muniBLOG: Administration

Being aware – situationally aware

Our world has always been in a state of perpetual change. Now more than ever, it is perceived to be doing that at an ever-rapid pace.

Positive changes such as economic growth, and technology advancements to note a couple. Unfortunately, with the positive, comes the negative. A continuous cycle of persons who wish to do harm.

Safety and Security experts inform us that violent events will continue to happen. The violent extremist motivated and driven by an ideology, to the targeting of individuals, place of business, worship, acts of violence that permeate into every vertical, sector of business and government.

Active safety and security programs are continuous reviewed, modified to face existing and the new challenges of tomorrow.

To make your safety and security programs more effective, the program needs ambassadors, staff.

Ambassadors need to be aware. Situationally aware.

Situational awareness training provides your staff with valuable intelligence & time when facing safety and security situations of potential harm or danger.

Being situation aware is truly a change in mindset.

It is a way of thinking that will focus a person’s behaviour, their outlook, and their mental attitude. People that are aware are no longer vulnerable but capable.

Capable individuals are always prepared. Capable individuals are not complacent, they use technology to enhance their preparedness and response and their planning always includes a contingency plan.

Situationally aware staff improve the effectiveness of your safety and security program.

Situationally aware individuals enhance the workplace and enhance their personal safety and security.

We can Help.

Plan the Work. Work the Plan.

Should your Municipality need assistance in Situation Awareness training, contact Michael White Group International today, and we will be happy to answer your questions.

Michael White Group International is Arcuri Group LLC approved Situation Awareness Specialist Certification Training provider.

 

Share

Congratulations to the Municipality of Meaford!!

Congratulations to our AccessE11 customer, the Municipality of Meaford for receiving the 2021 CAMA Willis Award for Innovation!

The Municipality of Meaford has received national recognition for its “Report a Concern” AccessE11 Website Portal from the Canadian Association of Municipal Administrators (CAMA).  The Municipality was presented with the 2021 CAMA Willis Award for Innovation, in the Under 20,000 population category, during a Virtual Awards of Excellence Ceremony held May 11th.

Meaford identified the need to adopt technology that would integrate and provide a streamlined process in managing citizen requests.  As a result, the municipality partnered with AccessE11 for the implementation of a cost-effective, robust, cloud-based software solution focused on the supporting the municipality’s requirements related to customer management. This is a “lean six sigma” software solution, which is deep-rooted and focused on addressing the needs of the customer first.

 “CAMA is pleased to recognize the Municipality of Meaford for the innovation and best practice being demonstrated by their website portal,” said Jake Rudolph, outgoing president of CAMA and Chief Administrative Officer for the City of Nanaimo, BC.  “Using technology that allows residents to report their concerns online is a great way to enhance limited resources, put the customer first, and gather data for planning purposes.”

Watch the video here

Congratulations Meaford!!

Share

Unlock the Power in Your Citizen Service Request Data

There is no question that the Covid-19 pandemic is creating hardships for local governments as recreation, illegal parking and transportation revenues decline and more money gets directed into public health initiatives. Budget cuts, where not already underway, are looming and municipal governments will need to find operational efficiencies and direct scarce resources to where they are most needed and have the greatest impact. In this post, we look at how 311 or citizen service request data can be an extremely valuable component in the toolkit of a local government trying to maintain services with fewer resources at its disposal.

It comes as no surprise that, as part of the open data movement, larger cities have been at the forefront of investing in data hubs that consolidate data from 311 service requests and multiple other sources. New York City, for example, has been relying on sophisticated data analytics for several years to measure performance and better inform the allocation of the city’s financial resources, equipment and personnel. Like many large North American cities, New York maintains a portal where the public has access to critical performance measures from multiple agencies. The benefits of this treasure trove of data for city managers are obvious, however, the very significant investments in time and cost required to get there are out of reach for smaller municipalities.

But concerns about cost or complexity should not prevent these smaller municipalities from pursuing a data-driven approach to finding efficiencies in their operations. The trick is to have a clear idea of the keys to success and the right set of tools to get there. For example:

Data Focus

When considering a goal of optimizing resource allocation in the face of budget constraints, the value across various types of data is not necessarily equivalent and therefore prioritization is needed. 311 service request data is particularly powerful because properly implemented, there should be a documented record of every touchpoint with the concerned citizen and assigned staff from the time an issue is raised to when it is resolved and closed. From a management perspective, this is extremely valuable.

The Right CRM

Regardless of municipality size, aggregation of the required data is unlikely to be successful without leveraging a CRM to manage service requests. CRM implementations should not, by default, be cost-prohibitive and there are cloud-based solutions available today that are easy to adapt and built specifically with the needs of smaller municipalities in mind.

Seamless Data Collection

The aggregation of comprehensive service request data that can be used reliably to inform operational decisions needs to happen by default. Local government service delivery will likely continue without staff increases for the foreseeable future, meaning that technology used needs to make the work of municipal staff easier in general and at the same time avoid any extra effort to collect and store the desired performance-related data. And since the primary data sources are the citizens themselves, an omnichannel approach that makes it simple to report service issues is critical. Citizens that are engaged in the way that best suits them will be far more likely to participate in making their communities better.

Flexible Analytics and Reporting

Once the data is available in one place, making sense of it is the next challenge. For smaller municipalities, the tools needed to visualize and report on service request data will, ideally, be baked into the solution used to manage day-to-day requests. Regardless of the technology that is applied, however, there are several imperatives that should be in place to fully benefit from this type of data analysis initiative. In all likelihood, various stakeholders including the city council, CAOs, and departmental managers will have different objectives when looking at the data, and these objectives will evolve over time. This speaks to the need for simplicity and flexibility for configuring and saving reports and dashboards on an individual basis. Access to configurable GIS views of the data can be highly useful as well in identifying trouble spots, prioritizing work plans, and scheduling the activities of field staff.

The bottom line is that there are opportunities for governments of any size to invest in a data-informed and results-oriented approach to finding savings in their operations. And although the pandemic will hopefully be in the rear-view mirror soon, it is not too late for municipal governments to start unlocking the power of service request data. This is a natural evolution for those with a suitable CRM already in place, but even where not the case adoption of suitable technology does not need to be onerous. Doing so will help with the immediate need to recover quickly from pandemic-induced shortfalls, and will continue to pay dividends for many years to come.

 

Share

How to Find the Budget for a Municipal Project

Have you ever received an RFP that doesn’t have any budget listed?  It makes it hard to truly understand the scope of the work requested, doesn’t it?

Municipalities have their hearts in the right place, but often they throw more “wants” into an RFP than they have the budget for. When the bids come in way over their budget, they have to start the whole RFP process all over again – wasting everyone’s time.  

Worst yet, those who bid the first time may not bother to submit a bid the second time around and the municipality may receive fewer bids and ultimately higher pricing.

In defense of municipalities, however, I’ve been on both sides of the argument on whether or not to include the budget for a project in an RFP.

As a CAO, I didn’t want to put the budget number in the RFP either, because I was afraid bidders would simply submit bids right up to the budget number. This is still a common misconception.

But now, experience has taught me, when bidders know the budget number, the reality is they more often submit bids lower than the budget, to try to win the work.

From the Bidders’ perspective though, it’s incredibly frustrating not knowing the budget number because you can’t accurately price the work without understanding the municipality’s expectations.

So, to connect the dots, here’s a tip for Bidders to find the budget for a municipal project.

 

In most cases you can, through good sleuthing, find the budget a municipality has set aside for a specific project.

  • Provincial Announcements

Often when Provinces announce funding for municipalities, they will have a press release and a link to find out which municipality received what amount for specific project(s). That’s the easiest way to find the budget for a project.  

  • Agendas & Minutes

If the municipality received funding for the project, Council will most likely have recently passed a resolution to approve the project.  By searching the municipality’s Agendas/ Minutes section of their website, you can usually find the resolution about a month or so before the RFP was issued.

Personally, I start by looking at the Agendas and searching keywords, related to whatever the RFP has been issued for.  (i.e. Service Delivery Review, Parks & Rec Roof Repairs, etc.).  The Agenda will help you narrow down the minutes that contain the resolution Council passed – and the resolution will normally have the dollar amount approved for the project.  

  • Budget

If the municipality did not receive funding for the project, you may not find a resolution approving it. So, another way you can sometimes find the budget for a project is by finding the municipality’s annual budget on their website.  

This is a bit harder to do if you’re not familiar with how a municipal budget looks, but look at the proposed expenditures for the current year, in the appropriate department and you may see the project noted separately in the annual budget. 

For example, you would most likely find the budget for “Service Delivery Review” in the General Administration part of the budget, or “Roof Repairs” in the Parks & Recreation part of the budget, etc.  

You can also check out the Special Budget Meetings of Council (again in the Agendas/Minutes section of the municipality’s website), and you may see mention of the project and how much Council wants to budget for it. 

It takes time, and it’s not always easy, but in most cases, it is possible to find the budget the municipality has set aside for a project. 

Happy Sleuthing Sherlock! 

Got questions?

Contact Susan Shannon, Founder & Principal, muniSERV.ca

855.477.5095 or [email protected]

 

Share

Negotiating Like a Lawyer

I don’t like going to the doctor’s office. Part of the reason is because my doctor also happens to be a good friend of mine and I already see him enough on the golf course, squash courts and playing pick-up hockey

 

But I mostly avoid doctors visits because I hate being poked and prodded. So to make my doctor’s visits as quick and painless as possible, when I do have to go see him I give him as much context as I can about the reason for my visit. This gets him to focus on my problem and limits the amount poking and prodding 

 

I also don’t like getting poked and prodded in a lawyer’s office

 

Most of us that work for organizations that have a legal department which reviews the contracts we’re negotiating and the amount of changes to a contract, especially if the edits are to our standard agreement, usually determines the extent of the legal review

 

So just like the doctor’s visit, I make sure to provide our lawyers with as much context as I can so they can focus on the issues and not have to go through the entire agreement with a fine toothed comb

 

Now there are some lawyers that, no matter how much context you give them, they’re going to read the whole contract and that’s ok, it’s their prerogative. However, most lawyers I’ve worked with actually appreciate the extra effort I’ve put in to make their lives a little easier

 

But there’s another thing you can do before you even send the contract to legal for review and unfortunately, I don’t see enough negotiators doing this so spoiler alert… it’s actually ok for you to negotiate the legal terms in a contract on behalf of your organization, as long as you remember 3 things:

 

  1. Make sure you actually understand the legal terms before arbitrarily rejecting the other sides edits
  2. Make it clear that all changes will still require final legal review and sign-off…and the trick here is to only negotiate in the areas where you have a really good sense of your lawyers threshold of acceptability
  3. If you’re working off your paper, try to eliminate as many changes as you can from the other side

 

I was helping a client not too long ago who wanted to start discussions with a new supplier so they sent them an NDA to sign and the supplier came back with some edits. But before my client sent it off to his legal department for review, I asked if I could take a look at the changes first

 

The supplier had made five changes to the NDA. Four of the changes were to de-risk any liability they’d have if they breached confidentiality and one was a legitimate concern about their IP

 

So we went back to the supplier and said we understood the IP concerns but the other four changes would make it impossible for us to do business with them. Within 10 minutes the sales executive responded that he’d had a “quick chat” with his lawyers and we could disregard those 4 changes but they would like to see some compromise on the IP

 

When my client sent the changes to legal, he provided all of this context and legal approved the change in a few hours, which is nothing short of a miracle in most organizations

 

So the big takeaway here is that if you fancy yourself as a negotiator, then be a negotiator. Don’t just throw your contracts over to legal to sort out…and if you don’t know something, learn.

 

I recently developed and launched a training course with my colleague, Mark Morrissey, which covers this and other topics that are essential for Strategic Sourcing Professionals.

 

Most of you have a training budget this year and you could do a lot worse than seeing what we have to offer, so check out the training section on our website and let me know if you would like more information about our corporate group pricing

 

Mohammed Faridy

Chief Executive Officer

OneView 1450 Meyerside Drive Suite 603 Mississauga, ON L5T 2N5

E-mail: [email protected] I Cell: 416-917-2410

 

 

 

Share

What type of testing is right for your website – Understanding the difference in website testing

In the last few weeks there has been a rise in reported malware and malicious attacks on small municipalities. Testing of three small municipality websites in recent weeks by our team has resulted in failures on all sites basic security parameters. We often hear small organizations saying they don’t need to worry about attacks, they aren’t “big enough” but anyone can be a target.

Regular testing your website for known vulnerabilities and emerging threats should become a part of your Cyber Security Road Map. The first step is identifying the type of web testing that is right for your infrastructure. Here are a few key questions to consider;

1) Where is your website hosted – do you host it yourself? Is it hosted by a third-party?
2) Who is responsible for the security of the host system, the operating system?
3) Do you have a web application firewall such as CloudFlare in front of your website?
4) Is your website a static page with content?
5) Do you have a login and if so what type of data is behind the login? Customer, pricing, private personal?
6) Do you have any API interactions with other applications?

When you start down the road of testing your website you want to consider the host operating system and the application. There are two key types of testing available, fully automated scanning and manual testing. Fully automated scanning is used for both host operating systems and web applications. The host operating system scan will scan for all currently known vulnerabilities affecting that operation system. It will report back on the CVE, the risk and usually suggested remediation tips. The same is true for the web application scanning. The fully automated web application scanner will scan your website at a minimum for the OWASP top 10 vulnerabilities and report back on risks and remediation. https://owasp.org/www-project-top-ten/.

Manual testing means that you have an actual person who is using various methods to determine the security of a host or the application and If the rules of the engagement permit, they will attempt to exploit a vulnerability and gain access, modify content or download information. There are varying degrees of manual testing, the simplest is one tester and one day and the more extensive 2 testers and 5 days of testing.

The type of test that is required for your website really depends on two main factors –

 

1. Have the host and application ever been tested before?

2. What is the criticality of the data being processed or stored on this site?

 

For example, if you have a very static page of content that is hosted by a third party, chances are a good OWASP 10 scan of you site will be sufficient to let you know if you have any glaring misconfigurations that could lead to a website defacement or potential attack on your site. If your website has a login and you allow users to sign up for accounts and host dynamic content, you would want to make sure you consider a manual test at least for the first test. Once a thorough baseline has been established for the site, testing can become more routine and automated.

We recommend you develop a plan for testing and make sure to include the above considerations. There might be special notifications you have to give in writing to a third party before you test an application, you might have to have a testing IP whitelisted in a web application firewall, you may need special accounts set up in the application for testing.

If you are unsure what type of test is right for your website, reach out to us and we will be glad to discuss options with you.

http://www.mi613.ca

Share

The Importance of Third Party Vendor Assessments

Lessons learned from Cyber Incident Response

We are finding many companies that have experienced a Cyber Incident are not performing even the most basic Third Party Vendor Risk Assessment.

It is absolutely imperative that if you engage with a vendor you understand the associated risks.

5 simple questions can lead you to be a better understanding of your Vendor risks and a quicker recovery from an Incident:

 

  1. Is there an identifiable Leadership team?
    • Who is accountable?
    • Would you be able to escalate or contact them?
    • Where are they located?
  2. Do they have an Incident Response plan and Reporting Structure?
    • Do they have a response plan?
    • Are there dedicated phone numbers or emails for reporting incidents?
    • Are ticket numbers assigned and tracked?
  3. Who is responsible for security within their Organization?
    • Is there someone who is responsible for security?
    • Is there a defined role or is it an off the side of the desk of another role?
    • Does the company reside in a country that has Breach Reporting responsibilities?
  4. Do you have a Service Level Agreement for responding to incidents?
    • Do you have a defined Incident/Severity matrix with set response times?
    • How do you escalate an Incident?
    • What is your communication cadence?
  5. Can they demonstrate their current level of Cyber Security Compliance?
    • Can they demonstrate the framework they adhere to? (NIST/CIS)
    • Do they disclose if and when they do vulnerability/penetration testing?
    • Do they have any risk reports (SOC 1, SOC 2, PCI or DSS) they can share?
    • Do they have patch management?

It is important to develop a Third Party Cyber Security Screening Assessment before engaging in a new contract. We can walk you through the process and helping you to understand your Cyber Risks.

 

Let’s talk Cyber!

http://www.mi613.ca

Share

You will never change my mind in a negotiation

I’ve been negotiating contracts for so long now that it’s impossible for me to remember every moment in every negotiation

 

But there’s one thing I remember vividly from every single negotiation, because it’s probably the one thing that’s remained constant through all these years

 

I’ve never had my mind changed in a negotiation

 

I’ve agreed to things and made compromises, all for the sake of getting a deal done, but no one’s ever convinced me that they were right and I was wrong…about anything

 

And likewise, I’ve never changed anyone’s mind in a negotiation, because that’s not the purpose of a negotiation

 

Our goal as negotiators is to compromise, give and take, until we arrive at a deal that’s mutually beneficial…that makes good business sense for both sides

 

However, too often I see negotiators become preachers who start lecturing the other side on the “truth of the matter”

 

Well the truth of the matter is that if I come into a negotiation believing a supplier’s software was worth no more than $10K, there’s absolutely nothing they can say that’ll convince me it’s worth a penny more than that

 

Now I may agree to pay more than $10K, but not because I’ve seen the error of my wicked ways and repented for doubting the honesty of a software vendor

 

I’ll pay more because there’s other factors impacting my decision

 

Maybe I know that they’ll never sell me the software for $10K so I’ll try to get other things thrown into the deal…longer warranty period, better indemnities, a cap on annual increases

 

The point is, I’m not focused on convincing them that I’m right and they’re wrong in a negotiation

 

The “truth of the matter” is that I couldn’t care less what they believe, as long as I get everything I need to make this a good deal for my organization

 

And I realize that’s a lot easier said than done. We’re human beings and we’re constantly looking for validation of our beliefs

 

Just turn on the news and see what’s going on in the world…right vs. left, liberal vs. conservative, republican vs. democrat

 

People yelling and screaming, lying and acting violently…just to show that they’re right and the other side’s wrong

 

Thankfully no one’s ever been violent with me in a negotiation, but I’ve been yelled at and I’m constantly being lied to

 

But none of that’s going to change my mind

 

I may walk away from a deal if I find out I’m being lied to, but more often I’ll use that as leverage in the negotiations

 

And the minute someone raises their voice it’s like they flipped on a flashing neon sign that says “I have no more valid arguments so I’m just going to start screaming like a petulant 5 year old”

 

So how do we achieve that zen-like state where we can just tune out the noise and focus on getting a good deal?

 

Well, the first thing you need to do is define what a “good deal” means for your organization…what’s your BATNA?

 

Is it driven by price… does have to be less than a certain dollar amount or you’ll walk away from the deal?

 

Is it driven by timelines… does it have to be done by a certain date or you’ll walk away?

 

Is it driven by features and functionality… it has to do these things or there’s no deal

 

Next, you need to set your threshold of acceptability, like how much you’re willing to compromise on certain terms and conditions

 

Or how much screaming and lying are you willing to put up with

 

All of these things create the foundation for a strong negotiating strategy and, when you have that, the rest is just noise

 

Now all of the things I’ve just talked about, and much more, are covered in the Sourcing Essentials Course my colleague, Mark Morrissey, and I launched a few months ago (https://oneviewnow.com/training)

 

And I truly believe that anyone who gets involved in Procurement, Vendor Management or Negotiations for their organization would benefit from this course

 

But it doesn’t matter what I believe, it only matters what you and your organization need right now

 

So I’m not going to try convincing you to believe me…instead, I’ll show you

 

In January of 2020 I launched a course called the “7 Skills of the Elite Negotiator” and I made it free

 

Almost 250 procurement professionals, legal professionals and senior executives took the course

 

I’ve reopened that course for 90 days, you can sign up here -> https://mop.mykajabi.com/7-skills-signup

 

So if you’re on the fence about the Sourcing Essentials Course, sign up for the free one and decide for yourself whether or not this type of training is for you

 

And when you’re ready to take the Sourcing Essentials Course, feel free to reach out to me directly at [email protected] to learn about our corporate group rate

 

Mohammed Faridy

CEO, OneView

 

 

 

 

 

 

 

Share

Are you a Winner or a Learner?

It seems to me that most of us are happy to just be agreeable when it comes to our perspective about how the world works. As individuals we find some sense of mental peace knowing that we think like the rest of a group.  

But I’ve always looked at things differently.  Sometimes I’m right and sometimes I’m wrong.  And when I am wrong, I’m never afraid to admit it.  I forgive myself and accept it as a learning experience.

As Lionel Ritchie recently told a contestant on American Idol, “When you win, you win.  When you lose, you learn.” 

It’s one thing to allow yourself this flexibility, but as a Manager or Leader do you extend this same flexibility to your team’s innovative ideas?   And, perhaps more importantly, if an idea fails, do you offer the same “forgiveness” for your team as you would for yourself?

Continue reading

Share

Key Considerations for Local Government Software Adoption

When it comes to adopting new software, local governments have historically been somewhat cautious. And you can understand why. Government authorities face a number of unique challenges and must operate under certain constraints that do not always apply to others.

For instance, local government systems that are public-facing must be highly reliable because they have to be online 24/7/365. They must also be private and secure, particularly where personally identifiable information for residents comes into play.

Furthermore, they must have the ability to serve a large number of users. Unlike commercial businesses, a local authority’s target audience is the entire population of a region. Meaning systems have to be capable of supporting multiple languages and accessibility needs and be able to withstand unexpected surges in demand.

Civic Pulse recently conducted a survey asking local officials what they look for in government software. In order of importance, their top criteria included affordability, low “total cost of ownership”, and local government fit. Ease of use was important too, as were strong service and support.

The results indicate a clear pattern. Local governments are not averse and, in fact, are looking to implement better software. But successful solutions must easily adapt to existing processes, constraints, and practices. Otherwise, most local officials will be reticent to implement them.

Local Government Fit

Local governments want software that provides them with extra “capabilities” but that doesn’t necessitate massive changes to existing processes. However, unless they are built from the ground up with municipalities in mind, off-the-shelf solutions rarely mesh well with existing municipal operations and often fail during implementation. And even if they can be customized to do what is necessary, the amount of work, risk and cost usually increases to the point of being untenable – particularly for smaller municipalities.

The problem is this: local governments can’t make do with one-size-fits-all software anymore. As the Civic Pulse research shows, local authorities differ from each other significantly across multiple dimensions.

Total Cost of Ownership (TCO)

More than ever, municipalities are dealing with severe budget constraints. COVID-19 continues to affect our communities in terms of public-health, socially and economically, and local governments are bearing the brunt of this. Reduced revenues coupled with the need to maintain existing services and direct more money to public health have come at a significant cost.

Not surprisingly municipalities are looking for ways to control their expenses, including how they are choosing to implement new software solutions.

What is TCO?

Simple: it’s the sum of all direct and indirect costs associated with buying, implementing and managing the software over its duration of use.

There is a wide range of factors that impact TCO. For instance, easy-to-use software lowers TCO because staff time to learn and use the software is reduced. Software with exceptional vendor service and support also has a lower TCO because resolution of software issues or response to user queries happens quickly.

Software vendors that will appeal to local government brands feature comprehensive knowledge bases for self-help, online training, and dedicated remote support capabilities. Increasingly, vendors are moving to show government departments their return on software investments in real-time. Measuring the TCO against labour-saved by the solution gives local governments the data they need to justify continued spending.

Affordability

Affordability is perhaps the biggest constraint for government departments looking to purchase software. Local governments need to keep their infrastructure costs low to continue providing high-quality, front-line services to the public.

Consistent with what is happening in the private sector, local governments are embracing cloud-based solutions that minimize large capital purchases and the need for additional in-house IT resources. This has the added benefit of allowing the infrastructure to scale with demand, ensuring that any unnecessary spend on infrastructure is avoided. Flexible pricing models that allow local governments to choose the capabilities they need a la carte are also attractive.

AccessE11 – Built for Local Government

A large number of local governments have selected AccessE11’s citizen request software precisely for the reasons described above. With AccessE11, local governments get a solution that is:

• Created with municipal operations in mind

• Extremely simple to adopt and use

• Adaptable to each municipality’s unique needs without costly software development

• Cloud-based and accessible from anywhere on any device

• Affordable for municipalities of any size

Share