P.O. Box 1209

Seattle, Washington 98111

www.portseattle.org; 206.787.3000

APPROVED MINUTES

AUDIT COMMITTEE SPECIAL MEETING

September 8, 2022

The Port of Seattle Commission Audit Committee met in a special meeting Thursday, December 8, 2022.

The meeting was held in the Commission Chambers located at Port of Seattle Headquarters, 2711

Alaskan Way, Seattle, WA, and virtually via Microsoft Teams. Committee members present included

Commissioners Cho and Mohamed and Public Member Sarah Holmstrom (non-voting).

1. Call to Order:

The committee special meeting was called to order at 2:33 p.m. by Commissioner Cho. The agenda was

approved without objection.

*Internal Audit Department presentation is found here and contains information for Agenda Items 4 through

10.

2. Approval of Audit Committee Meeting Minutes of June 17, 2022:

The minutes of the Audit Committee special meeting of June 17, 2022, were approved without

objection.

3. Office of the Washington State Auditor – 2021 Accountability Audit Opening

(Presentation and Report)

Presenters:

Joseph Simmons, Program Manager;

Angela Funamori, Assistant State Auditor

Joseph Simmons and Angela Funamori of the Office of the Washington State Auditor provided Entrance

Conference information to the Committee Members, noting process and scope of the accountability audit

(scope to be provided to the Port), and timeline of the audit – from January 1, 2021 to December 31, 2021.

Commissioner Mohamed inquired regarding when the scope of the audit would be provided. State Auditor

staff responded the scope would be provided by October and would be shared with management and the

Audit Team. Internal Audit Director Glenn Fernandes advised that the exit conference would occur in early

2023.

PORT COMMISSION AUDIT COMMITTEE MEETING MINUTES

THURSDAY, DECEMBER 8, 2022

Page 2 of 3

Member Holmstrom queried the time duration the Audit would be onsite at the Port and associated fees.

Discussion ensued.

Joseph Simmons advised that the Port’s Industrial Development Corporation would also be audited this

year.

UPDATES

4. Quality Assurance - External Peer Review Results

Presenters:

Glenn Fernandes, Director, Internal Audit

Mr. Fernandes presented the report regarding the Quality Assurance – External Peer Review conducted

by the Association of Local Government Auditors. The Peer Review’s finding was that during the period

November 1, 2018, through October 31, 2021, the Port of Seattle Internal Audit Department’s internal

quality control system was suitably designed and operating effectively to provide reasonable assurance of

conformance with the Standards for assurance engagements and compliance with Government Auditing

Standards, resulting in a rating of pass.

Discussion ensued regarding conducting periodic peer reviews, this being the fourth since the Internal

Audit Department formed in 2009-10.

5. APPROVAL of 2023 Proposed Budget

Presenters:

Glenn Fernandes, Director, Internal Audit

Mr. Fernandes overviewed the proposed Internal Audit Department budget for 2023.

The presentation addressed:

• key elements;

• organization structure;

• an overview of department operations and services;

• new budget requests and associated audits; and

• employee training and development.

Members of the Committee and Mr. Fernandes discussed if there were any resource concerns for the

department; WMBE firm partnerships for project audits; travel, salaries, and training budget; providing

resources to community organizations who may not understand the audit process; and contracting methods

used by the Port.

The motion, made by Commissioner Mohamed, carried by the following vote:

In favor: Cho and Mohamed (2)

Opposed: (0)

PORT COMMISSION AUDIT COMMITTEE MEETING MINUTES

THURSDAY, DECEMBER 8, 2022

Page 3 of 3

6. 2022 Audit Plan Update

Presenters:

Glenn Fernandes, Director, Internal Audit

Internal Audit Director Glenn Fernandes reported that the department was on track in completing the plan.

Audits completed in the Third Quarter, 2022, include: North Satellite Renovation and Expansion Project;

Security Incident Response Management (ICT and Aviation Maintenance); and Avis Budget Car Rental

LLC.

7. Open Issues Status

Presenters:

Glenn Fernandes, Director, Internal Audit

The Open Issues Status Aging Report as of August 24, 2022 was discussed.

8. North Satellite Renovation and Expansion Project (NSAT) (See Report)

Presenters:

Glenn Fernandes, Director, Internal Audit

Jenny Albrecht, Senior Internal Auditor

The presentation addressed:

• scope and history of the project;

• the Port’s portion of NSAT: $712 million;

• Alaska Airlines’ portion of NSAT: approximately $41 million;

• Hensel Phelps was selected as the General Contractor/Construction Manager (GC/CM) for the

construction portion with an initial construction contract of $458 million;

• during the project, there was a net total of $30 million in change orders, resulting in a total

construction contract cost of approximately $488 million;

• the Port contracted with the firm, R.L. Townsend and Associates, LLC, to perform an independent

audit;

• the finding that Overtime costs were not properly reviewed to assure payment accuracy and

compliance with both Port Standard Operating Procedures and Washington State Law - lack of

supporting documentation and billing errors resulted in questioned costs of $79,118;

• recommendations for management to:

o enhance the review process to assure compliance with Force Account overtime

requirements and payment accuracy and to also hold the GC/CM accountable for

adequate oversight and correct billings;

o implement a policy that requires contractors on Port projects to maintain a way to track on-

site personnel to prevent fraud, waste or abuse as it relates to time theft; and

o Construction Management should seek and recover any amount due to the Port from

overbillings and unsupported costs;

• The finding that the Port does not have a policy limiting contractors from working extended hours

PORT COMMISSION AUDIT COMMITTEE MEETING MINUTES

THURSDAY, DECEMBER 8, 2022

Page 4 of 3

and consecutive days, causing an increased risk of negative impacts on safety and performance;

and

• recommendations for management to review the Port’s safety policies to determine if there should

be a limit on the number of hours a contractor can work in a day and the number of consecutive

days a contractor can work at the Port,

Janice Zahn, Construction Engineering, provided management’s response to the Audit:

• Force Account Requirements - Port Engineering – Construction Management, Central

Procurement Office (CPO), Project Management, and Legal will meet to consider modifications to

the Force Account process in future contracts.

• Policy to track contractor personnel on site - Port Engineering – Construction Management, Central

Procurement Office (CPO), Project Management, and Legal will meet to consider adding a

requirement for Contractors to track all personnel on site in future contracts.

• Recover any Overbilling - In coordination with Hensel Phelps, Port Engineering – Construction

Management will ensure validation of actual costs incurred by the contractor. The items identified

by Internal Audit shall be addressed as part of the validation process and we will deduct any

amounts overpaid.

• Limits to hours/days worked - Port Engineering - Construction Management, Engineering -

Construction Safety, Engineering - Construction Labor, Risk Management, Legal, and Project

Management will meet to consider adding a limit to hours/days worked for contractor personnel to

future contracts.

Members of the Committee and staff discussed:

• opportunities identified to improve the tracking system;

• pre-approval processes and review of Force accounts;

• proper documentation attached to Change Orders;

• the magnitude of the project and how audit samples are collected by subset;

• building audit controls into the process at an earlier stage;

• strengthening management’s response from ‘considering modifications; and

• how controls will be put into place in the future to mitigate issues and watch hours in the future.

Members of the Committee thanked the Internal Audit Department staff for their work on the audit and

management for their response.

At this time, Commissioner Cho presented a Challenge Coin to Jenny Albrecht, Senior Internal Auditor, for

her work on the audit and for identifying a security matter.

9. Security Incident Response Management (ICT & Aviation Maintenance) (See Report)

Presenters:

Glenn Fernandes, Director, Internal Audit

Bruce Klouzal, Manager, Internal Audit – IT

Ritika Marwaha, Senior IT Auditor

The presentation addressed:

• the audit period of January 2021 through July 2022;

• the purpose of the audit - to evaluate the adequacy of internal controls related to the processes for

PORT COMMISSION AUDIT COMMITTEE MEETING MINUTES

THURSDAY, DECEMBER 8, 2022

Page 5 of 3

developing and maintaining an incident response capability to prepare, detect, and quickly respond

to an attack;

• the scope of this audit covered the Enterprise network; managed by the Port of Seattle’s (Port’s)

Information and Communication Technology (ICT) department, and the Access Control System

(ACS) network, Industrial Control System (ICS) network, and OpsLan network; managed by the

Port’s Aviation Maintenance (AV/M) department;

• Security Incident Response - part of the 18 critical Center for Internet Security (CIS) controls;

• CIS security controls are a prioritized set of best practices created to protect organizations and

data from cyberattack vectors;

• a comprehensive cybersecurity program includes protections, detections, response, and recovery

capabilities;

• the primary goal of incident response is to identify threats on the enterprise, respond to them

before they can spread, and remediate them before they can cause harm;

• the audit focused on the overall design and effectiveness of the security incident process to assure

the protection of critical information and systems; and

• based on the results of our audit, the IT Audit staff concluded that the security incident response

processes for the Enterprise network and the OpsLan, ACS, and ICS networks, were operating

effectively.

Members of the Committee thanked the Internal Audit Department for its review.

10. Avis Budget Car Rental LLC (See Report)

Presenters:

Glenn Fernandes, Director, Internal Audit

Dan Chase, Manager, Internal Audit

The presentation addressed:

• the Port’s agreement for a Consolidated Rental Car Facility Lease Agreement with Avis in July

2008;

• the agreement’s requirement of a Minimum Annual Guarantee equal to 85 percent of the total paid

to the Port for the previous Agreement Year;

• the requirement of the agreement of a daily Customer Facility Charge (CFC) of $6.00 on vehicle

rental transactions - effective January 1, 2021, the CFC increased to $6.50;

• approximately $38 million was paid to the Port during the audit period (June 2018 - May 2021);

• Internal Audit identified approximately $2,645 of CFCs not billed to the customer and subsequently

remitted to the Port;

• the Agreement requires the operator to bill a daily CFC on vehicle rental transactions, and to remit

the full amount to the Port, regardless of whether or not the full amount is actually collected;

• Internal Audit also identified $109,835.50 of CFCs that appeared to be overcharged to the

customers;

• The Audit recommendation to collect $2,645.60 plus any accrued interest and/or penalties and for

Aviation Commercial Management to request an explanation regarding what caused the overbilling

of $109,835.50 to determine whether systems and processes need to be adjusted.

Members of the Committee and staff discussed if there are any accountability measures in place with Avis.

Geoffrey Foster, Aviation Property Manager, provided management’s response, noting that Aviation

PORT COMMISSION AUDIT COMMITTEE MEETING MINUTES

THURSDAY, DECEMBER 8, 2022

Page 6 of 3

Commercial Management staff agrees with the findings and will pursue the collection of under-reported

CFCs. They will continue to work with Avis/Budget and Internal Audit on the potential overbilling to better

understand their methodology for calculating CFCs, including the “up to” provision, which may significantly

lower the final figures and will also work to have the tenant rectify any identified errors in their calculation

parameters.

Discussion continued regarding the amount of the overcharge to customers and the number of customers

impacted.

Members of the Committee thanked the Internal Audit Department for its review and management for their

response.

11. Committee Comments

Staff and Members of the Committee recognized the work of Moraa Omwega on the Avis audit, noting that

she is moving to the Central Procurement Office.

Mr. Fernandes and Members of the Committee thanked the management teams for working with the

Internal Audit Department regarding the audits.

16. Adjournment

There being no further business, the special meeting adjourned at 4:18 p.m.

Prepared: Attest:

__________________________________ __________________________________

Michelle M. Hart, MMC, Commission Clerk Sam Cho, Audit Committee Chair

Minutes approved: December 8, 2022.