June 11, 2026 · Ohio Retirement Study Council · 1,090 words · 7 speakers · 40 segments
Surrey Audit Subcommittee, meeting now is in order. Director, would you call the roll?
Mr. Chairman.
Yes.
Representative Brennan.
Here.
Senator Romanchuk.
Here.
Director Stenzred.
Here.
Mr. Wilson for the AG.
You have a quorum, sir. Great. Thank you. Since we have no minutes to approve, since there was no minutes from the last meeting, we can move on to discussion and vote of the proposed RFP. So before you this morning is ORSC Standard Fudiciary Audit RFP with a few recommended changes. So I thought we'd go over those first, and then we'd open up for questions. First, most of you know ORSC staff have had some trouble in the past verifying references, so the proposed changes on page 13 are to indicate that we place great value on references, in this process, and so similarly, the proposed changes to the scoring on 14 and 15 should also help yield a better result. Secondly, on page 15, you'll find new language suggested by the AG's office clarifying the ORC's rights obtained and used information from outside sources. Just an editorial comment when I talked to the director, you know, routinely when we do school reviews and RFPs and even interviews and looking for staff, we always expand it beyond what is given to us. So this allows the ORC staff to look at anything that they view to be necessary to evaluating the RFP. So those are the changes
that are in Do we have any questions particularly Mr Chairman Yes Representative Brennan Thanks I guess it would be directed to the director So given the increasing cybersecurity threats that we're seeing in public institutions around really the nation, will the audit include penetration testing and independent cybersecurity assessments?
I don't know that I saw anything specific to that in the audit. I do not recall seeing anything specific on that in the audit materials. However, that is something that we do independently on a regular basis. So we just did a penetration test cyber tabletop exercise. Then that's something that's independent. But it's probably also something that will be assessed by the fiduciary auditor in terms of whether or not we are being diligent in that activity.
activity. Thank you. Follow-up? Before I do a follow-up, I just want to say,
does anything you want to add to that, Jeff? Just really briefly, yeah, to agree with Director Sonsrud. So the audit, the fiduciary audit, will look at the process. So there is a specific IT operations component of the RFP. And so that would, they will look at a number of factors and see what types of things that they are asking for and what is a lagging practice or a leading practice. So that would be part of the process.
Follow up? Yep, thanks. On a different tack. And again, you probably do this regularly as well, but I don't I don't know that I've heard much about it. Will member satisfaction surveys and stakeholder interviews be incorporated into the review process?
To the chairman, representative, I expect that the auditor will probably look at things like that and again we do that sort of thing on a regular basis so that information will be available to the auditor And another one if I may
Yes, please. Thanks. You know, when we would do audits on city council, performance audits primarily, the hope was that it would identify cost savings that would ultimately not only cover the cost of the audit, but lead to even more cost savings. We did one of these, I think, 10 years ago. I think it's every 10 years by statute. Do you believe that the last audit led to more efficiencies and ultimately made the system whole based on the cost of the audit? And I know we don't have a crystal ball, but do you anticipate that happening this time?
Through the Chairman, Mr. Representative, I think the answer to the question is yes. Last time around, the auditors did identify some things that they recommended that we take a look at, that we make some adjustments to. I'll give you one example was that suggestion that we reduce our footprint, physical footprint in the building that we own and do business in. And that is something that we have done. We have reduced the SERS footprint and expanded the leasable space. so in doing so have increased the revenue and the income that is generated from our building. So I would expect there probably would be something similar in the way of recommendations that have potential beneficial physical impact.
Okay, that's good to know. And one final question, if I may? Yes, please. Thank you. You know, in reading the Ohio Revised Code requirement for the audit, it doesn't indicate that it has to be done by a private firm. So I'm wondering if there are any public outfits or maybe even the state auditor would they be eligible to put in an RFP for or a proposal to complete the audit for us
Yeah, Senator Brennan, Representative Brennan, I believe the director can answer.
Okay, thanks. Mr. Chairman, Representative Brennan, no. So the state auditor actually conducts the annual audits. They hire firms to do that. they are not equipped to do a fiduciary performance audit of, they might be able to do highway patrol, but not of the other four systems.
Gotcha.
A fiduciary performance audit is going to look at how a system functions.
Yeah.
So how does your IT function? If your building collapses, sorry, but how are the retirees going to get their checks? Do you have a lot of staff turnover? Are you following legal capabilities? So you're pulling in IT professionals. You're pulling in. It's a different sort of audit. It isn't financial in any sort of way.
That's helpful. Yep. Thanks. Thanks.
All right. Thank you. Senator Romacek, do you have any questions?
No questions.
No questions then. All right. So I move we favorably recommend then the RFP to the full council. Do we have a second?
Second.
Okay, Representative Brennan seconds. Any further comments? All right, Director, call the roll.
Mr. Chairman.
It's you.
Yes.
Representative Brennan.
Yes.
Senator Romanchuk.
Yes.
Motion carries. All right, you can tell a rookie was running this meeting today. All right, hearing no further business to come before the subcommittee, the next meeting will be at the call of the chair, which apparently is me. That's true. All right. We are adjourned.