How to Find the Budget for a Municipal Project

Have you ever received an RFP that doesn’t have any budget listed?  It makes it hard to truly understand the scope of the work requested, doesn’t it?

 

Municipalities have their hearts in the right place, but often they throw more “wants” into an RFP than they have the budget for. When the bids come in way over their budget, they have to start the whole RFP process all over again – wasting everyone’s time.  

 

Worst yet, those who bid the first time may not bother to submit a bid the second time around and the municipality may receive fewer bids and ultimately higher pricing.

 

In defence of municipalities, however, I’ve been on both sides of the argument on whether or not to include the budget for a project in an RFP.

 

As a CAO, I didn’t want to put the budget number in the RFP either, because I was afraid bidders would simply submit bids right up to the budget number. This is still a common misconception.

But now, experience has taught me, when bidders know the budget number, the reality is they more often submit bids lower than the budget, to try to win the work.

 

From the Bidders’ perspective though, it’s incredibly frustrating not knowing the budget number because you can’t accurately price the work without understanding the municipality’s expectations.

 

So, to connect the dots, here’s a tip for Bidders to find the budget for a municipal project.

 

 

In most cases you can, through good sleuthing, find the budget a municipality has set aside for a specific project.

 

 

  • Provincial Announcements

 

Often when Provinces announce funding for municipalities, they will have a press release and a link to find out which municipality received what amount for specific project(s). That’s the easiest way to find the budget for a project.  

 

 

  • Agendas & Minutes

 

If the municipality received funding for the project, Council will most likely have recently passed a resolution to approve the project.  By searching the municipality’s Agendas/ Minutes section of their website, you can usually find the resolution about a month or so before the RFP was issued.

Personally, I start by looking at the Agendas and searching keywords, related to whatever the RFP has been issued for.  (i.e. Service Delivery Review, Parks & Rec Roof Repairs, etc.).  The Agenda will help you narrow down the minutes that contain the resolution Council passed – and the resolution will normally have the dollar amount approved for the project.  

 

 

  • Budget

 

If the municipality did not receive funding for the project, you may not find a resolution approving it. So, another way you can sometimes find the budget for a project is by finding the municipality’s annual budget on their website.  

This is a bit harder to do if you’re not familiar with how a municipal budget looks, but look at the proposed expenditures for the current year, in the appropriate department and you may see the project noted separately in the annual budget. 

 

For example, you would most likely find the budget for “Service Delivery Review” in the General Administration part of the budget, or “Roof Repairs” in the Parks & Recreation part of the budget, etc.  

 

You can also check out the Special Budget Meetings of Council (again in the Agendas/Minutes section of the municipality’s website), and you may see mention of the project and how much Council wants to budget for it. 

 

It takes time, and it’s not always easy, but in most cases, it is possible to find the budget the municipality has set aside for a project. 

 

Happy Sleuthing Sherlock! 

 

Got questions?

Contact Susan Shannon, Founder & Principal, muniSERV.ca

855.477.5095 or [email protected]

 

Share

What type of testing is right for your website – Understanding the difference in website testing

In the last few weeks there has been a rise in reported malware and malicious attacks on small municipalities. Testing of three small municipality websites in recent weeks by our team has resulted in failures on all sites basic security parameters. We often hear small organizations saying they don’t need to worry about attacks, they aren’t “big enough” but anyone can be a target.

Regular testing your website for known vulnerabilities and emerging threats should become a part of your Cyber Security Road Map. The first step is identifying the type of web testing that is right for your infrastructure. Here are a few key questions to consider;

1) Where is your website hosted – do you host it yourself? Is it hosted by a third-party?
2) Who is responsible for the security of the host system, the operating system?
3) Do you have a web application firewall such as CloudFlare in front of your website?
4) Is your website a static page with content?
5) Do you have a login and if so what type of data is behind the login? Customer, pricing, private personal?
6) Do you have any API interactions with other applications?

When you start down the road of testing your website you want to consider the host operating system and the application. There are two key types of testing available, fully automated scanning and manual testing. Fully automated scanning is used for both host operating systems and web applications. The host operating system scan will scan for all currently known vulnerabilities affecting that operation system. It will report back on the CVE, the risk and usually suggested remediation tips. The same is true for the web application scanning. The fully automated web application scanner will scan your website at a minimum for the OWASP top 10 vulnerabilities and report back on risks and remediation. https://owasp.org/www-project-top-ten/.

Manual testing means that you have an actual person who is using various methods to determine the security of a host or the application and If the rules of the engagement permit, they will attempt to exploit a vulnerability and gain access, modify content or download information. There are varying degrees of manual testing, the simplest is one tester and one day and the more extensive 2 testers and 5 days of testing.

The type of test that is required for your website really depends on two main factors –

 

1. Have the host and application ever been tested before?

2. What is the criticality of the data being processed or stored on this site?

 

For example, if you have a very static page of content that is hosted by a third party, chances are a good OWASP 10 scan of you site will be sufficient to let you know if you have any glaring misconfigurations that could lead to a website defacement or potential attack on your site. If your website has a login and you allow users to sign up for accounts and host dynamic content, you would want to make sure you consider a manual test at least for the first test. Once a thorough baseline has been established for the site, testing can become more routine and automated.

We recommend you develop a plan for testing and make sure to include the above considerations. There might be special notifications you have to give in writing to a third party before you test an application, you might have to have a testing IP whitelisted in a web application firewall, you may need special accounts set up in the application for testing.

If you are unsure what type of test is right for your website, reach out to us and we will be glad to discuss options with you.

http://www.mi613.ca

Share

The Importance of Third Party Vendor Assessments

Lessons learned from Cyber Incident Response

We are finding many companies that have experienced a Cyber Incident are not performing even the most basic Third Party Vendor Risk Assessment.

It is absolutely imperative that if you engage with a vendor you understand the associated risks.

5 simple questions can lead you to be a better understanding of your Vendor risks and a quicker recovery from an Incident:

 

  1. Is there an identifiable Leadership team?
    • Who is accountable?
    • Would you be able to escalate or contact them?
    • Where are they located?
  2. Do they have an Incident Response plan and Reporting Structure?
    • Do they have a response plan?
    • Are there dedicated phone numbers or emails for reporting incidents?
    • Are ticket numbers assigned and tracked?
  3. Who is responsible for security within their Organization?
    • Is there someone who is responsible for security?
    • Is there a defined role or is it an off the side of the desk of another role?
    • Does the company reside in a country that has Breach Reporting responsibilities?
  4. Do you have a Service Level Agreement for responding to incidents?
    • Do you have a defined Incident/Severity matrix with set response times?
    • How do you escalate an Incident?
    • What is your communication cadence?
  5. Can they demonstrate their current level of Cyber Security Compliance?
    • Can they demonstrate the framework they adhere to? (NIST/CIS)
    • Do they disclose if and when they do vulnerability/penetration testing?
    • Do they have any risk reports (SOC 1, SOC 2, PCI or DSS) they can share?
    • Do they have patch management?

It is important to develop a Third Party Cyber Security Screening Assessment before engaging in a new contract. We can walk you through the process and helping you to understand your Cyber Risks.

 

Let’s talk Cyber!

http://www.mi613.ca

Share

How have the pandemic adaptations affected your Physical Security?

Well into the COVID19 pandemic, organizations, governments big and small have had to take measures and make changes to their environments to adapt to the needs of their staff, customers, their service delivery model, requirements of health science, government agency regulations and perhaps “new” industry best practices and of course the ever-changing virus.

These measures have evolved into many different things. We’re going to specifically focus on physical security devices.

Two of the pervasive items that have been introduced in many environments are plexiglass and signage.

Organizations have installed plexiglass barriers at intersection points of personnel as they have the potential to interact with other personnel, customers, vendors, etc.

Informative signage itemizing physical distancing rules, self assessment health protocols have been placed all around in both strategic and random locations within the environment to ensure every opportunity for personnel and visitors to be informed.

Funny thing about all of this plexiglass barriers and signage.

In some cases, not all, we have inadvertently defeated some or many of the installed security devices functionality and purpose. That is, their ability to monitor, detect and alert (alarm).

  • Motion detectors blocked, unable to provide proper coverage
  • Cameras experiencing sun flare reflection off plexiglass
  • Nuisance alarms due to swinging signage on the increase
  • And other unforeseen affects

There are incidents where this is enough of this added material, that areas, although devices are active and functioning as per specifications, are unable to detect properly – leaving areas with no security detection or proper monitoring.

We have the answers.

Let’s go for a (physically distanced) walk and have a conversation.

Your security risk plans are more than just a motion detector or even a strategic camera placement.

We can Help.

Plan the Work. Work the Plan.

Should your Municipality need assistance, contact Michael White Group today, and we will be happy to answer your questions or provide quotations.

Share

$31 million Canada Healthy Community Initiative – open for proposals

The Government of Canada announced that the Community Foundations of Canada with the Canadian Urban Institute are open to receive and review your proposal for access to $31 million under the Healthy Communities Initiative.

https://youtu.be/1smdTfZF-zE

 

I attended the Canada Healthy Community Initiative launch webinar February 9 and reviewed the applicant guide which is focused on the increased recognition of social and digital infrastructure that contributes to healthy community outcomes. The applicant guide makes it easy to understand if your organization can apply.

 

The projects eligible for funding need to serve the public or a community disproportionately impacted by Covid19 and fall within three healthy community initiative themes, one of them being community projects that use innovative data and technology solutions to connect people and support healthy communities. Community projects that use digital technologies and solutions to encourage citizen engagement, use open data, online platforms or physical digital devices for public benefit.

All budget items must be project related and expenses occur between April 1 2020 and June 30 2022. Details on how anticipated expenses are outlined in the budget are included in the applicant guide.

You need to demonstrate community engagement. Planned continued engagement with the community to receive feedback on the project may also demonstrate the role of the community in delivering the project. Your team can also elaborate on your equity approach and principles for the project and how it relates to community outreach and feedback.

All projects focusing on the theme of digital solutions and any project that handles public data should demonstrate best practices of digital design and responsible data management. The good news for you and your organization is that Athena Software meets the needs for inclusive design and data management.

 

Athena can provide details on data management considerations including:

Collection – who can collect the data

Access – who can access the data

Use – Who can use the data

Openness – What data is attributed to an individual

Compliance – PIPEDA

Minimum funding is $5000. Maximum funding is $250,000

 

All budget items must be project related and incurred April 1 2020 to June 30 2022. The government provided a budget template in excel. We created a proposal for the Canada Healthy Community Initiative and integrated it with the budget template to help give you a head start on filling out the form. Let me know if you are interested in the proposal and excel budget template and we will send you the forms to begin the process.

 

The first round of funding opened February 9 2021 and will close March 9 2021 5 PM PST. Review committees begin making decisions March 10. All applicants will receive results by April 30 2021.

The second round of funding opens May 14 2021 9:00 AM AST and closes June 25 2021 at 5 PM PST. Applicants that did not receive funding in round one can apply for funding in round two. Review committees begin making decisions June 26. All applicants will receive results by August 13 2021.

 

You will need to check which region your project is in before you apply with the link to the map in the application guide. You will also identify the amount you are applying for. Any project over $100,000 will be reviewed at the national level.

 

Your application will be evaluated with many others in each community. Your application must meet the basic eligibility criteria including project rationale, community engagement, outcomes, project implementation and readiness fulfilling all of the following criteria:

 

  • Submitted by an eligible organization, and provides documentation
  • Responds to needs arising from COVID-19
  • Creates or adapts public spaces, or programming or services for public spaces in the public interest
  • Demonstrates consideration of and connections within the community
  • Serves the general public or a community disproportionately impacted by COVID-19
  • Falls within the Healthy Communities Initiative theme(s)
  • Submitted with a complete budget
  • Is requesting between $5,000 and $250,000
  • Incurs expenses between April 1 2020 to June 30 2022

Please join me March 5 at 1 PM EST for a hands-on webinar as we share ideas from communities that use Penelope to assist those most affected by Covid 19 and review proposals for new and current agencies using Penelope. You can find the registration page on our Athena web site. Hope to see you there. If you have questions before then call or email. Until then stay safe. We will see you soon.

Share

Our 2021 Wage Outlook

A Challenging Year Ahead

While Canadian and global stock markets reach new records week, after week (at least at the time of this writing!), employment, inflation and interest rates tell a very different story.

Employment insurance claims at of the end October were up 200% versus the same timeframe last year.  Interest rates are negligible, and the Consumer Price Index, while rising modestly in November (+1.0%) was a mere +0.7% in October — a reference point used in many collective agreements and other compensation plans as a benchmark for 2021 wage increases.

Despite overwhelming government stimulus, it appears that some employers will face cost pressures and may have difficulty maintaining their budgets as the economy slowly recovers. Downward revisions to pay increases in the coming months is expected.

In the last quarter, more than 36 per cent of Canadian organizations froze salaries for 2020, compared to a pre-COVID forecast of just 2% per cent, and this trend is likely to hold true for the coming year.  In fact, almost half of employers are uncertain about what to do in 2021 and 13% plan to continue salary freezes in 2021, while 6% of employers will be looking to reduce wages.

Not since the 2008 financial crisis have we seen average base salary increases drop below 2%.

Union workforces are being hit particularly hard. Negotiated wages for 2020 came in at 1.7 per cent, compared to 1.9 per cent in 2019. Looking to 2021, negotiated wage increases are expected to fall further to 1.6 per cent or lower.

Alberta, historically a region with the strongest wage growth, will also continue its slide below trendlines at 1.7 per cent, the lowest among Canadian provinces and territories.

Not all employers are freezing salaries. Many sectors are experiencing strong demand, and recruitment in a number of job classifications remains competitive.  Among employers who are considering wage bumps, the average pay increase for non-unionized employees in Canada is projected to be 2.1 per cent next year, according to the Conference Board of Canada.

Other bright spots include those working in waste management and remediation services where projections are a rosy 3% cent increase while those in utilities will see a 2.4 per cent increase. Professionals in finance and insurance, scientific and technical services as well as wholesale trade can expect increases of 2.2 per cent.

By sector, salary projections for 2021 are highest among Crown corporations at 2.5 per cent.

The recovery will be uneven. Industries that lend themselves well to remote work, or that were shut down for only short periods, will recover quickly. Other sectors, such as recreation, accommodation and food services will recover much more slowly, with employment levels not returning to their pre-pandemic levels presumably until vaccine campaigns are more widely available in late 2021.

 

We Are Your HR Department

We look after your Policy Manual, Employment Agreements, government-mandated compliance training and more.  We have you covered – we are your HR Department.  SHRP provides full-service HR support including Job Evaluation and Pay Equity planning in addition to best-in-class Human Resources solutions on a project or ongoing basis with our exclusive HRLive platform.  Contact us today for a free demonstration and start the development of a results-oriented HR strategy for your municipality.

 

Matthew Savino, B.A. LL.B., C.H.R.E.

Managing Partner, SHRP Limited

925-550 Skyway Drive, Peterborough, ON K9J 0E7

[email protected] | www.hrlive.ca | 705-400-7145

————————–

Sources:

-Statistics Canada

-Morneau Shepell “Salary Projection 2021” Survey

-Conference Board of Canada “Compensation Planning Outlook 2021”

-Canadian Payroll Association

-Willis Towers Watson

Share

Physical Security Risk: know how to assess it

 

Many small to medium sized business (and even large enterprise businesses)  and government, have limited budgets, let alone spending a lot on risk and security.

Before you do go and spend a lot of capital on risk and security mitigation measures (aka security cameras, access control, bars and locks, lighting, training, fencing, etc.), you need to know what you’re buying for.

That is, you need to know what risks you are addressing.

Risk dial

Having a Risk Assessment completed on your municipality narrows the focus of your spending and aligns your purchasing with the specific types of risk and security mitigation measures you need.

To get a little technical…Risk assessment is the overall process of risk identification, risk analysis and risk evaluation. It involves the process of identifying internal and external threats and vulnerabilities, identifying the probability and impact of an event arising from such threats or vulnerabilities, defining critical functions necessary to continue the organization’s operations, defining the controls in place necessary to reduce exposure and evaluating the cost of such controls.

That is a mouthful. Let us break this down a bit.

If you have a threat, but there is no vulnerability, then there is no risk.

If you have a vulnerability but no threat, no risk.

Perhaps something many can relate to, you went online and purchased some products, and they are set to be delivered to your home. And no, we are not going to discuss online security…a topic for another day perhaps.

The packages are delivered to your home. But because of your daily routine, errands, off to the office, or shop, you are not always home. The shiny object is the packages just delivered. The vulnerability or sometimes referred to as a gap, is you are not home, and the packages now sit on your front step unattended. The threat, someone will take those packages right from your front step.

So, going back to the assessment. The key is once you know what your largest threats are (and yes you need to be able to determine that), it is important that you take action (implement risk and security mitigation measures) to lower your vulnerability.

Why not eliminate the vulnerability?

Great question, thanks for asking.

Eliminating the vulnerability may not always be possible.

Some business sectors and industries simply have built-in threats. But, if we focus on lowering the vulnerability, we lower the risk of a loss.

The assessment is complete, and we have identified risks. The next important step is finding the risk and security measures that are going to be the most effective in mitigating the identified risk. These measures come in all different shapes and sizes, video surveillance, locks and safes, lighting, security focused training, etc.

Where in doubt, reach out to us or find your trusted Independent Risk and Security consultant.

Yes, we highlighted Independent. That is definitely a topic for another day.

It all starts with a conversation.

We can Help.

Plan the Work. Work the Plan.

Should your Municipality need assistance, contact Michael White Group today, and we will be happy to answer your questions or provide quotations.

 

Share

Getting Ahead of COVID-19 with Data and Analytics – Are You Ready?

smiling woman working on her computer

Communities across Canada were excited to hear the news that shipments of vaccine arrived and front-line workers and seniors were first in line to receive the vaccinations that will eventually make its way across Canada to every citizen in a very large country. Logistical issues aside, the Canadian Armed Forces will ensure that delivery of this life saving miracle arrives safely in each community.

 

It will take months before everyone is vaccinated. Projections suggest it may take until September 2021 before the largest vaccination program in Canada’s history is complete. Each municipality has a responsibility to care for those most impacted during this time. Our immediate attention turns to the hospital and front-line workers as communities slide into the red zone with lockdowns and governments asking each hospital to have an additional 10-15% surge capacity on standby for the expected increase in Covid-19 cases arriving at emergency centers.

 

The impact of Covid-19 will extend beyond the visible health issues and arrive in your community with an increase in demand at the food bank. Hunger is the canary in the coal mine acting as a lead indicator of social health or social determinants of health (SDoH). Social health will play an active role in who shows up in the medical or justice system in the coming months. You only have to ask your local food bank if demand is increasing and they will describe not only demand but location and demographics of those in need. Families without a job, a place to call home, food, medical assistance, family support, domestic violence, increased substance use and a host of other issues all increase and play a significant role in how whole person care is applied.

 

When social services and medical services work independently, the cost per patient increases and the path to better outcomes extended. Minister of Diversity and Inclusion and Youth Honourable Bardish Chagger who is a science graduate and a believer in using outcomes to help improve programs, participated in our webinar last weekSee the link in this blog.  As discussed in the recent webinar, the federal government is looking for ways to help communities do more with less using an evidence based approach. Data science is one of the keys to delivering better outcomes for less.

 

Data and analytics will help communities across Canada better understand the problem and work together to discover the best approach using the resources at hand. 

 

Infrastructure Canada is offering communities $31 million over the next two years to develop innovative digital platforms that will help those most impacted by Covid-19. Over 200 communities attended last weeks webinar. That is 200 communities ready to create a proposal and submit for approval January 2021.

 

Each community has been somewhat sheltered from the next wave of Covid-19 economic, health and social collateral damage with generous but temporary federal assistance. The economy in many communities has shifted and in some cases permanently to a different business model. 

 

Not everyone will find it easy to pick up where they left off. As Canada begins to build back better, all 3200 communities should be thinking of how they use data to create proactive strategies and shield their constituents from the continuing Covid-19 collateral damage.

 

Let me know if you want to discuss your digital transformation as we build back better with funding using innovative digital solutions. Project submission starts January 2021.    

 

Contact Athena Software for more information!

Share

Municipalities Build Back Better With Whole Person Care

 

 

 

 

 

 

 

 

There is a lot of talk about a Build Back Better approach in our communities during the Covid 19 pandemic.  One strategy that helps address those in need is a Whole Person Care approach using a digital platform to collect and measure outcomes for wrap around programs which can be fully funded under the new Canada Healthy Communities Initiative.

With the arrival of Covid 19, the amount spent on healthcare is increasing in every community. While the amount invested in healthcare is increasing, municipalities are spending up to 25% of their healthcare costs to support non-value add aspects in their healthcare system. Value-based care models help optimize what is spent to get the best outcomes. How do communities do more with less as Covid 19 increases health and economic risk? In the short term we will need to work together with what we have and find ways to get better outcomes for less.

We know that Covid 19 is accelerating value-based healthcare approach in communities. Whole-person care is not far behind.

Whole person care describes a wrap around approach that addresses complete physical health, behavioral health and social wellbeing. Communities that work together as a team to provide care for individuals with poorly managed conditions including diabetes, heart disease, obesity and COPD are better equipped to improve health outcomes for less. Helping to manage care for this population most at risk relies on seamless information exchange, tele-health, care co-ordination and consumer engagement. All of these conditions are closely related to the social determinants of health.

Post acute care including home health, hospice and senior living facilities and human service including community mental health centers, addiction treatment centers and social service agencies in every community need to have the technology and skills to work as equal partners. Every community now has a chance to build back better with whole person care. 

Whole person care gets even better when amplified with data science and analytics that are driven with a prescriptive approach to patient care. To prepare our communities to deliver better outcomes during the pandemic, municipalities need to look at systems that offer interoperability – a framework that supports bidirectional exchange of data across systems and providers of care, a network to network bridge, policy agreements, discrete data and support for client consent and sharing that consent with others.

Consumer engagement with a patient portal makes it easier for hospitals and physicians to work with clients. Automated referrals, tele-health and patient information integration create a public care eco-system that serves the public in Covid 19 times. Building Back Better with the help of funding from the Canada Healthy Community Initiative makes it possible to accelerate the care you need in every community. Let us know if you need help with your digital transformation as you build back better in your community.

 

Learn more: Contact Athena Software

 

Share

Covid 19 – Federal Funding for Municipal Solutions

The Covid 19 pandemic is creating a massive strain on resources in communities across Canada. Human service solutions in education, justice, social and health were never designed to take on this much for so long. Canadian municipalities are making adjustments to accommodate the surge in demand and the ever changing needs of their community. 

 

Some of our communities are now in the red zone creating the need for further restrictions. Federal, provincial and municipal governments are responding with additional funding and co-operation to help reduce the damage and improve the outcomes in less time. 

 

On August 13 2020, The Honourable Catherine McKenna, Minister of Infrastructure and Communities announced the creation of the Canada Healthy Communities Initiative with up to $31 million ($19M 2020-21 & $12M 2021-22) in federal funding to support community-led solutions that respond to immediate and ongoing needs arising from COVID-19 over the next two years.The demands placed on families and individuals by COVID-19 have exposed a real need for low-cost, locally-driven ideas to help communities adapt and thrive. The Canada Healthy Communities Initiative will help breathe life into these small projects that can have a big impact as local governments, Indigenous communities and their non-profit partners rethink public spaces and how they deliver services to people.”

 

While Infrastructure Canada (INFC) is providing the funding, there is another organization yet to be announced that will organize, evaluate and distribute funding based on your proposal. This announcement will be made shortly. Your municipality will be able to submit a Covid 19 related infrastructure proposal that is between $5,000-$250,000. Three focus areas are: digital solutions, improved mobility solutions and safe and vibrant public spaces. 

 

A community project that develops infrastructure -related solutions to address changing community needs through the use of data and connected technologies starts with the ability to understand who is affected, what is being delivered and what needs to be done with priority. Measuring outcomes and sharing this information in a secure way becomes the source of truth for social service, health, justice and education partners that are focused on helping those most affected by Covid 19. Any municipality working to solve these complex and rapidly evolving stress points without a case management solution will have overlapping solutions that cost more than required and fail to see the gaps, reducing the outcomes. When you have time and budget, municipalities will continue to manage human services in a way that offers a path with least resistance. 

 

Covid 19 has exhausted both time and budget. Human services in your community need to work together efficiently. Working to save lives today and preparing for the future depends on it. Athena Software is a Canadian company that has experience working with every level of government in 15 countries around the world helping them find a way to do more with less and get better outcomes. Let me know if you would like to see how this can work for your community. 

Learn more: Athena Software

Share