Expression of Interest: IT Assurance and Advisory Services (deadline: May 30)

What we are seeking:

The CGIAR System Internal Audit Function (IAF) is seeking the services of individual consultants to provide technical assistance for its planned 2022 assurance and advisory engagements:

1. Key IT controls review
2. Quarterly assessment of management actions to mitigate IT security risks
3. Up-front advice on project management of the Performance and Results Management System (PRMS) and the Global Information Business System (GIBS) design and implementation

CGIAR System Internal Audit will lead the engagement planning, gathering the required engagement information, including preparing and issuing the engagement’s terms of reference to the stakeholders. They will also be present at all meetings (e.g., start-up, status-update, and exit meetings) and are responsible for report (draft and final) circulation. Together with the CGIAR’s Independent Evaluation function under CGIAR Advisory Services (CAS), CGIAR Internal Audit collaborates to provide combined assurance on the design and implementation of the PRMS and PRMS products. We detailed the individual consultants’ roles and responsibilities on page 3.

The nature, timing, and extent of the review of PRMS and GIBS implementation projects will be to identify and assess risk and provide advice or recommendations for management focus.

Overview

1. The increasing adoption of IT solutions to automate business processes and controls causes an increased focus on the effective operation of controls around IT assets and services. The CGIAR Digital Services group periodically conducts IT control self-assessments, with the last assessment conducted in 2019. CGIAR Internal Audit review seeks to confirm the existence, adequacy, and effectiveness of the key IT controls at each CGIAR entity.
2. The CGIAR Digital Services group maintains an action tracker used for logging security-related recommendations and monitoring the extent of their resolution at respective CGIAR Centers. CGIAR Internal Audit seeks to provide continuous assurance on the timely installation of cross-cutting security measures recommended and detailed in the One CGIAR Security Improvement Plan that was commissioned in February 2022.
3. In 2020, CGIAR embarked on an ambitious reformulation of its partnerships, knowledge, assets, and global presence to support the UN’s Sustainable Development Goals: One CGIAR. The aim is to have greater integration by all CGIAR Centers to face the interdependent challenges facing today’s world through unified governance, institutional convergence, more and better funding, aligned mission, and transformative research programs. In 2019, the CGIAR System Council approved the Performance Results & Monitoring Framework 2022-2030 (PRMF). In 2022, CGIAR’s Strategic Impact, Monitoring, and Evaluation Committee (SIMEC) endorsed a Task Team to propose a set of standard reporting parameters that measure achievement against the Performance Results Management Framework (PRMF) and planned results of its various Research Initiatives. The PRMS, a mechanism to deliver on PRMF, aims to integrate management information from various systems to enable planning, monitoring and evaluation, and reporting on CGIAR’s various Research Initiatives’ progress. In collaboration with Accenture, CGIAR System Organisation conducted a fit-for-purpose assessment of its current PRMS. The assessment’s key conclusions indicated the need for integrated business applications, standard data model/definitions, and standardized data definitions to improve interoperability. Internal Audit seeks to engage with management as the new PRMS is being designed and implemented, to provide up-front advice and input.

The institutional convergence within One CGIAR includes some aspects of harmonization of CGIAR’s policies and internal business services in Human Resources, Information Technology, Finance, Procurement, Communications and Resource Mobilization. One CGIAR leadership envisions a standard Enterprise Resource Planning (ERP) System for core functions of Finance, Procurement, and Human Resources (i.e., GIBS). Internal Audit’s involvement in this endeavor is to provide up-front input and advice.

See full Expression of Interest

Deliverables and timeline:

Qualified consultants will be placed on the roster for one year with a potential for two additional renewal years.  Work assigned to roster-based consultants will not exceed 180 days a year and will be contracted through the CGIAR System Organization based in Montpellier, France.  There is no guarantee of work for consultants placed on the roster.

1^st Engagement  – See Annex 1 for Terms of Reference

Role Description

See full Expression of Interest

How to submit an expression of interest

Please submit the following as separate documents:

• A brief statement of no more than two (2) pages of text identifying the category/ workstream of interest and highlighting three (2) examples of similar type of service(s) offered before.
• A CV including two (2) references (no more than two pages)
• Daily rate in USD. These rates will be applied for the full 12 months that the consultant is on the roster (rates can be renegotiated if the roster membership is extended).

Please submit documents to smo-bidding@cgiar.org with the subject line “EOI_IT Assurance and Advisory Services.”

Expressions of Interest (EOIs) will be reviewed and included in the roster on a rolling basis through the stated deadline. Only electronically submitted proposals will be considered. Only short-listed candidates will be contacted. Please note: these consultancies are not designed for work of a continuing nature, or to lead to a staff position and as such, there should be no expectation of continued employment at the end of the contract.

All EOIs must be received no later than May 30, 2022. Only electronically submitted proposals will be considered. Late proposals will not be considered.