Purpose
Our primary purpose is to identify strategic recommendations that add value and improve CGIAR System-wide operations, achievable only by reason that the Internal Audit Function arrangements take a cross- System view. Due to our System focused mandate, we do not deliver Center-specific internal audit assurance or advisory engagements however we work closely with the CGIAR Internal Audit Community for coordination purposes as well as the Risk Management function.
How does Internal Audit Function work?
Internal Audit Function works in line with the professional practices as defined by The Institute of Internal Auditors. Independence is essential to the effectiveness of internal auditing in order to ensure that unbiased opinion and impartial advice are given to CGIAR management and governing bodies. To support this, IAF reports to the System Board through its Audit and Risk Committee (ARC).
IAF works according to an annual internal audit plan, which is endorsed by ARC and approved by the System Board with input from the Assurance Oversight Committee of the System Council. This risk-based plan identifies assurance and advisory engagements for the year, which are considered to be priority areas for independent assessment. The annual plan is a dynamic tool revised frequently to reflect changing risk environment in close collaboration with the Internal Audit Community within CGIAR.
Planning for an engagement
- Relevant stakeholders are notified of an engagement in advance.
- Then preliminary work starts i.e. analyzing all the relevant information and discussing the subject with the responsible staff in order to determine specific areas of focus.
- Terms of Reference outlining the objectives, scope and methodology for the engagement are then developed and shared with relevant stakeholders (see the diagram below).
How
- Interviews are a common method used for almost all types of engagements as well as surveys, tests, process walk troughs and document reviews to understand systems and processes under review.
Reporting
- The observations and recommendations for improvements are reflected in a draft engagement report.
- The draft report is then shared with relevant stakeholders for the verification of the stated facts and for comments on the conclusions and recommendations.
- An action plan for the implementation of recommendations is included with each report, and a periodical follow up is made on the progress towards the implementation of the agreed actions.
- The report is then shared with a wider set of stakeholders within CGIAR as indicated in the diagram below.
