDITPROJECTPROGRAM Foreachinternalauditproject,ourtypicalapproachisasfollows,butitcanbetailoredasneeded.Ourteam willmeetwithOrganizationmanagementtoconductaplanningmeetingpriortothestartofeachauditproject (approx.24weeksprior)toreconfirmthescopeandobjectivesandintroducekeystakeholdersofthe Organizationinvolvedwiththeinternalauditproject.Thisallowsforappropriatecommunicationandtoensure therearenoͻƭǒƩƦƩźƭĻƭͼrelatedtotheinternalaudits.ThisensuresthatexpectationsaresetwithbothCLAand Organizationprocessowners.Thismeetingwillalsobeutilizedtogainfurtherunderstandingoftheprocess thatwillbeauditedtospecificallytailoranddesignauditprograms. CLAwillspecificallytailoranddesigntheinternalauditprogramstomeettheuniquenessofthehƩŭğƓźǩğƷźƚƓ͸ƭ processesandinternalcontrolsutilizingstandardindustryandprocesstemplatesthatCLAhaspreviously establishedandtailoringthemtomeettheneedsoftheOrganizationanditsprocessesbasedontheplanning meetingsconducted.Internalauditprogramswillalsobetailoredbasedonbackgroundandhistoryalready obtainedviapreviousassessmentreportsprovidedtoCLA. PHASE5:EXECUTEAUDITPROJECTPROGRAM Ourteamwillexecutethespecificoperational,financial,regulatory,andinformationtechnologyinternalaudits previouslyagreedtowithOrganizationmanagement,andconducttheauditinaccordancewiththeStandards fortheProfessionalPracticeofInternalAuditingasprescribedbytheInstituteofInternalAuditors.CLAwill alsoprovidetheOrganizationwithbestpracticerecommendationsineachprocessandriskareaidentified basedontheIIAandCOBITstandards. Wewillassessthe/źƷǤ͸ƭprocesses,determinetheareaswhereadditionalinternalcontrolsmaybeneeded, whereexistinginternalcontrolsshouldbeenhanced,andcomparetheoperationstowidelyacceptedbest practices.Theinternalauditassessmentwillallowustoidentifyspecificactionsthatwillresultin recommendationsforimprovement.Workproceduresinclude: Determineifcurrentinternalcontrolsaredesignedappropriatelytomitigatetheidentifiedrisks. Determineadequacyofthedesignofinternalcontrolsthatcurrentlyexistasitrelatestoeffective andefficientachievementofthespecifiedpurpose. Providedetailedrecommendationsforfuturestateimprovementstointernalcontrols. Agenda Item 8. b. Internal Audit Engagement Letter Page 13 of 54 June21,2018 CityofYelm Page11 Wewillutilizeaconsistentinternalauditserviceteam,supplementedwithspecialtyresourcesorexpertiseas needed.Allworkintheinformationtechnologyarea,ifrequired,willbecompletedbyourITspecialists. Aformalclose/exitmeetingwillbeconductedwithOrganizationmanagementandpersonneltocommunicate riskandcontroldeficienciesnotedduringtheaudit.Priortotheformalclose/exitmeeting,CLAwillvalidateour understandingofvariousrisksandinternalcontroldeficiencieswithprocessownerssotherearenoͻƭǒƩƦƩźƭĻƭͼ attheformalclose/exitmeeting. PHASE6:DELIVERRESULTSANDINSIGHTS Ourteamwilldraftaninternalauditreportwithanexecutivesummarydescribingthescope,objectives, approach,andoverallconclusionoftheinternalauditproject.Inaddition,ourreportwilldescribeindetail internalcontroldeficiencies,recommendations,andariskrankingspecifictoeachofthecontroldeficiencies. WewillalsoworkcollaborativelywithOrganizationmanagementtotailorthedraftreporttomeettheneedsof OrganizationmanagementandanyrelevantreportingCommittees. Ourinternalauditreportsareissuedtimelyafterthecompletionofourfieldwork./\[!͸ƭcommunication frameworkissetuptoensurevaluedrivenresults.Werequireourteamtoprioritizetheirfindingsanddiscuss draftsofinternalauditreportswiththeappropriateOrganizationmanagementandstaffpriortoissuance.We believethisapproachaccomplishesthefollowing: Confirmstheinformationcontainedinthereport Minimizesreactiontosignificantfindings Encouragesbuyinfromtheprocessowners Increaseslikelihoodofimplementationofrecommendations Uponapprovalofthedraftreport,afinalreportwillbeissuedtomanagementandanyrelevantcommittees,as requested.Additionally,wewillmeetwiththehƩŭğƓźǩğƷźƚƓ͸ƭmanagementandanyrelevantcommittees,as requested,andwillprepareaformalpresentation,aswellasaddressanyquestions. O RGANIZATION W IDE R ISK A SSESSMENT Inordertodeveloptheannualinternalauditplan,ariskassessmentshouldbeconductedthatfocusesonthesix keyriskdomainsattheCity.Theriskdomainswesuggestfocusonareasfollows: StrategicRisks:Risksassociatedwithbusinessobjectivesnotbeingmetduetopoorlydefinedbusiness strategies,poorlycommunicatedstrategies,ortheƚƩŭğƓźǩğƷźƚƓ͸ƭinabilitytoexecutethesestrategiesdueto inadequateorganizationalstructure,infrastructureoralignment.Strategicriskismanagedbyappropriate organizationalgovernance.Failuretoadequatelyplanandexecuteagainstorganizationalgoalsmayresultin significantdamagetotheƚƩŭğƓźǩğƷźƚƓ͸ƭreputation. OperationalRisks:Risksderivedfromcorebusinesspractices,whichrelyonsystems,practices,programs, andpeople.Withinthisriskdomainarerisksassociatedwithadiversenumberofoperationalareas. FinancialRisks:RisksassociatedwiththeƚƩŭğƓźǩğƷźƚƓ͸ƭfinancialreportingbeinginaccurate,incomplete,or untimelyduetoavarietyoffactorsincludingthepaceofchange,theamountofuncertainty,thepresenceof alargeerror,orthepressureonmanagementtomeetcertainexpectations. Agenda Item 8. b. Internal Audit Engagement Letter Page 14 of 54 June21,2018 CityofYelm Page12 ComplianceRisks:Risksassociatedwithavarietyoffederal,stateandlocallawsandregulations.Failureto followprescribeddirectivesmayresultinsubstantialfines,restrictions,lossofbusiness,and/orlegalaction takenbyregulators. InformationTechnologyRisks:Risksassociatedwiththelevelofuse,sophistication,complexity,robustness, easeofuseandspeed,andaccuracyofrecovery/replacementofsystems.Thisriskaddressestheoverall importanceoftechnologywithintheorganizationandtheavailabilityandqualityofinformationthe organizationcanaccesstosupportdecisionmaking,andthesecurityofkeyinformation. HumanCapitalRisks:Risksassociatedwiththetypeofbehaviorsencouragedbymanagement;themethods usedtorewardemployees;theapproachtoconsistentlyenforcepoliciesandprocedures;theselection, screening,andtrainingofemployees;andthereasonandfrequencyofturnover. Objectivesandscope Theobjectiveoftheorganizationwideriskassessmentistoidentifythekeystrategic,financial,operational,and ITprocessesattheCityandassessthelevelsofriskwithineachoftheprocessareas.Inaddition,provide managementwithvisibilitytoprocessareasthatcontainthehighestpotentialriskasdeterminedbytherisk assessmentprocess. Thescopeoftheorganizationwideriskassessmentwillincludethefollowingfunctionalareas/processeswithin theCity: FunctionalArea/ProcessDetailedCoverageofFunctionalArea/Process Cashreceipts,accountsreceivablemanagement,cashhandling, CashReceipts donations/contributions Purchasingcontrolsandthresholds,disbursements/accountspayable, Purchaseto paymentprocessing,vendormaintenance,purchasingcards,employee Pay/Disbursements expensereporting Seniorleadership,boardofdirectors,strategicplan,internalpolicies Governance andprocedures,andvendorrelationships Financialcloseandreporting,accountingoperations,budgeting, reconciliationofsignificantaccountbalances,accruals,estimatesand Accounting/Finance reserves,journalentryreview,chartofaccountmaintenance, segregationofduties Administration,duediligence,contractualagreements,responsibility VendorRelationship andoversight,thirdpartyrelationships,SSAE16reports ComplianceRegulatoryrequirements,frauddetectionandprevention Payroll,benefits,recordsmanagement,FTEworkload,recruiting,hiring, HumanResourcesand terminations,performancemonitoring,newhireintegration,employee Payroll retention,traininganddevelopment,incentiveprogram Agenda Item 8. b. Internal Audit Engagement Letter Page 15 of 54 June21,2018 CityofYelm Page13 Socialmedia,publications,webdevelopment,brandandlogo, Marketing/Communications advertisingchannels Changemanagement,VulnerabilityManagement,serversand databases,Webbasedapplications,authenticationstandards,layered InformationTechnologysecurity,policiesandprocedures,passwordparameters,logicalaccess, useraccountadministration,applicationadministration,storageand backup,physical/environmentalcontrols,andcontingencyplanning Organizationstructure,governance,policies,standardsandprocedures, Organizational riskmanagementpolicy,maintenanceandstorageofsensitive Administration information(electronicandpaper) DevelopingtheRiskAssessmentApproach OurriskassessmentapproachprovidestheCitymanagementtheopportunitytobuildarelationshipwithour teamthroughtheriskassessmentprocessandprovidesuswiththeopportunitytogainathoroughunderstanding ofCityoperationsandculture.Thisapproachfocusesonthesixdomainsstatedaboveandcanbemodifiedto morespecificriskdomainsiftheCitymanagementdesires.Riskassessmentsareconductedbyprincipalsand managerswithspecificindustryandinternalauditexperience. Thefivephasesofourriskassessmentapproachisasfollows:1)PlanningandDataGathering;2)DevelopRisk ModelandUniverse;3)DevelopRiskAssessmentApproach;4)ExecuteRiskAssessmentApproach;and5)Deliver ResultsandInsights. Thefollowingtablesummarizesthetasksthatwewilltaketoaccomplisheachphase. PHASE1:PLANNINGANDDATAGATHERING Ourteamwillvalidatetheriskassessmentprojectscopebasedonconsultationwithkeystakeholdersas designatedbytheCity.Wewillvalidateourunderstandingofthe/źƷǤ͸ƭexpectationsfortheproject, includingthefollowing: Refineandtailorthemethodologyandapproach Definerolesandresponsibilities Establishcommunicationprotocolstoensurethemostrespectfulandefficientworkingrelationshipis createdattheverybeginningoftheprocess Definedetailedprojectplanandmilestones Identifyresourcestobeutilizedandlogisticalarrangements Developstrategiestomitigatedisruptiontothe/źƷǤ͸ƭdaytodayoperations ProvideCityleaderswithanorientationtotheriskassessmentprocess,asrequestedbytheCity. Inaddition,pertinentdatawillberequestedtoutilizeduringtheplanningprocess.Requesteddocuments andinformationwillinclude,butnotbelimitedto: Organizationalcharts Policiesandstandardoperatingprocedures Priorriskassessmentreports,internalauditreports,committeepresentations,externalğǒķźƷƚƩ͸ƭ reportsandthestrategicplan Agenda Item 8. b. Internal Audit Engagement Letter Page 16 of 54 June21,2018 CityofYelm Page14 PHASE2:DEVELOPRISKMODELANDUNIVERSE Webeginbydefiningriskandcreatingariskframework.Riskisaneventorconditionthatcannegatively affecttheabilityofanorganizationtoachieveitsobjectives.Risksaregenerallythoughttobeassociatedwith takingactions;however,riskscanalsooccurwhennoactionistakenintheformofmissedopportunities.CLA suggestssixriskdomainsasdescribedabove:strategic,operational,financial,compliance,technology,and humancapital. Procedureswillconsistofthefollowing: Discussthe/źƷǤ͸ƭbackgroundΑCampuses/Locations/People/Operations Understandbusinessprocessandtheinformationtechnologyenvironment Identifycentralized/decentralizedprocesses Defineandcreatetheriskuniverseandriskmodel(riskmap) Identifyriskrankingcriteriadefinitions(impactandvulnerabilityvariables) Agreeonmeasurementscaleanddeliverableformat Prioritizetheaudituniverse Next,wedefineimpactandvulnerabilitycriteriaapplicabletotheCitytobeutilizedasatoolforriskranking procedures.Indeterminingriskwithinthefinancial,operational,andITprocesses,weassesstheimpactofthe processtotheCityandthevulnerabilitythatariskwouldoccurbyevaluatingtheunderlyingattributesofthe processandbyassessingtheeffectivenessofthecontrolenvironmentaroundthatprocess.Thecriteriaare definedintermsofhigh,moderate,andlow. PHASE3:DEVELOPRISKASSESSMENTAPPROACH OurteamwilldevelopariskassessmentapproachspecificallytailoredfortheprocessesoftheCity.Webegin byidentifyingvariousinterviewparticipants,includingkeyriskownersandconductinterviews,asapplicable. InterviewquestionnaireswillbedevelopedandspecificallytailoredfortheCity.Wewillworkwithaspecific Cityliaisontoscheduleriskassessmentinterviewsandwewillholdonsitediscussionswheneverpossible.The finalriskassessmentapproachwillbeapprovedbyCitymanagement. Workproceduresinclude: Developinterviewquestionnaire Identifykeystakeholdersandassessmentpopulation Obtainfinalapprovalonapproach Schedulelogisticalinterviews PHASE4:EXECUTERISKASSESSMENTAPPROACH OurteamwillfacilitatediscussionswithkeyCityleadership,managersandstakeholderstoconducttherisk assessment.Inaddition,wewillutilizethe/źƷǤ͸ƭprioryearauditplanandanypreviousriskmanagement results,ifprovidedtoCLA.Wewillalsotakeintoconsiderationexternalauditreportsprovidedtousasa startingpointtofacilitatedetaileddiscussionsandtogainanunderstandingofthecurrentcontrols,process structure,personnelinvolved,andsupportingtechnologydefinedintheassessment. Procedureswillconsistofthefollowing: Conductinterviewswithidentifiedstakeholders Documentandsummarizeinterviewresultsandrisksidentified PerforminitialrankingofrisksidentifiedbasedonCLAcurrentunderstanding Agenda Item 8. b. Internal Audit Engagement Letter Page 17 of 54 June21,2018 CityofYelm Page15 Reviewrisks,recommendations,andriskrankingswiththeCity Risksidentifiedwillbeprioritizedandplacedonanenterprisewideriskmap.Anenterprisewideriskmapisa graphictoolthatassistsinplottingtheƩźƭƉ͸ƭrelativeimpactandvulnerabilityofariskeventforeachofthe keyprocessesand/orbusinessfunctions.CLAusesfiveimpactcriteriaandsevenvulnerabilitycriteriatorank risks.Byprioritizingandvalidatingrisks,youcanalignandprioritizeitsresourcestomanageandmitigaterisks appropriately. PHASE5:DELIVERRESULTSANDINSIGHTS Ourteamwilldraftariskassessmentreportwithanexecutivesummarydescribingthescope,objectives, approachandoverallconclusions.Inaddition,ourreportwillcommunicatealldetailedrisksidentified.Risks willbeaggregatedbyprocessand/orbusinessfunctionandplacedonanenterprisewideriskmapwithinthe report.Inaddition,ourreportwilldetailallidentifiedrisks,recommendationstomitigatetherisk,andarisk ranking.Theimpactandvulnerabilitycriteriausedtoranktheriskswillalsobeembeddedintothereportto provideCitymanagementaclearunderstandingonhowtheriskrankingwasderived.Wewillalsowork collaborativelywithCitymanagementtotailorthedraftreporttomeettheneedsofCitymanagementand anyrelevantreportingCommittees. Ourriskassessmentreportsareissuedtimelyafterthecompletionofourfieldwork./\[!͸ƭcommunication frameworkissetuptoensurevaluedrivenresults.Werequireourteamtoprioritizetheirfindingsand discusstheriskassessmentreportwiththeappropriateCitymanagementandstaffpriortoissuance. Webelievethisapproachaccomplishesthefollowing: Confirmstheinformationcontainedinthereport. Minimizesreactiontosignificantrisks. Encouragesbuyinfromtheprocessowners. Increaseslikelihoodofimplementationofrecommendations. Uponapprovalofthedraftreport,afinalreportwillbeissuedtodesignatedmanagement,inadditiontoany additionalpersonnelorcommitteesasrequested.Additionally,wewillmeetwiththe/źƷǤ͸ƭmanagementand anycommittees,asrequested,andwillprepareaformalpresentation,aswellasaddressanyquestions. ImpactandVulnerabilityAssessment Additionally,theinformationgatheredintheprocesswillbeanalyzedandsummarizedusingthefollowing process: RankrisksusingriskmodelingincollaborationwiththeCitymanagement.Weuseavarietyofrisk rankingtoolsandweightingmethodologies.Ourapproachistoworkwithmanagementduringthe planningphasetoidentifytheappropriateriskrankingmodelandweightingmethodologythatbest meetsthe/źƷǤ͸ƭriskappetiteandtolerance.Samplesofariskassessmentfinalsummarybasedona subjectiveandobjectivemethodology.Thesubjectivemethodology(riskmap)focusesonlikelihoodof occurrence,vulnerabilityandimpact,whiletheobjectivemethodologyfocusesonthecontrol environmentusinganumericscoring. Next,wedefineimpactandvulnerabilitycriteriaapplicabletotheCitytobeutilizedasatoolforriskranking procedures.Indeterminingriskwithinthefinancial,operational,andITprocesses,weassessedtheimpactof theprocesstotheorganizationandthevulnerabilitythatariskwouldoccurbyevaluatingtheunderlying attributesoftheprocessandbyassessingtheeffectivenessofthecontrolenvironmentaroundthatprocess.The criteriaaredefinedintermsofhigh,moderate,andlow.Seeillustrationbelowfordefinitions. Agenda Item 8. b. Internal Audit Engagement Letter Page 18 of 54 CLAconnect.com May 18, 2018 Proposal to provide professional internal audit services to: City of Yelm Prepared by: David Hoagland, CPA, Principal Public Sector Leader Dave.hoagland@CLAconnect.com Direct (425) 828-1546 | mobile (425) 753-5881 Brian Pye, CPA, Principal IA Practice Leader Brian.Pye@CLAconnect.com Direct (612) 376-3139 | mobile (651) 247-5019 WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING Investment advisory services are offered through CliftonLarsonAllen Wealth Advisors, LLC, an SEC-registered investment advisor. Agenda Item 8. b. Internal Audit Engagement Letter Page 19 of 54 CliftonLarsonAllen LLP 10700 Northup Way, Suite 200 Bellevue, WA 98004 Main 425-250-6100 x11546, Fax 425-250-6050 www.claconnect.com May 18, 2018 City of Yelm Finance Department Joseph Wolfe Finance Director City of Yelm 105 Yelm Ave. W. Yelm, WA 98597 Dear Joseph: On behalf of CliftonLarsonAllen LLP (CliftonLarsonAllen or CLA), we are pleased to present our proposal to provide Internal Audit Services (IA) to The City of Yelm (the City or the Organization). We appreciate the opportunity to propose our services; it is a significant opportunity that we value highly. We believe that we have the industry experience along with the resources, proven methodology, technologies, and commitment to meet your expectationsdedicated nonprofit and government focus combined with risk management and internal audit capabilities makes us truly unique in our ability to serve you. At CLA, we have significant internal audit experience in working with similar entities to address the most difficult challenges your Organization faces today. We also recognize understanding the culture and needs of the Organization are critical to the success of any engagement, and are committed to investing the time necessary to develop this understanding so that the desired outcomes are received. As a top national professional services firm, CLA is well positioned to bring the City strong knowledge, insight, and industry-specific advice. The City can depend on CLA for several uncommon advantages: Professionals personally and deeply invested in your success. CLA has established itself as a firm where the best and brightest come to build the careers they want. Our people provide transformative advice by applying their entire depth of experienceas well as their full potentialto client work. Specialized industry practices. Our assigned professionals are immersed in completing engagements in your industry. Those selected to serve the City are not just internal audit and advising practitioners; they have significant exposure, training, and knowledge with nonprofit and government organizations. Independence. CLA is an independent organization with no prior contractual relationships with the City, and does not have any conflicts of interest which would impact being engaged to serve in an internal audit capacity. Value and affordability. You can avail yourself of the knowledge and capabilities of a top 10 firm at surprisingly competitive rates. We hope this proposal conveys the depth of interest we have in serving the City, our commitment to delivering the highest quality services, and the strength of our capabilities. We look forward to the opportunity to discuss our proposal with you. Feel free to contact our engagement executives with any questions. Sincerely, David Hoagland, Principal CPA Public Sector Leader Agenda Item 8. b. Internal Audit Engagement Letter Page 20 of 54 TABLE OF CONTENTS Executive Summary _________________________________________________________________ 1 Why should the City choose CLA for internal audit outsourcing? ____________________________ 1 Organization Overview / IA Practice Overview ___________________________________________ 2 CLA Overview and IA Practice Overview ________________________________________________ 2 Execution Differentiators for Internal Audit and Internal Control Services _____________________ 3 Education and Training Programs _____________________________________________________ 4 Onboarding Engagement Staff Members _______________________________________________ 4 Experience & Capablities _____________________________________________________________ 5 Internal Audit, Information Technology Risk Management & Industry Experience ______________ 5 Service Delivery Approach & Methodology ______________________________________________ 9 Service Delivery Approach and Methodology ___________________________________________ 9 Team Member Summary ____________________________________________________________ 23 Technology / Tools _________________________________________________________________ 24 Internal Audit Tools and Technology _________________________________________________ 24 Knowledge Sharing _________________________________________________________________ 26 Knowledge Sharing Approach and Investments _______________________________________ 26 Detailed / Itemized Pricing & rate card _________________________________________________ 27 Time and Materials Pricing _________________________________________________________ 27 Rate Card _______________________________________________________________________ 28 References _______________________________________________________________________ 30 Appendix Leadership Team Biographies ______________________________________________ 31 Agenda Item 8. b. Internal Audit Engagement Letter Page 21 of 54 EXECUTIVE SUMMARY Why should the City choose CLA for internal audit outsourcing? Our interactions with you are designed to support your goals and dreams and impact your success. At CLA, we develop honest, sincere relationships with our clients; expressing our genuine interest in their respective industries; investing heavily in our personnel resources. Through this approach, we have grown to become one of the leading professional services firms in the nation. The CLA engagement team has been specifically assigned to deliver the results you expect from the Internal Audit Function. The team provides consistent executive involvement with professionals experienced in your industry, along with subject matter specialists, as appropriate, to participate in each of the internal audit projects to be included in the internal audit plan. We respond to your stated needs in a thorough and easy-to-follow manner. We understand your most important and relevant needs for outsourcing internal audit are: A proposed team of professionals carefully selected for compatibility with the City circumstances - Your internal audit client service team understands the strategic, operational, and regulatory issues impacting your Organization. These professionals dedicate a substantial percentage of their time assisting nonprofit and government organizations with financial, regulatory, and information security matters, and in the performance of internal audits. Efficiency Our goal is to provide exceptional client service at the lowest possible cost. Well-planned and well-executed internal audit engagements by an experienced service team will minimize disruption to your staff and enable timely completion of all deliverables. Experience and continuity Each engagement team member has in-depth experience in nonprofit and government internal auditing, accounting, or IT matters. Each engagement team member has been selected for the specific experience they will bring to the relationship. We will commit the necessary resources to provide quality client service and timely work product delivery. We have an extensive local and national nonprofit and government practice from which to draw internal audit and subject matter resources. Fresh perspective By engaging CLA, the City will and processes. You will be served by an engagement team with enthusiasm and a desire to meet and exceed expectations. We are confident that our industry experience will reveal new ideas, new approaches, and new opportunities. Executive Involvement The CLA engagement team has been designed to provide consistent executive involvement throughout the course of the year. The engagement executives are empowered to deploy the most appropriate skill sets in the execution of each project and internal audit. This provides ongoing knowledge of the Organization, and also leverages the specific expertise needed in the performance of each assignment. ©2018 CliftonLarsonAllen LLP | 1 Agenda Item 8. b. Internal Audit Engagement Letter Page 22 of 54 ORGANIZATION OVERVIEW / IA PRACTICE OVERVIEW CLA Overview and IA Practice Overview CLA is a national professional services firm delivering integrated outsourcing, public accounting, and wealth advisory capabilities to help enhanc. CLA client service professionals are organized along industry lines, providing our clients with professionals at all ranks that are focused on understanding the specific issues they are facing. WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING Our interactions with you are designed to support your goals and dreams and impact your success. Our professionals are immersed in the industries they serve and have specialized knowledge of their operating and regulatory environments. With nearly 4,500 people, 90+ U.S. locations, and a global affiliation, we bring a wide array of solutions to help clients in all markets, foreign and domestic. Our mission: Impactful interactions for success ©2018 CliftonLarsonAllen LLP | 2 Agenda Item 8. b. Internal Audit Engagement Letter Page 23 of 54 You can depend on CLA for several uncommon advantages: Deep industry specialization Our people are industry practitioners first and foremost. You will work with professionals who know you, your Organization, and your industry and combine their knowledge with yours to make your Organization stronger. Seamless, integrated capabilities We offer planning and advice from startup through succession, with particular care for you and your Organization seamlessly presented and delivered for you. THE career building firm Our professionals are personally invested in your success, you will work with energetic, industry focused professionals with the freedom and agility to serve you rather than merely perform obligatory functions. IA Practice Overview CLA has a national internal audit team of over seventy professionals providing internal audit, risk and compliance related services. Following are some of the key attributes about our practice. Most team members have corporate internal audit, finance function or operational experience. This reflects our hiring profile, which is focused on recruiting experienced professionals who now serve as full-time, dedicated internal auditor and risk professionals. Average over fifteen per professional. Experienced in working with all sizes of companies, from Fortune 100 to start-ups, including public and private. Eight principals in our outsourcing practice serve internal audit clients. In addition to our local capabilities, Brian Pye also serves in national internal audit roles, which provides him access to national resources as needed to serve our clients. Execution Differentiators for Internal Audit and Internal Control Services When delivering internal audit services, the CLA client service team will provide the following capabilities: Internal audit professionals who are dedicated to the nonprofit and government industry and an engagement team with in-depth work experience. We approach internal audit with a partnership and value-add consultative mentality. We recommend ways to minimize risk, add value, and increase operational efficiency, rather than just reporting on it. We understand the reporting relationships between your Board of Directors and the Executive Team. We will capture your views and opinions individually and as a group to get results. A deep understanding of nonprofit and government operations, from program delivery to enterprise/administrative functions, and technology. A proven risk assessment and internal audit methodology for organizations that involves the insight of a broad base of stakeholders, including process owners and decision-makers. We embed the power of data analytics and technology in our methodology to increases level of effectiveness, comfort and coverage. ©2018 CliftonLarsonAllen LLP | 3 Agenda Item 8. b. Internal Audit Engagement Letter Page 24 of 54 Education and Training Programs Training and evaluation Our training program includes a combination of specialized in-house training, vendor specific training and certification, and industry focused training and certification. All professional staff must complete annual CPE requirements. Formal training is supplemented by attendance at local, regional, and national conferences, association meetings, and user group meetings. CLA follows a continuous feedback program that includes structured formal reviews at least twice a year, as well as the ability for staff to seek out additional project performance feedback AND management to provide specific project performance feedback. As part of the evaluation and feedback process staff and management work together to develop and maintain professional development plans for each staff member that is customized to the staff persons specific needs and interests. Our record of business ethics and corporate social responsibility In addition to being bound by the ethical standards established by the American Institute of Certified Public Accountants, our principals and employees are also held to a strict moral and ethical code when dealing with clients. At all times, our personnel are expected to act in a professional manner and display unimpaired, sound judgment when working on engagements. Client information and findings are also held in strict confidence. CLA actively trains our principals and senior managers on our human resource initiatives, which are designed to promote the growth and development of our people and ensure that our employees receive fair and equitable treatment. CliftonLarsonAllen annually receives Best Place to Work recognition, both on the national level and in various local markets. Onboarding Engagement Staff Members CLA deploys only experienced internal auditors to work on internal audit engagements. Given this client service professional experience level, the engagement team members do not need to be trained in how to perform their work; they only need to learn about specific client requirements and expectations. Following is a summary of our approach to onboarding new engagement team members. Engagement Principal or Director meets with each professional to share client priorities for the relationship and any challenges the team member needs to be aware of. Engagement Principal or Director share communications protocols. Engagement Principal and Director communicate the project plan that meets requirements of the client. The most important part of the transition process is for us to make sure each team member understands all of the expectations the Organization has of the client service team, and for us to enable the process to address those expectations. ©2018 CliftonLarsonAllen LLP | 4 Agenda Item 8. b. Internal Audit Engagement Letter Page 25 of 54 EXPERIENCE & CAPABLITIES Internal Audit, Information Technology Risk Management & Industry Experience Our internal and risk management services Our professionals are dedicated, skilled practitioners committed to the internal audit profession with extensive experience in all aspects of enterprise risk management and internal audit processesfrom core internal auditors with operational and financial controls specialization, to IT auditors with knowledge of auditing automated controls and specialty IT reviews, to other subject matter specialists with specialized competencies. Our practitioners also have access to the full breadth and depth of the multidisciplinary knowledge of CliftonLarsonAllen through our consultative practices to bring the right services and skill sets. CLA provides the following internal control, risk management, and internal control-related consulting services to clients. Outsourced or co-sourced internal audit Enterprise risk management readiness assessments Operational, financial, regulatory, and compliance assessments Documentation, evaluation, and tests of controls Future state design and implementation Business process reengineering Cost optimization assessments Benchmarking assessments and leading practice recommendations Policy and procedure development Facilitation of trainings and workshops Fraud reviews Our information technology services Technology and information systems are a critical aspect of the internal control environment. The emphasis of the audit work program will be on the areas identified with the highest risk as a result of the risk assessment process. The following is a sample list of the information technology assessment services we offer. General controls review IT risk assessments Control Objectives for Information and Related Technology (COBIT) assessments Application controls assessment Network penetration testing Internal vulnerability assessments Security policy review Security awareness assessment Incident response and forensic investigation Social engineering Wireless security assessments ERP software selection Strategic technology planning Business continuity and disaster recovery preparedness ©2018 CliftonLarsonAllen LLP | 5 Agenda Item 8. b. Internal Audit Engagement Letter Page 26 of 54 Reputation for industry excellence In the competitive professional services industry, the key to success is the ability to stay ahead of industry trends and respond dynamically to market opportunities. As the nonprofit and government industry looks to address the challenges facing it, companies will require carefully crafted business strategies that anticipate the ultimate effects of technology change, competitive dynamics, and market movements. We will work with you to establish timelines with reports and information that provide value-added insights to your team on current systems and operations of the City, as well as emerging industry, accounting, and specialized service trends that will impact you. We strive to make a difference for our clients by positioning ourselves as a knowledgeable, accessible, and responsive resource. We have the experience and expertise to understand the challenges facing nonprofit and government organizations that are continuously changing. Increased need for services, cost reduction, regulatory environment, and the increasing need for effective controls are combining to put extraordinary stress on operating performance. Growing pressures on companies call for new perspectives and creativity in aligning their strategic interests. Project specific resources will be called upon based on the scope and objectives of each internal audit project. In addition, we have a number of highly qualified consultants to supplement our staff when necessary. Our philosophy is to assign staff with the knowledge and expertise based on your needs. Our principals and managers provide oversight of staff and senior activities, review their work products, and manage the progression of projects. Our dedication to the governmental industry CLA has one of the largest public sector audit and consulting practices in the country. CLA brings extensive experience providing a variety of audit and consulting services to state and local government entities and nonprofit organizations, including internal audits, performance audits, agreed-upon procedures, compliance audits, financial statement audits, single audits in accordance with OMB Circular A-133, and a variety of other consulting services. Our government services team serves nearly 3,000 governmental engagements spread among 1,700 government clients nationwide, including numerous public school districts, counties, cities, municipalities, states and state agencies, and colleges/universities. To break it down further, we serve: 350 government agencies 200 housing organizations 180 K-12 education organizations 300 colleges and universities 400 other state and local government organizations governmental audit practice, every member of your engagement team will have governmental audit experience. These individuals serve governmental entities throughout the country including many state agencies, departments, and commissions. Additionally, we have access to firm-wide experts and resources as needed to fulfill the requirements of the engagement. Our experience in serving government entities spans four decades dating back to the 1970s when the National Council on Governments Accounting (NCGA) was formed, through the 1980s Single Audit Act and formation of the Government Accounting Standards Boa- of the government financial reporting model. ©2018 CliftonLarsonAllen LLP | 6 Agenda Item 8. b. Internal Audit Engagement Letter Page 27 of 54 In addition, throughout these years, CLA has expanded to provide numerous business risks specialized and information technology services within the Specialized Services Group of CLA. CLAs vision is to be the leading contributor to the public sector, providing top quality service to our clients nationwide. Industry participation CliftonLarsonAllen actively supports industry education as a thought leader and industry speaker. Our firm focuses on supporting the educational needs of the industry through nationally sponsored trade events. Our team of local government professionals is sought after, both as educators and as experienced speakers who are invited to speak and teach at major professional events by leading trade associations. As an example, we have been speakers for the following organizations: AICPA governmental and nonprofit national conferences State CPA societies Government Finance Officers Association Local chapters of the Government Finance Officers Association, including the WGFOA Association of Local Government Auditors Association of Government Accountants Thought leadership and industry information. CLA goes beyond the numbers and offers value-added solutions. You will hear from us throughout the year. We send periodic email publications and host webcasts to keep clients and friends of the firm informed of relevant industry updates. Below are just a few of the resources we offer. Market and Economic Outlook a quarterly publication written by CliftonLarsonAllen Wealth Advisors, LLC. State and Local Government Perspective a quarterly e-newsletter which provides updates on regulatory and industry issues. National Industry Webcasts web-based seminars designed to provide information on upcoming industry trends, accounting, compliance, risk, and other issues in either the accounting or the local government industry. These webcasts are free to clients and provide CPE credit to attendees. Speaking engagements and Workshops We share our industry knowledge and experience by presenting at national, regional, and local events as well as hosting our own industry events in various markets. We provide quality insight and education in the areas of improving efficiency, reducing risk, and planning for succession. Recent industry articles In addition to our direct participation with national organizations, CLA has had numerous articles published by our local government industry professionals. For the most current listing of the published articles, please go to the link below. In-person events Annual economic, capital markets, and tax outlook seminars presented by local tax professionals and CliftonLarsonAllen Wealth Advisors, LLC investment committee members. You can register for our webcasts and find our extensive resource library on our website - www.CLAconnect.com ©2018 CliftonLarsonAllen LLP | 7 Agenda Item 8. b. Internal Audit Engagement Letter Page 28 of 54 Our partnership with the City CLA has taken a different path than our competitors to achieve success in internal audit services. We recognize that organizations like the City want their internal audit services to work alongside management to provide a means to better understand, communicate, and respond to the risk that exists in the organization, rather than just report on it. We built our internal audit services to match these changing requirements. Given the nature of the business environment and corporate objectives, it is essential that the City forms a strategic alliance a close working relationship provider. The CLA approach is: Highly collaborative. Teaming our top functional specialists with your management and other business partners to leverage the best resources of our respective organizations. Comprehensive. Integrating a top-down strategic assessment with a team representing a broad range of experience. Flexible. Tailoring an approach to your requirements, one that is sufficiently dynamic to change with market conditions and your organizational needs. Risk-based. Facilitating that the Cityare optimally leveraged to address the most critical high- Communicative. Working closely with management to understand your organization, your needs, the related risks, and how those risks impact operations. ©2018 CliftonLarsonAllen LLP | 8 Agenda Item 8. b. Internal Audit Engagement Letter Page 29 of 54 SERVICE DELIVERY APPROACH & METHODOLOGY Service Delivery Approach and Methodology Collaboration is inherent in the culture of CLA. It comes from our long history of focusing on co-sourcing relationships. As your internal audit service provider, we will meet with the City on a consistent and ongoing basis to tailor our methodology and tools to meet your specific needs. Our internal audit methodology provides the foundation for identifying, measuring, and documenting your risks and controls. Our methodology is a dynamic tool, which will be utilized to reflect the changing risk profile of the Organization. Our team has successfully applied our approach and tools to complete internal audits, in-depth risk analysis, documentation improvements, and control gap remediation activities. Inherent in all of our engagements and confirmed in our reputation, is a need to provide the highest level of quality services in all of our engagements. Each engagement work product goes through a rigorous quality control process designed to prevent surprises and will provide the Organization with high-quality work. s combination of experience in internal audit services, enterprise risk management programs, plus our focus on your industry, and knowledge of information technology makes our firm an outstanding option for the City. Our internal audit methodology CliftonLarsonAllen believes that the foundation of an Organizations success is based on three factors: People, Rules & Tools the Organizations personnel and business partners including place for the staff to efficiently execute and represents technology, including hardware and software used by the City to manage information, including confidential information, and internal operations/infrastructure. If any one of the three factors is weak, the overall success of your Organization may be challenged. The following illustrates how CLA will approach the organizational structure of the City. We begin by looking at the City who are recipients of services of various programs and identify what iness functions that typically include, but are not limited to, finance/accounting, human resources, program services, grants/contract administration, and audit. ©2018 CliftonLarsonAllen LLP | 9 Agenda Item 8. b. Internal Audit Engagement Letter Page 30 of 54 In the middle, and perhaps the most important is City information. City information is data that is necessary for the City to measure efficiency and performance and ultimately make decisions. The data is maintained and made available to the City by resources with information technology. Information technology is specific to each organization but typically includes the following assets: network, servers, workstations, software (licensed and custom developed), data, IT support (help desk) and systems operations. In addition, we consider where the IT organization resides and how the technology assets are protected. The following describes the internal control framework we utilize when evaluating the internal control environment: Control environment. The Organization culture that influences ethical behavior, workplace integrity, and risk and compliance consciousness of its personnel. Risk assessment. The process of identifying risks that threaten achievement of objectives. Control activities. The activities established to support compliance requirements and risk responses selected by management are carried out. Information and communications flow. The process for providing the right information to the right people at the right time for them to effectively carry out their responsibilities. Monitoring. The management processes in place to verify controls are working as intended and identify anomalies. ©2018 CliftonLarsonAllen LLP | 10 Agenda Item 8. b. Internal Audit Engagement Letter Page 31 of 54 Our internal audit methodology supports conformity with the standards for the professional practice of internal auditing knowledge. In addition, our methodology and approach is based on COBIT, the IIA, and GAAS. Each individual internal audit project will be performed in accordance with our six-step internal audit methodology, as summarized on the following pages. 111 Define the Define the Define the engagementengagementengagement 666222 Deliver Deliver Deliver Develop risk Develop risk Develop risk results and results and results and model and model and model and insightsinsightsinsightsuniverseuniverseuniverse Internal Internal Internal audit audit audit servicesservicesservices 555333 Execute Execute Execute Develop Develop Develop audit project audit project audit project audit planaudit planaudit plan programprogramprogram 444 Design audit Design audit Design audit project project project programprogramprogram There are six phases in our internal audit approach. The following table summarizes the phases and our approach. PHASE 1: DEFINE THE ENGAGEMENT Our team will validate the overall internal audit services project scope based on consultation with key stakeholders as designated by the City. We will validate our understanding of the Organization expectations for the project, including the following: Refine and tailor the methodology and approach Define roles and responsibilities Establish communication protocols to ensure the most respectful and efficient working relationship is created at the very beginning of the process Define detailed project plan and milestones Identify resources to be utilized and logistical arrangements Develop strategies to mitigate disruption to the Organizations day-to-day operations Provide the Organization leaders with an orientation to the internal audit services project, as requested by the City In addition, pertinent data will be requested to utilize during the planning process. Requested documents and information will include, but not be limited to: Organization charts Policies and standard operating procedures, as applicable Prior risk assessment reports, internal audit results, performance audit, third party reports and external auditors reports, strategic plan, etc. ©2018 CliftonLarsonAllen LLP | 11 Agenda Item 8. b. Internal Audit Engagement Letter Page 32 of 54 PHASE 2: DEVELOP RISK MODEL AND UNIVERSE ( See detailed approach below) Our team will begin by understanding the Organizations business, risks, existing control structure, objectives, goals, and strategies and gain a further understanding of the auditable areas based on the results of your previous assessments. We will also assess external and internal risks related to each of the programs and/or functions identified by the City. The factors identified in this phase will allow CLA to focus on internal controls of higher risk versus basic control testing. PHASE 3: DEVELOP AUDIT PLAN We will align the internal audit plan with the Organizations strategy and focus on areas of greatest risk. CLA will develop the annual internal audit plan using a risk-based approach. The highest ranked risks will generate the most attention and resources and we will work with the Organization management to tailor the specific internal audit plan to be the most cost effective and efficient. CLA will work with Organization management to agree on the scope and timing of the specific internal audit projects. We will schedule the internal audits during the least disruptive times for Organization process owners so that the audit can be completed efficiently and effectively. In addition, CLA will perform an ongoing assessment of the internal audit plan to ensure it continues to align with key risks of the Organization. If changes occur, CLA will work with the City management to adjust the audit plan to meet the key objectives and risks of the Organization. We will assign a CLA service delivery team to with the right competencies to bring the required mix of financial, operational, regulatory, and information technology skills in your industry. PHASE 4: DESIGN AUDIT PROJECT PROGRAM For each internal audit project, our typical approach is as follows, but it can be tailored as needed. Our team will meet with Organization management to conduct a planning meeting prior to the start of each audit project (approx. 2-4 weeks prior) to reconfirm the scope and objectives and introduce key stakeholders of the Organization involved with the internal audit project. This allows for appropriate communication and to internal audits. This ensures that expectations are set with both CLA and Organization process owners. This meeting will also be utilized to gain further understanding of the process that will be audited to specifically tailor and design audit programs. CLA will specifically tailor and design the internal audit programs to meet the uniqueness of the Organizations processes and internal controls utilizing standard industry and process templates that CLA has previously established and tailoring them to meet the needs of the Organization and its processes based on the planning meetings conducted. Internal audit programs will also be tailored based on background and history already obtained via previous assessment reports provided to CLA. PHASE 5: EXECUTE AUDIT PROJECT PROGRAM Our team will execute the specific operational, financial, regulatory, and information technology internal audits previously agreed to with Organization management, and conduct the audit in accordance with the Standards for the Professional Practice of Internal Auditing as prescribed by the Institute of Internal Auditors. CLA will also provide the Organization with best practice recommendations in each process and risk area identified based on the IIA and COBIT standards. ©2018 CliftonLarsonAllen LLP | 12 Agenda Item 8. b. Internal Audit Engagement Letter Page 33 of 54 We will assess the City processes, determine the areas where additional internal controls may be needed, where existing internal controls should be enhanced, and compare the operations to widely accepted best practices. The internal audit assessment will allow us to identify specific actions that will result in recommendations for improvement. Work procedures include: Determine if current internal controls are designed appropriately to mitigate the identified risks. Determine adequacy of the design of internal controls that currently exist as it relates to effective and efficient achievement of the specified purpose. Provide detailed recommendations for future state improvements to internal controls. We will utilize a consistent internal audit service team, supplemented with specialty resources or expertise as needed. All work in the information technology area, if required, will be completed by our IT specialists. A formal close/exit meeting will be conducted with Organization management and personnel to communicate risk and control deficiencies noted during the audit. Prior to the formal close/exit meeting, CLA will validate our understanding of various risks and internal control deficiencies with process owners so there PHASE 6: DELIVER RESULTS AND INSIGHTS Our team will draft an internal audit report with an executive summary describing the scope, objectives, approach, and overall conclusion of the internal audit project. In addition, our report will describe in detail internal control deficiencies, recommendations, and a risk ranking specific to each of the control deficiencies. We will also work collaboratively with Organization management to tailor the draft report to meet the needs of Organization management and any relevant reporting Committees. Our internal audit reports are issued timely after the completion of our fieldwork. CLAs communication framework is set up to ensure value-driven results. We require our team to prioritize their findings and discuss drafts of internal audit reports with the appropriate Organization management and staff prior to issuance. We believe this approach accomplishes the following: Confirms the information contained in the report Minimizes reaction to significant findings Encourages buy-in from the process owners Increases likelihood of implementation of recommendations Upon approval of the draft report, a final report will be issued to management and any relevant committees, as requested. Additionally, we will meet with the Organizations management and any relevant committees, as requested, and will prepare a formal presentation, as well as address any questions. Year-long support We encourage your staff to take advantage of our accessibility throughout the year for questions that may arise. Our people, working with you and your staff, can provide proactive advice on new accounting or GAAP pronouncements and their potential impact; help with immediate problems including answers to brief routine questions; and share insights and best practices to assist you in planning for your future success. ©2018 CliftonLarsonAllen LLP | 13 Agenda Item 8. b. Internal Audit Engagement Letter Page 34 of 54 Our Risk Assessment Approach In order to develop the annual internal audit plan, a risk assessment should be conducted that focuses on the six key risk domains at the City. The risk domains we suggest focus on are as follows: Strategic Risks: Risks associated with business objectives not being met due to poorly defined business inadequate organizational structure, infrastructure or alignment. Strategic risk is managed by appropriate organizational governance. Failure to adequately plan and execute against organizational goals may result in Operational Risks: Risks derived from core business practices, which rely on systems, practices, programs, and people. Within this risk domain are risks associated with a diverse number of operational areas. Financial Risks untimely due to a variety of factors including the pace of change, the amount of uncertainty, the presence of a large error, or the pressure on management to meet certain expectations. Compliance Risks: Risks associated with a variety of federal, state and local laws and regulations. Failure to follow prescribed directives may result in substantial fines, restrictions, loss of business, and/or legal action taken by regulators. Information Technology Risks: Risks associated with the level of use, sophistication, complexity, robustness, ease of use and speed, and accuracy of recovery/replacement of systems. This risk addresses the overall importance of technology within the organization and the availability and quality of information the organization can access to support decision making, and the security of key information. Human Capital Risks: Risks associated with the type of behaviors encouraged by management; the methods used to reward employees; the approach to consistently enforce policies and procedures; the selection, screening, and training of employees; and the reason and frequency of turnover. Objectives and scope The objective of the organization-wide risk assessment is to identify the key strategic, financial, operational, and IT processes at the City and assess the levels of risk within each of the process areas. In addition, provide management with visibility to process areas that contain the highest potential risk as determined by the risk assessment process. The scope of the organization-wide risk assessment will include the following functional areas/processes within the City: Functional Area/Process Detailed Coverage of Functional Area/Process Cash receipts, accounts receivable management, cash handling, Cash Receipts donations/contributions Purchasing controls and thresholds, disbursements/accounts payable, Purchase to payment processing, vendor maintenance, purchasing cards, employee Pay/Disbursements expense reporting Senior leadership, board of directors, strategic plan, internal policies and Governance procedures, and vendor relationships ©2018 CliftonLarsonAllen LLP | 14 Agenda Item 8. b. Internal Audit Engagement Letter Page 35 of 54 Financial close and reporting, accounting operations, budgeting, reconciliation of significant account balances, accruals, estimates and Accounting/Finance reserves, journal entry review, chart of account maintenance, segregation of duties Administration, due diligence, contractual agreements, responsibility and Vendor Relationship oversight, third party relationships, SSAE 16 reports Compliance Regulatory requirements, fraud detection and prevention Payroll, benefits, records management, FTE workload, recruiting, hiring, Human Resources and Payroll terminations, performance monitoring, new hire integration, employee retention, training and development, incentive program Social media, publications, web development, brand and logo, advertising Marketing/Communications channels Change management, Vulnerability Management, servers and databases, Web based applications, authentication standards, layered security, policies Information Technology and procedures, password parameters, logical access, user account administration, application administration, storage and backup, physical/environmental controls, and contingency planning Organization structure, governance, policies, standards and procedures, risk Organizational Administration management policy, maintenance and storage of sensitive information (electronic and paper) Developing the Risk Assessment Approach Our risk assessment approach provides the City management the opportunity to build a relationship with our team through the risk assessment process and provides us with the opportunity to gain a thorough understanding of City operations and culture. This approach focuses on the six domains stated above and can be modified to more specific risk domains if the City management desires. Risk assessments are conducted by principals and managers with specific industry and internal audit experience. The five phases of our risk assessment approach is as follows: 1) Planning and Data Gathering; 2) Develop Risk Model and Universe; 3) Develop Risk Assessment Approach; 4) Execute Risk Assessment Approach; and 5) Deliver Results and Insights. ©2018 CliftonLarsonAllen LLP | 15 Agenda Item 8. b. Internal Audit Engagement Letter Page 36 of 54 The following table summarizes the tasks that we will take to accomplish each phase. PHASE 1: PLANNING AND DATA GATHERING Our team will validate the risk assessment project scope based on consultation with key stakeholders as designated by the City. We will validate our understanding of the City project, including the following: Refine and tailor the methodology and approach Define roles and responsibilities Establish communication protocols to ensure the most respectful and efficient working relationship is created at the very beginning of the process Define detailed project plan and milestones Identify resources to be utilized and logistical arrangements -to-day operations Provide City leaders with an orientation to the risk assessment process, as requested by the City. In addition, pertinent data will be requested to utilize during the planning process. Requested documents and information will include, but not be limited to: Organizational charts Policies and standard operating procedures Prior risk assessment reports, internal audit reports, committee presentations, external PHASE 2: DEVELOP RISK MODEL AND UNIVERSE We begin by defining risk and creating a risk framework. Risk is an event or condition that can negatively affect the ability of an organization to achieve its objectives. Risks are generally thought to be associated with taking actions; however, risks can also occur when no action is taken in the form of missed opportunities. CLA suggests six risk domains as described above: strategic, operational, financial, compliance, technology, and human capital. Procedures will consist of the following: Campuses/Locations/People/Operations Understand business process and the information technology environment Identify centralized/decentralized processes Define and create the risk universe and risk model (risk map) Identify risk ranking criteria definitions (impact and vulnerability variables) Agree on measurement scale and deliverable format Prioritize the audit universe Next, we define impact and vulnerability criteria applicable to the City to be utilized as a tool for risk ranking procedures. In determining risk within the financial, operational, and IT processes, we assess the impact of the process to the City and the vulnerability that a risk would occur by evaluating the underlying attributes of the process and by assessing the effectiveness of the control environment around that process. The criteria are defined in terms of high, moderate, and low. ©2018 CliftonLarsonAllen LLP | 16 Agenda Item 8. b. Internal Audit Engagement Letter Page 37 of 54 PHASE 3: DEVELOP RISK ASSESSMENT APPROACH Our team will develop a risk assessment approach specifically tailored for the processes of the City. We begin by identifying various interview participants, including key risk owners and conduct interviews, as applicable. Interview questionnaires will be developed and specifically tailored for the City. We will work with a specific City liaison to schedule risk assessment interviews and we will hold onsite discussions whenever possible. The final risk assessment approach will be approved by City management. Work procedures include: Develop interview questionnaire Identify key stakeholders and assessment population Obtain final approval on approach Schedule logistical interviews PHASE 4: EXECUTE RISK ASSESSMENT APPROACH Our team will facilitate discussions with key City leadership, managers and stakeholders to conduct the risk assessment. In addition, we will utilize the City management results, if provided to CLA. We will also take into consideration external audit reports provided to us as a starting point to facilitate detailed discussions and to gain an understanding of the current controls, process structure, personnel involved, and supporting technology defined in the assessment. Procedures will consist of the following: Conduct interviews with identified stakeholders Document and summarize interview results and risks identified Perform initial ranking of risks identified based on CLA current understanding Review risks, recommendations, and risk rankings with the City Risks identified will be prioritized and placed on an enterprise-wide risk map. An enterprise-wide risk map for each of the key processes and/or business functions. CLA uses five impact criteria and seven vulnerability criteria to rank risks. By prioritizing and validating risks, you can align and prioritize its resources to manage and mitigate risks appropriately. PHASE 5: DELIVER RESULTS AND INSIGHTS Our team will draft a risk assessment report with an executive summary describing the scope, objectives, approach and overall conclusions. In addition, our report will communicate all detailed risks identified. Risks will be aggregated by process and/or business function and placed on an enterprise-wide risk map within the report. In addition, our report will detail all identified risks, recommendations to mitigate the risk, and a risk ranking. The impact and vulnerability criteria used to rank the risks will also be embedded into the report to provide City management a clear understanding on how the risk ranking was derived. We will also work collaboratively with City management to tailor the draft report to meet the needs of City management and any relevant reporting Committees. ©2018 CliftonLarsonAllen LLP | 17 Agenda Item 8. b. Internal Audit Engagement Letter Page 38 of 54 communication framework is set up to ensure value-driven results. We require our team to prioritize their findings and discuss the risk assessment report with the appropriate City management and staff prior to issuance. We believe this approach accomplishes the following: Confirms the information contained in the report. Minimizes reaction to significant risks. Encourages buy-in from the process owners. Increases likelihood of implementation of recommendations. Upon approval of the draft report, a final report will be issued to designated management, in addition to any additional personnel or committees as requested. Additionally, we will meet with the City management and any committees, as requested, and will prepare a formal presentation, as well as address any questions. Impact and Vulnerability Assessment Additionally, the information gathered in the process will be analyzed and summarized using the following process: Rank risks using risk modeling in collaboration with the City management. We use a variety of risk ranking tools and weighting methodologies. Our approach is to work with management during the planning phase to identify the appropriate risk ranking model and weighting methodology that best meets the Citytite and tolerance. Samples of a risk assessment final summary based on a subjective and objective methodology. The subjective methodology (risk map) focuses on likelihood of occurrence, vulnerability and impact, while the objective methodology focuses on the control environment using a numeric scoring. Next, we define impact and vulnerability criteria applicable to the City to be utilized as a tool for risk ranking procedures. In determining risk within the financial, operational, and IT processes, we assessed the impact of the process to the organization and the vulnerability that a risk would occur by evaluating the underlying attributes of the process and by assessing the effectiveness of the control environment around that process. The criteria are defined in terms of high, moderate, and low. See illustration below for definitions. Below is an example of our risk ranking approach: ©2018 CliftonLarsonAllen LLP | 18 Agenda Item 8. b. Internal Audit Engagement Letter Page 39 of 54 IMPACT CRITERIA LEGAL / FINANCIAL STAKEHOLDER REPUTATION OPERATIONS REGULATORY (1)Asset size (1)Management, (1)Potential adverse (1)Any Federal/ (1)Current (2)Prior negative employees, issues are known State/Other action infrastructure exposure students, and to external (2)External Audit cannot support (3)Rapidly increasing faculty affected by parties, such as reportable business strategy HIGH transaction volume process media and conditions inefficiencies or regulatory bodies control breakdowns (1)Asset size (1)Management, (1)Potential (1)Issues identified (1)Current (2)Major potential cost employees, adverse issues by Federal/State/ infrastructure is (3)Transaction volume students, and could impact Other able to support MEDIUM stable faculty may be employees and (2)Issues identified business strategy affected by process students by External Audit with work arounds inefficiencies or control breakdown (1)Asset size (1)No management, (1)Potential adverse (1)No issues (1)Current (2)Minor potential cost employees, issues could identified by infrastructure is (3)Transaction volume students, and impact Federal/State/ able to support LOW stable faculty are affected employees and Other business strategy by process students (2)No issues inefficiencies or identified by control breakdown External Audit VULNERABILITY CRITERIA CONTROL EFFECTIVENESS SPEED OF OPERATIONAL SYSTEM RATE OF COMPLEXITY PEOPLE AND RESPONSE EFFICIENCY CAPABILITY CHANGE EFFICIENCY Controls are not No method for Manual A limited High or Systems are not Risk is managed working or do anticipating and processes with number of staff unmeasured operating as by or directly not exist. accessing many data and faculty or cost of designed or impacts people, specific risk transfer points current staff operations, design is processes, events exists, so and owners and faculty has many quality flawed; very systems, or issues are not limited concerns noted, limited controls businesses that HIGH escalated to the competency to and have appropriate manage risk unacceptable or experienced a executives events. unmeasured HIGH rate of effectively. Inadequate cycle/process change over the cross-training time. last 6 months. exists. Controls are A method for Automated A limited Above industry Systems are Risk is managed detective but anticipating and process number of staff average cost of operating as by or directly not assessing encompassing and faculty operation, some designed, but impacts people, preventative specific risk multiple and/or staff and quality concerns design can be processes, and there may events exists systems and faculty has noted, and improved; systems, or or may not be but issues are owners. moderate below industry controls are businesses that MEDIUM effective not effectively competency to average bolted on top of have reporting. escalated to the manage risk cycle/process the system. experienced a appropriate event. time. MODERATE rate executives. of change over the last 6 months. Controls are A method for Automated Most staff has Low/average Systems are Risk is managed appropriately anticipating and processes with high cost of designed, by or directly preventive and assessing integrated competency to operations, no implemented, impacts people, detective and specific risk systems. manage risk quality and operating processes, there is events exists events. concerns noted, effectively; systems, or LOW effective and effectively and controls are businesses that reporting. escalates issues cycle/process embedded in have to the times within the system. experienced a appropriate specified LOW rate of executive. standards. change over the last 6 months. ©2018 CliftonLarsonAllen LLP | 19 Agenda Item 8. b. Internal Audit Engagement Letter Page 40 of 54 Information Technology Services CliftonLarsonAllen Information Security Services is the consulting division within CLA that specializes in information security assessments and consulting services. The resources within this group are certified security professionals that have significant experience related to the protection of information that is either electronic or on printed documents. For more than twenty years, the Information Security Services Group has provided IT audit and security consulting services in virtually all industries served by the Firm. Focusing on information security can be an advantage in the nonprofit and government sector and minimize potential legal risks to the organization. Making information security a priority within the organization also demonstrates to employees that management understands the importance of protecting its most valuable asset - customer information. As a result, CLA provides several security-focused consulting services that can be customized to your specific requirements. CliftonLarsonAllen Information Security Services Group has significant experience and expertise related to each of the described services and will identify exposures and risks that will assist each organization in implementing the proper controls and procedures to mitigate or eliminate the various risks. The following pages contain a detailed description of the delivery philosophy and approach for services available. Network Penetration Testing The External Network Penetration Test is designed to aggressively test the data network perimeter to identify exposure to security breaches from outside the network. The extensive experience and unique technical knowledge of our security professionals allows CLA to provide much more than a simple automated vulnerability scan. This expertise is essential to identify chains of vulnerabilities that could expose data, something that is not possible with a standard vulnerability scan. Completeness is a critical objective when securing the network perimeter, therefore our testing approach is designed to search your entire infrastructure to identify rogue gateway entry points, including Internet, VPN, dial-up, wireless, etc. Web / Application Penetration Testing Web/Application Penetration Testing is designed to verify that Internet facing applications are configured and operating in a secure manner to ensure appropriate Confidentiality, Integrity, and Availability are maintained, and to identify potential vulnerability that might be used to gain unauthorized access to confidential information or other business systems. Network Penetration Testing Wireless (802.11) Services Similar to Internet penetration testing, completeness is a critical control objective. We begin by documenting the external visibility of any 802.11 wireless signals, which propagate beyond the boundaries of your facilities. This technique is referred to as (802.11) devices within range known and unknown. Security measures in place are identified (encryption, cloaking, existence of default configurations) and rigorously subjected to penetration testing using manual and automated techniques including: attempts to break encryption; perform password and encryption key points and client devices. Internal Vulnerability Assessment Systems in terms of security configurations and system updates as do Internet facing perimeter systems. The Internal Vulnerability Assessment represents an in-depth technical assessment of the key devices (including file servers, mail servers, production servers, routers, switches, etc.) that reside on your trusted business network. The assessment identifies risks and profiles what is possible (i.e. accessible) to a hacker who ©2018 CliftonLarsonAllen LLP | 20 Agenda Item 8. b. Internal Audit Engagement Letter Page 41 of 54 breaches the perimeter, or an employee who chooses to see what they can get to. Our internal vulnerability assessment is designed to confirm that your network is reasonably protected from these types of threats. General Controls Review The General Controls Review is designed to assess the business practices that support proper information security controls inside the organization. We address the three primary domains of information security and control: administrative safeguards, physical safeguards, and technical safeguards. Social Engineering Assessment The Social Engineering Test takes each security assessment beyond a purely technical assessment. It mimics the real-world techniques of hackers and con-artists intent on profiting from gaining access to government resources by taking advantage of human tendencies to trust others in combination with a potential lack of awareness relative to information security policies. The goal of social engineering is to use non-technical methods to trick employees into providing sensitive information (such as user IDs and passwords) or access to systems (such as access to a data center) that can be used in a malicious hacking attack. GLBA Information Protection Risk Assessment Our Information Protection Risk Assessment services are designed to identify threats that may impact the availability, confidentiality, and integrity of data within your organization. We conduct this service based on consideration of business operation and best practice related to the management of information including reference to applicable regulatory requirements. Security Policy Review and Development Our security policy review and development services are intended to assist you with the development of written information security policies to comply with Gramm-Leach-Bliley. Policies are typically established based on the outcome of a risk assessment including consideration of administrative, technical and physical controls that are in place to protect customer information that is either electronic or on printed documents. Security Awareness Training -world examples employees can visualize, understand, and consistently use in their every day practices. Building on the findings from each of the three penetration services (External, Internal, and Social Engineering), we provide specific examples of how an attacker will try to compromise the organization. We will teach them how to recognize social engineering as it occurs, and how to react so that the attack is thwarted without compromising sensitive information. Incident Response and Forensic Investigation Our Incident Response and Forensic Investigation team consists of certified fraud examiners, certified incident handlers, and certified information security professionals who have the ability to assess the nature and scope of the breach, help you determine appropriate response measures, gather forensic evidence and recover critical systems and data. Operations Analysis An Operations Analysis includes review of the organization's products and services, delivery channels, workflow including processes and procedures, utilization of information management systems and criteria for measuring organization success. This service would identify opportunities for improvement within the organization based on business goals and target market including personnel resources, process and operating efficiency, management of information, and effective communication to achieve the defined objectives. ©2018 CliftonLarsonAllen LLP | 21 Agenda Item 8. b. Internal Audit Engagement Letter Page 42 of 54 Technology Assessment A Technology hardware and software components and personnel resources that manage the various information technology assets. This service would identify gaps or weaknesses in the org objectives from a technology perspective. This service can also provide management with confirmation that information technology assets, personnel, and financial resources are properly aligned to support the intended delivery of products and services. Strategic Technology Planning The goal of strategic technology planning is to create a technology plan that is dynamic and flexible, allowing the planning process to be repeated and expanded upon on a periodic basis. This service provides the organization the opportunity to formalize procedures and methods for making decisions related to the build, or The result of this service would be a document that outlines the technology initiatives necessary to support the business goals and objectives for the next 12, 24 and 36 months, including identification of the various business partners that will assist the organization in achieving success. Technology Acquisition Technology Acquisition services are designed to assist organizations with the purchase of technology infrastructure components including connectivity, firewalls, servers, desktops, wireless devices and and the specific requirements of the project. The result of this service would be documentation of business and technical requirements, request for proposal development, evaluation of proposals and assistance with the decision-making process. In addition, services can be provided for contract review and negotiation from a non-legal perspective. Implementation Management This service is designed to assist organizations with the implementation of organization improvements and technology by managing project plans, internal and external resources, and vendors. The focus of this service is to ensure business requirements and technical infrastructures are implemented successfully and are in alignment with the project objectives and timeline. ©2018 CliftonLarsonAllen LLP | 22 Agenda Item 8. b. Internal Audit Engagement Letter Page 43 of 54 TEAM MEMBER SUMMARY After considerable thought to the appropriate principal and management staffing plan, we have identified an experienced engagement team for the City that will be managed by Dave Hoagland. As your lead engagement principal, Dave will be responsible for the overall and ongoing relationship specific to the internal audit services, including, but not limited to, negotiation, authorization, and completion of all requirements within our proposal. Brian Pye will assist Dave as needed as the IA Advisory Principal assigned to the engagement. The engagement team we have assembled is passionate about the vital role risk management and internal audit plays in todays challenging and ever-changing business environment. They understand the challenges the City faces and are committed to delivering high impact, value-added insight and services to this engagement. The members of this team have spent most of their careers in the field of risk management and internal audit, or in other roles serving nonprofit and government organizations, both as a practitioner and as a consultant, giving us the full perspective to truly understand what it takes to be a best-in-class internal audit function. Below is a brief overview of the leadership team identified to serve the City. Name Project Role Engagement Leadership Internal Audit Engagement Principal Brain will have leadership responsibility and authority over the internal audit services and its outcomes. This includes ensuring that Brian Pye professional and firm standards are complied with and that we meet your expectations. Brian will lead our team in the planning and scoping of all activities, complete the quality review for all work performed, and attend audit committee meetings as requested. Relationship Principal As the Public Sector practice leader, Dave will work with Brian to ensure the most appropriate firm resources are available when needed to execute your Dave Hoagland internal audits and other projects. Dave will also check in with the City leaders periodically to confirm we are meeting all of your expectations. IT Principal As the IT Leader for the engagement, Randy will lead the relationship with the IT organization. He will be responsible for planning the IT audits and performing the Randy Romes quality review of work performed. Engagement Team Members CLA will assign additional managers, seniors and staff related to the internal audit projects based on the required area of expertise need to execute per the defined scope of work. If desired, the City will have an opportunity to review the resumes of all team members prior to the initiation of each project. Experienced client service team Our experienced team of internal audit professionals applies a consistent proven methodology supported by world-class technologies uniformly to provide a well-coordinated approach for our clients. Our clients have indicated their desire to be served by full-time professional internal auditors who are knowledgeable about the nonprofit and government industry and are able to maintain continuity of staffing. Our staffing model focuses on delivering a core team of experienced internal auditors who are knowledgeable about your industry and will be dedicated to serving you. ©2018 CliftonLarsonAllen LLP | 23 Agenda Item 8. b. Internal Audit Engagement Letter Page 44 of 54 TECHNOLOGY / TOOLS Internal Audit Tools and Technology There are four primary technologies deployed in the performance of our internal audit engagements: Prosystem FX Paperless audit management system POINTSEC laptop encryption software Leapfile Secure file transfer system Idea Data analytics tool These tools are further discussed below. Additional tools may be used by our IT team in the performance of specialized IT audits. ProSystem FX Engagement ProSystem FX software manages our paperless audit process. All workpapers prepared by our staff, and any related client information is easily imported into Engagement. Additionally, the individual laptop computers of our entire internal audit team are This approach taff. Engagement is also used to support our knowledge sharing activities. We store sample industry focused internal audit programs in Engagement, and make this information available for customization by engagement as they plan their audit projects POINTSEC Encryption Software All computer systems within CLA use POINTSEC encryption. POINTSEC encryption protects all client and firm ability to encrypt any data transferred to external storage devices, such as memory sticks, DVDs, CDs, or any other external storage device. ©2018 CliftonLarsonAllen LLP | 24 Agenda Item 8. b. Internal Audit Engagement Letter Page 45 of 54 LeapFile Data Transfer Software LeapFile is utilized for the sole purpose of transferring files between our offices and clients. Clients can use this system to upload information for us by simply going to our website. This website notifies the receiving employee when a transferred file is available for download. Clients using this site have restricted access to ensure the security of other client accounts. Idea Data Analytics IDEA is data analysis platform that enables users to quickly gather, summarize, and compare various forms of data. Data can be imported from almost any source of data including, but not limited to, spreadsheets, PDFs, and text files. Once the data is imported, the user can process the data in order to detect trends and anomalies indicative of potential fraud or error. Successful use of data analytics requires the process to be elastic and iterative whereby results are utilized to determine the need for confirmatory or supplementary testing. Findings are dynamic and continuously measured against expectations until insight is derived. ©2018 CliftonLarsonAllen LLP | 25 Agenda Item 8. b. Internal Audit Engagement Letter Page 46 of 54 KNOWLEDGE SHARING Knowledge Sharing Approach and Investments CLA promotes a knowledge sharing culture across all of our team engagements. Our objective is to make the right knowledge available to our engagement teams when they need it. This is accomplished through the use of our ProSystem FX Engagement software. CLA has created model internal audit work plans and other content, organized by industry, to enable our teams in the performance of their internal audit engagements. This approach is used to accelerate execution of our audits and increase the time available to evaluate critical client issues and identify process improvement opportunities. ©2018 CliftonLarsonAllen LLP | 26 Agenda Item 8. b. Internal Audit Engagement Letter Page 47 of 54 DETAILED / ITEMIZED PRICING & RATE CARD Time and Materials Pricing We operate under the philosophy of open and direct communication regarding billing. Our professional fees for the services described throughout our proposal are based on the level of expertise of the individuals who will perform the services. The actual cost is dependent on the level of expertise required to complete the project, and the desired total work plan hours agreed to by the City. The blended rate per hour that CLA proposes is $170/hour for risk assessment services and $130/hour for internal audit services. Based on our current understanding of your needs we have summarized our risk assessment approach into five phases: Estimated Annual Fee For Internal Audit Services Fee Year 1 - Risk assessment and internal audit services $40,000 Year 2 - Risk assessment and internal audit services $25,000 Year 3 - Risk assessment and internal audit services $25,000 Year 4 - Risk assessment and internal audit services $25,000 Year 5 - Risk assessment and internal audit services $25,000 We will work with you to set the specific scope and level of effort for each project, and then assign appropriate team members to complete the agreed assignment. Input will be provided by a Subject Matter Specialist where appropriate, with the fieldwork to be performed by seniors and staff as assigned. Our engagement leaders will supervise all fieldwork and review all work performed by our team. They will also work with you in the issuance of the final reports. Actual travel expenses will be billed as incurred. Based on the results of the risk assessment, CLA will work directly with the Cityan internal audit plan that meets your needs and expectations. The plan will identify the number of internal audits ©2018 CliftonLarsonAllen LLP | 27 Agenda Item 8. b. Internal Audit Engagement Letter Page 48 of 54 you would like to have performed and the timeframe of execution for each. Based on the internal audit plan, we will develop individual workorders that clearly define the scope, timing and budget for each internal audit project we perform. Total hours and related fees for all internal audit services will be developed based on the audit plan and agreed to by the City. Rate Card Based on our current understanding, we estimate a blended rate as defined below for the above mentioned internal audit services. This estimate can fluctuate based on project complexity and scope. As such, we have included the rates per level in the below table. We will work with you to ensure the specific internal audit work plan addresses risk areas and is performed within the established budget. CLA services for the City will be priced based on the following hourly rates: Title Rate Principal $250 Manager $180 Senior $150 Staff $125 do all of our clients, that: We will be available for brief routine questions at no additional charge. Any additional charges not discussed in this proposal will be mutually agreed upon up front. We will always be candid and fair in our fee discussions, and we will avoid surprises. ©2018 CliftonLarsonAllen LLP | 28 Agenda Item 8. b. Internal Audit Engagement Letter Page 49 of 54 Billing for Calls and Questions It is not our policy or practice to bill our clients every time we receive a phone call. In the course of providing our services to you, we will regularly consult with you regarding accounting, financial reporting, and significant business issues. If a specific request is complex or requires significant time or resources, we will discuss the scope of the project and its fee with you first to make sure there are no surprises. While it is difficult to establish an exact policy for billing in these situations, we commit to discussing the request with you in advance of performing our services if we believe the time requirement to provide you the desired assistance is other than routine. We will discuss the scope of the project and our estimate to complete it prior to commencing work. Our last word on fees we are committed to serving you. Therefore, if fees are a deciding factor in your selection of an accounting firm, we would appreciate the opportunity to discuss with you the scope of our audit plan. ©2018 CliftonLarsonAllen LLP | 29 Agenda Item 8. b. Internal Audit Engagement Letter Page 50 of 54 REFERENCES CLA offers its clients the best of two worlds a firm with national experience, complemented by a local team dedicated to accessibility and responsiveness. We are pleased to provide you with the following references, who have used our internal audit, information security assessment and consulting services. Please do not hesitate to contact any of the individuals listed regarding the value provided by CLA. Client Contact Name Contact Telephone/Email Ramsey County Lee Mehrkens 651/266.8040 St. Paul, MN Director, Chief Financial Officer lee.mehrkens@co.ramsey.mn.us Services performed: Enterprise wide risk assessment, internal audit, external penetration testing, internal network penetration testing and vulnerability assessment, and PCI compliance. 817/459-6719 City of Arlington Mark Harlass Mark.Harlass@arlingtontx.gov Arlington, TX IT Director Services performed: External Penetration Testing, General Controls Review, Risk Assmt; Internal Vulnerability and Wireless Assmts. City and County of Broomfield Bernie Block 303/464-5821 Broomfield, CO Director, Performance & Internal Audit Bblock@broomfield.org Services performed: Internal audit, general controls review, external penetration testing, and other tax and assurance audit services. City of Cape Coral John MacLean 239/574-0455 Cape Coral, FL ITS Director jmaclean@capecoral.net Services performed: Internal Audit, External Penetration Testing, Internal Vulnerability Assessment, Web Application Testing, and other audit and accounting services. Collin County Greg Elliot 972/548-4587 McKinney, TX Master Architect gelliott@co.collin.tx.us Services performed: External Penetration Testing, Web Application Penetration Testing, Internal Vulnerability Assessment, Social Engineering Assessments and Staffing Allocation Review. ©2018 CliftonLarsonAllen LLP | 30 Agenda Item 8. b. Internal Audit Engagement Letter Page 51 of 54 Appendix Leadership Team Biographies ©2018 CliftonLarsonAllen LLP | 31 Agenda Item 8. b. Internal Audit Engagement Letter Page 52 of 54 Brian Pye, CIA Principal, Internal Audit Leader Profile Brian is a Principal in CliftonLarsonAllen LLP (CLA) Internal Audit practice. Brian has over 20 years of professional experience in providing internal audit (business process and IT) and risk management consultative services in the nonprofit and government industries. Over 10 of these years were spent in the Enterprise Risk Services Group at Deloitte. His experience includes managing internal control and internal audit consulting services, risk assessment, process design and documentation engagements. Technical expertise Brian has significant experience in effectively coordinating and directing complex projects ensuring completion with strict regard for client specifications, time and budgetary constraints, and the development of numerous risk services offerings including: Enterprise-wide risk assessments and internal audit, including information technology, financial, and operational audits. Performance audits Internal audit including information technology, financial, and operational audits as published by the IIA. Developed procedures for the evaluation of information technology controls in support of a financial audit and service organization reporting. Operational, financial, information technology and compliance assessments. Application of the Institute of Internal Auditors (IIA) International Standards for the Professional Practice of Internal Auditing (Standards). Current state assessments, including inefficiency and process improvement identification. Future state design and process reengineering and implementation. Business requirements identification and ERP vendor selection processes. SSAE16 (formally known as SAS70) assurance engagements. Sarbanes Oxley (SOX) compliance engagements. IT general control reviews. Application of Control Objectives for Information and Related Technology (COBIT) guidelines as published by the Information Systems Audit and Control Association (ISACA). Facilitation of workshops. Education/professional involvement Graduated from the University of St. Thomas in St. Paul, Minnesota with a Bachelor of Science degree in Accounting and Business Administration. Member of the American Institute of Certified Public Accountants (AICPA), the Information Systems Audit and Control Association (ISACA) and the Institute of Internal Auditors (IIA). Brian also speaks at various conferences and professional organizations across the country educating professionals on the topics of internal audit and risk management. ©2018 CliftonLarsonAllen LLP | 32 Agenda Item 8. b. Internal Audit Engagement Letter Page 53 of 54 David G. Hoagland, CPA Principal, Public Sector Leader Profile Dave is a principal with CliftonLarsonAllen specializing in public sector assurance services. Dave has more than 28 years of professional experience in providing auditing, accounting and consulting services for governmental entities. In addition to state and local governmental experience, Dave has also served as the engagement principal for clients in a wide variety of industries. Technical experience Served as the engagement principal for several local governmental entities Extensive accounting and auditing experience with governmental entities Consulting experience includes internal control documentation and analysis, budgeting, forecasting and rate setting Education/professional involvement Bachelors of Arts in Business Administration from Seattle University, Seattle, Washington American Institute of Certified Public Accountants Certified Public Accountant in the state of Washington Washington Society of Certified Public Accountants Washington Society of Certified Public Accountants Financial Statement Review Task Force (Chair 2006 and 2007) Speaking engagements/publications Association of Sewer and Water District, September 17, 2004, Fall Conference FASNA Forum, January/ February 2005, Volume 9, Issue 1 Civic organizations Washington State Association of Sewer and Water Districts Audit Committee Chair 2008 Ames Lake Water Association, Director Bellevue Rotary Club, Member ©2018 CliftonLarsonAllen LLP | 33 Agenda Item 8. b. Internal Audit Engagement Letter Page 54 of 54 Randall J. Romes, CISSP, MCP, PCI-QSA Principal, Information Technology Leader Profile Randy is a principal in the CliftonLarsonAllen Information Security Services Group, and has been a consultant for over 16 years with a strong background in computer technology, physics, and education. Randy leads a team of technology and industry professionals providing IT audits and security assessments for clients in a wide range of industries and diverse operating environments. He is responsible for the continuing development of the open- source, Unix, and Windows applications used in all of the security audits. Technical expertise Randy has been involved in the development of numerous leading edge hacking/testing methods and the development of numerous security service offerings including: Techniques for email Phishing that result in remote access to Organization networks, bypassing improperly configured firewalls and proxy systems. Social Engineering Techniques designed to assess all aspects of Organization Techniques incorporating SSL encryption to evade commercial intrusion detection systems (IDS). Incident response and computer forensic services. Internal Vulnerability Assessment services. Education/professional involvement Bachelors of science, education, University of Wisconsin-Madison Speaking engagements Randy is an active member of the conference planning and selection committee for the Minnesota Government IT Symposium, the longest running government IT conference in the country. He has been a featured speaker at national conferences and training sessions related to information and security management including topics related to: Identity Theft and On-line Security Email Phishing Social Engineering Securing Windows Operating Systems Incident Response, e-Discovery, and Computer Forensics Network and Wireless Security PCI Security Professional Certifications Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Controls (CRISC) Microsoft Certified Professional (MCP) PCI Qualified Security Assessor (PCI-QSA) ©2018 CliftonLarsonAllen LLP | 34 Agenda Item 8. c. Ordinance No. 1047, Budget Amendment Page 1 of 6 City of Yelm STAFF REPORT To:Mayor J.W Foster Yelm City Council From: Joseph Wolfe, Finance Director Date: July 13, 2018 (for July 24 City Council Meeting) Subj: 2018 City of Yelm Budget – Ordinance No. 1047 Recommendation Adopt Ordinance No. 1047, amending the 2018 City of Yelm Budget as adopted by Ordinance No. 1033 in October 2017. This ordinance updates beginning fund balances, makes necessary appropriations for refinanced debt, increases investment earnings estimates, and transfers funds necessary for City Hall Acquisition, software upgrades and Public Works Capital Projects. Background The Council adopted the 2018 City of Yelm budget on October 24, 2017. Since adoption of the 2018 budget, the City has made several significant decisions that affect the budget. In addition to these internal decisions, external factors such as additional grants, higher than anticipated revenue collections, and additional investment earnings warrant increased revenue appropriations. Current Situation As described above, many significant financial decisions have been made since passage of the 2018 City of Yelm budget. The most significant of these changes are as follows: Finalization of the 2017 financial statements, requiring that we reconcile 2018 beginning fund balances to 2017 actual ending fund balances Refinancing Local Improvement District #2 bond from a rate of 8.25% to 4.15% Refinancing 2006 Limited Term General Obligation Bonds from a rate of 4.50% to 2.75% Reinvested existing fund balances in Federal Bonds to realize a higher return on investment Agenda Item 8. c. Ordinance No. 1047, Budget Amendment Page 2 of 6 Purchase of real estate for a new City Hall located at 106 2nd Street SE, together with two vacant parcels located at the northerly corner of Washington St SE & 3rd Street SE in Yelm, Washington Integration of Cityworks with other city software systems to improve operations through automation. Additional grant and loan funds for public defense, playground equipment, surface transportation projects have been awarded The City currently has the opportunity to acquire land for the SE Reservoir project, requiring additional appropriation of existing funds for land acquisition and engineering. These circumstances require passage of ordinance 1047, amending the 2018 City of Yelm Budget as adopted by Ordinance No. 1033 in October 2017. Agenda Item 8. c. Ordinance No. 1047, Budget Amendment Page 3 of 6 CITY OF YELM ORDINANCE NO. 1047 AN ORDINANCE amending the 2018 City of Yelm Budget as adopted by Ordinance No. 1033 in October 2017, by updating beginning fund balances, making necessary appropriations for refinanced debt, increasing investment earnings estimates, and transferring funds necessary for City Hall Acquisition, software upgrades and Public Works Capital Projects. WHEREAS, it is a shared priority to ensure City finances are clear and sustainable, and adhering to s are key to this effort; and WHEREAS, the 2017 City of Yelm Financial Statements provided final end of year fund balances for all City of Yelm Funds; and WHEREAS, the City Council refinanced existing debt authorized by issuance of the Local Improvement District No. 2 and Limited Tax General Obligation Refunding Bonds on February 13, 2018; and WHEREAS, the 2017 Yelm City Council approved reinvesting existing fund balances to earn additional investment income; and WHEREAS, the City currently has the opportunity to acquire land for the SE Reservoir project, requiring additional appropriation of existing funds for land acquisition and engineering; Therefore, the City Council of the City of Yelm, Washington ordains as follows: Section 1. 2018 budgeted fund balances are amended to reflect actual 2018 beginning fund balances as detailed in Appendices A and B. Section 2. 2018 budgeted expenditures from the Killion LID and LTGO Debt Service funds are budgeted as detailed in Appendices A and B. Section 3. 2018 Budgeted Revenues are updated to reflect actuals and increased interest earnings as detailed in Appendices A and B. Section 4. 2018 budgeted expenditures and transfers from the General Fund, Cumulative Reserve, Building Construction, and Utility Operating Funds are budgeted for capital improvements and acquisitions as detailed in Appendices A and B. Section 5. The budget for the year 2018 as amended by the changes in ordinance number 1047 shall be filed in the office of the City Clerk who is hereby directed to transmit this supplemental budget to the Auditor of the State of Washington, Division of Municipal Corporations. Section 5. Ratify and Confirmation Clause Any action taken pursuant to this ordinance but prior to the effective date is hereby ratified and confirmed. Section 6. This ordinance shall take effect five days following publication. Agenda Item 8. c. Ordinance No. 1047, Budget Amendment Page 4 of 6 CITY OF YELM ORDINANCE NO. 1047 Page 2 of 4 PASSED and signed in authentication on this this 24th of July, 2018. Passed by the City Council of Yelm on this 24th of July, 2018. JW Foster, Mayor Authenticated: Lori Mossman, City Clerk/HR Manager Published: Nisqually Valley News on August 3, 2018 Effective: August 8, 2018 Agenda Item 8. c. Ordinance No. 1047, Budget Amendment Page 5 of 6 CITY OF YELM ORDINANCE NO. 1047 Page 3 of 4 CITY OF YELM 2018 Q2 Budget Adjustment Exhibit "A" REVENUES AND OTHER SOURCESEXPENDITURES AND OTHER USES FUND Current BudgetAdjustmentRevised BudgetCurrent BudgetAdjustmentRevised Budget General Government Operating Funds General Fund 001General$ 9,139,532$ 430,139$ 9,569,671$ 9,139,532$ 430,139$ 9,569,671 Subtotal General Fund 9,139,532 430,139 9,569,671 9,139,532 430,139 9,569,671 Special Revenue Funds 101Street Operating 549,372 31,298 580,670 549,372 31,298 580,670 102Arterial Street 207,444 8,542 215,986 207,444 8,542 215,986 107Tourism Promotion 253,957 6,127 260,084 253,957 6,127 260,084 109YPD School Resource 104,045 (33,491) 70,554 104,045 (33,491) 70,554 120Transportation Facility Charge 330,293 30,600 360,893 330,293 30,600 360,893 Subtotal Special Revenue Funds 1,445,111 43,076 1,488,187 1,445,111 43,076 1,488,187 Internal Service Funds 501Information Technology 512,358 70,000 582,358 512,358 70,000 582,358 502Equipment Rental & Repair 1,281,659 1,281,659- 1,281,659 1,281,659- Subtotal Internal Service Funds 1,794,017 70,000 1,864,017 1,794,017 70,000 1,864,017 Total General Government Operating Funds 12,378,660 543,215 12,921,875 12,378,660 543,215 12,921,875 General Government Non-Operating Funds Special Revenue Funds 104Cumulative Reserve/Urban Dev. 1,013,372 1,013,372- 1,013,372 1,013,372- 105Park Reserve 896 - 896 896 - 896 119Deposits/Surety/Retainage 8,070 - 8,070 8,070 - 8,070 Subtotal Special Revenue Funds 1,022,338 - 1,022,338 1,022,338 - 1,022,338 Debt Service Funds 200LTGO Bond Redemption 503,084 2,627,128 3,130,212 503,084 2,627,128 3,130,212 202Killion Road LID #2 Repayments 700,673 2,834,008 3,534,681 700,673 2,834,008 3,534,681 203Sewer Revenue Bond/Loans 173,615 173,615- 173,615 173,615- 204Sewer Bond/Loan Reserves 427,235 427,235- 427,235 427,235- 205Park Reserve - - - - - - Subtotal Debt Service Funds 1,804,607 5,461,136 7,265,743 1,804,607 5,461,136 7,265,743 Capital Improvement Funds 302Municipal Building 1,491,463 616,806 2,108,269 1,491,463 616,806 2,108,269 316Road/Street Construction 1,101,133 240,169 1,341,302 1,101,133 240,169 1,341,302 Subtotal Capital Improvement Funds 2,592,596 856,975 3,449,571 2,592,596 856,975 3,449,571 Total General Govt Non-Operating Funds 5,419,541 6,318,111 11,737,652 5,419,541 6,318,111 11,737,652 Enterprise Funds 400Stormwater Utility 377,560 362,255 739,815 377,560 362,255 739,815 401Water Utility 7,609,033 47,640 7,656,673 7,609,033 47,640 7,656,673 402Utility Consumer Deposits 100,938 (4,892) 96,046 100,938 (4,892) 96,046 404Water Capital Improvements 2,182,639 942,085 3,124,724 2,182,639 942,085 3,124,724 405Water Revenue Debt Redemption 1,030,183 1,031,9521,769 1,030,183 1,031,9521,769 406Water Revenue Debt Reserve 939,561 2,500 942,061 939,561 2,500 942,061 412Sewer/Resuse Utility 4,103,298 261,558 4,364,856 4,103,298 261,558 4,364,856 413Sewer/Reuse Capital Reserve 6,094,811 171,682 6,266,493 6,094,811 171,682 6,266,493 415Sewer Bond Refi & Reserve 218,239 23,662 241,901 218,239 23,662 241,901 430Shortline Railroad - 4,395 4,395 - 4,395 4,395 431Water Construction Fund 1,399,564 29,152 1,428,716 1,399,564 29,152 1,428,716 Subtotal Enterprise Funds 24,055,826 1,841,806 25,897,632 24,055,826 1,841,806 25,897,632 Total Enterprise Funds 24,055,826 1,841,806 25,897,632 24,055,826 1,841,806 25,897,632 Total Budget$ 41,854,027 8,703,132$ 50,557,159$ 41,854,027$ 8,703,132$ 50,557,159 Agenda Item 8. c. Ordinance No. 1047, Budget Amendment Page 6 of 6 CITY OF YELM ORDINANCE NO. 1047 Page 4 of 4 Exhibit B 2018 Q2 Budget Amendment REVENUES & OTHER SOURCESEXPENDITURES & OTHER USES AccountAccount DescriptionNumberAmountDescriptionNumberAmount General Fund (001)General Fund (001) Beginning Fund Balance 308.80.00.00$ (173,868.00)Ending Fund Balance508.80.00.00$ 426,138.64 Nisqually Tribal Grant 367.00.00.02$ 15,000.00Salaries/Wages521.10.10.00$ (15,000.00) Office of the Public Defender Grant 334.01.20.00$ 25,000.00Salaries/Wages558.10.10.00$ (16,000.00) Real & Personal Proerty tax 311.10.00.00$ 6,688.64Professional Services521.10.41.00$ 10,000.00 Local Sales & Use Tax 313.11.00.00$ 80,000.00Indigent Defense Cost515.91.41.00$ 25,000.00 Marijuana Excise Tax 336.06.42.00$ 10,000.00Buildings/Structures/Grounds594.21.62.00$ (10,000.00) Liquor Board Profits 336.06.95.00$ 30,000.00Contract Professional Services513.10.41.00$ 10,000.00 TCC Rental Fee 362.40.00.00$ 8,000.00 Investment Interest 361.11.00.00$ 15,000.00 PSEA - 1 Public Safety 386.91.00.00$ 13,000.00 PSEA - 2 Public Safety 386.92.00.00$ 6,000.00 T/I from Cumulative Reserve 397.10.00.00$ 395,318.00 Total General Fund Adjustment$ 430,138.64 Total General Fund Adjustment$ 430,138.64 Street Fund (101)Street Fund (101) Beginning Fund Balance 308.80.00.00$ 798.00 Ending Fund Balance508.80.00.00$ 31,298.00 Motor Vehicle Fuel Tax 336.00.87.00$ 30,000.00 Investment Interest 361.11.00.00$ 500.00 Total Street Fund Adjustment$ 31,298.00Total Street Fund Adjustment$ 31,298.00 Arterial Streets Fund (102)Arterial Streets Fund (102) Beginning Fund Balance 308.80.00.00$ 16,742.00Ending Fund Balance508.80.00.00$ 8,542.00 Motor Vehicle Fuel Tax 336.00.87.00$ (9,000.00) Investment Interest 361.11.00.00$ 800.00 Total Arterial Streets Fund Adjustment$ 8,542.00Total Arterial Streets Fund Adjustment$ 8,542.00 Cumulative Reserve Fund (104) Cumulative Reserve Fund (104) Ending Fund Balance508.80.00.00$ (729,371.00) T/O to Fund 302 Municipal Building Fund597.76.63.04$ 334,053.00 T/O to General Fund597.76.63.05$ 395,318.00 Total Cumulative Reserve Fund Adjustment$ -Total Cumulative Reserve Fund Adjustment$ - Tourism Promotion Fund (107)Tourism Promotion Fund (107) Beginning Fund Balance 308.80.00.00$ 4,127.00Ending Fund Balance508.80.00.00$ 6,127.00 Investment Interest 361.11.00.00$ 2,000.00 Total Tourism Promotion Fund Adjustment$ 6,127.00Total Tourism Promotion Fund Adjustment$ 6,127.00 YPD School Resource (109)YPD School Resource (109) Beginning Fund Balance 308.80.00.00$ (33,491.00) Ending Fund Balance508.80.00.00$ (33,491.00) Total YPD School Resource Fund Adjustment$ (33,491.00) Total YPD School Resource Fund Adjustment$ (33,491.00) Transpotation Facilities Charge (120) Transpotation Facilities Charge (120) Beginning Fund Balance 308.80.00.00$ 30,600.00Ending Fund Balance508.80.00.00$ 30,600.00 Total Transportation Facilities Charge Adjustment$ 30,600.00Total Transportation Facilities Charge Adjustment$ 30,600.00 LTGO Debt Service Fund (200) LTGO Debt Service Fund (200) Beginning Fund Balance 308.80.00.00$ 3,128.00Ending Fund Balance508.80.00.00$ 3,128.00 MISCELLANEOUS OTHER 369.91.00.00$ 909.54 DEBT ISSUE COSTS592.72.84.00$ 31,850.00 Refunding Long-Term Debt Issue 392.00.00.00$ 2,623,090.46PSB Bond Principal591.21.70.00$ 2,592,150.00 Total Debt Service Fund Adjustment$ 2,627,128.00Total Debt Service Fund Adjustment$ 2,627,128.00 Killion LID Debt Service Fund (202)Killion LID Debt Service Fund (202) Beginning Fund Balance$ 795,127.00 LID #2 Debt Redemption 591.95.71.00$ 1,428,096.77 LID #2 Assmt Penalty/Interest361.40.00.00$ 398,784.38 LID #2 Interest Costs 592.95.83.00$ 393,829.38 LID #2 Assessment Principal368.10.00.00$ 1,631,096.77 LID #2 INTEREST COSTS 592.95.83.00$ 300,000.00 Investment Interest 361.11.00.00$ 9,000.00 Ending Cash-Unreserved 508.80.00.00$ 712,082.00 Total Killion LID Debt Service Fund Fund Adjustment$ 2,834,008.15Total Killion LID Debt Service Fund Fund Adjustment$ 2,834,008.15 Municipal Building Fund (302)Municipal Building Fund (302) Beginning Fund Balance 308.80.00.00$ 43,163.00Ending Fund Balance-Unreserved508.80.00.00$ (523,354.00) Departmetn of Commerce Funding for Playground Equipment 334.04.20.01$ 239,590.00 Yelm City Park Playground Equipment594.76.63.05$ 239,590.00 T/I from Cumulative Reserve 397.10.00.00$ 334,053.00 City Hall Building Acquisition594.20.63.00$ 936,500.00 Bike Pump Park594.76.63.04$ 50,000.00 Longmire park Shed Expansion594.76.62.01$ (150,000.00) Reduce Investment Grade Energy Audit594.20.63.00$ (5,930.00) City Hall Building improvements594.20.63.00$ 70,000.00 Total Building Construction Fund Adjustment$ 616,806.00 Total Building Construction Fund Adjustment$ 616,806.00 Road/Street Construction Fund (316) Road/Street Construction Fund (316) Beginning Fund Balance 308.80.00.00$ (102,931.00)Ending Fund Balance508.80.00.00$ (107,931.00) Mosman ROW Acquisition STP 333.20.20.50$ 338,100.00 Mosman ROW Acquisition STP595.20.61.05$ 338,100.00 Investment Interest 361.11.00.00$ 5,000.00Operating Allocation Charge for IT Fund595.10.45.91$ 10,000.00 Total Road/Street Construction Fund Adjustment$ 240,169.00 Total Road/Street Construction Fund Adjustment$ 240,169.00 Stormwater Utility Fund (400)$ 338,100.00 Stormwater Utility Fund (400) Beginning Fund Balance 308.80.00.00$ 23,655.00Ending Fund Balance508.80.00.00$ 352,255.00 Investment Interest 361.11.00.00$ 500.00 Operating Allocation Charge for IT Fund538.30.45.91$ 10,000.00 Total Stormwater Utility Fund Adjustment$ 362,255.00 Total Stormwater Utility Fund Adjustment$ 362,255.00 Water Utility Fund (401)Water Utility Fund (401) Beginning Fund Balance 308.80.00.00$ 47,640.00Ending Fund Balance508.80.00.00$ (552,360.00) T/O Fund 404 - Wtr Sys Reinvst 597.34.63.01$ 575,000.00 Water Operator Position add (0.25 FTE in 2018)534.10.10.00$ 25,000.00 Total Water Utility Fund Adjustment$ 47,640.00Total Water Utility Fund Adjustment$ 47,640.00 Utility Consumer Deposits Fund (402)Utility Consumer Deposits Fund (402) 508.80.00.00 Beginning Fund Balance 308.80.00.00$ (4,892.00)Ending Fund Balance$ (4,892.00) Total Utility Consumer Deposits Fund Adjustment$ (4,892.00)Total Utility Consumer Deposits Fund Adjustment$ (4,892.00) Water Capital Improvements Fund (404)Water Capital Improvements Fund (404) 508.80.00.00 Beginning Fund Balance 308.80.00.00$ 367,085.00 Ending Fund Balance$ 342,085.00 T/I From Fund 401 Water System Invest 397.34.63.01$ 575,000.00 Operating Allocation Charge for IT Fund594.10.45.91$ 25,000.00 SE Reservoir- land acquisition594.34.63.14$ 400,000.00 SE Reservoir, engineering (30% design)594.34.63.15$ 175,000.00 Total water Capital Improvements Fund Adjustment$ 942,085.00 Total water Capital Improvements Fund Adjustment$ 942,085.00 Water Revenue Debt Redemption Fund (405) Water Revenue Debt Redemption Fund (405) 508.80.00.00 Beginning Fund Balance 308.80.00.00$ 1,769.00Ending Fund Balance$ 1,769.00 Water Revenue Debt Redemption Fund Adjustment$ 1,769.00Water Revenue Debt Redemption Fund Adjustment$ 1,769.00 Water Revenue Debt Reserve Fund (406)Water Revenue Debt Reserve Fund (406) 508.80.00.00 Beginning Fund Balance 308.80.00.00$ 2,500.00Ending Fund Balance$ 2,500.00 Total Water Water Revenue Debt Reserve Fund Adjustment$ 2,500.00Total Water Water Revenue Debt Reserve Fund Adjustment$ 2,500.00 Sewer Utility Fund (412)Sewer Utility Fund (412) Beginning Fund Balance 308.80.00.00$ 261,558.00 Ending Fund Balance508.80.00.00$ 236,558.00 Operating Allocation Charge for IT Fund535.10.45.91$ 25,000.00 Total Sewer Utility Fund Adjustment$ 261,558.00 Total Sewer Utility Fund Adjustment$ 261,558.00 Sewer/Reuse Capital Reserve Fund (413)Sewer/Reuse Capital Reserve Fund (413) Beginning Fund Balance 308.80.00.00$ 171,682.00 Ending Fund Balance508.80.00.00$ 171,682.00 Total Sewer/Reuse Capital Reserve Fund Adjustment$ 171,682.00 Total Sewer/Reuse Capital Reserve Fund Adjustment$ 171,682.00 Sewer Bond Refi & Reserve Fund (415)Sewer Bond Refi & Reserve Fund (415) Beginning Fund Balance 308.80.00.00$ 23,662.00Ending Fund Balance508.80.00.00$ 23,662.00 Total Sewer Bond Refi & Reserve Fund Adjustment$ 23,662.00Total Sewer Bond Refi & Reserve Fund Adjustment$ 23,662.00 Shortline Railroad (430) Shortline Railroad (430) Beginning Fund Balance 308.80.00.00$ 4,395.00Ending Fund Balance508.80.00.00$ 4,395.00 Total Shortline Railroad Fund Adjustment$ 4,395.00Total Shortline Railroad Fund Adjustment$ 4,395.00 Water Construction Fund (431) Water Construction Fund (431) Beginning Fund Balance 308.80.00.00$ 29,152.00Ending Fund Balance508.80.00.00$ 29,152.00 Total Water Construction Fund Adjustment$ 29,152.00Total Water Construction Fund Adjustment$ 29,152.00 Information Technology Fund (501)Information Technology Fund (501) Beginning Fund BalanceEnding Fund Balance Add Revenue for Department Operating Allocation Charges348.80.00.01$ 70,000.00Citiworks implementation518.85.41.00$ 70,000.00 Total Information Technology Fund Adjustment$ 70,000.00Total Information Technology Fund Adjustment$ 70,000.00 GRAND TOTAL - REVENUE ADJUSTMENTS$ 8,703,131.79GRAND TOTAL - EXPENDITURE ADJUSTMENTS$ 8,703,131.79