Request for Proposal: Establishing an Internal Audit Function
This tool serves as a formal invitation from a company to prospective service providers, outlining the company's intention to establish a co-sourced or fully outsourced internal audit function. The RFP details the requirements and expectations for potential bidders, including the need to develop and execute a multiyear internal audit and compliance plan. It specifies the process for submitting proposals, from intent to bid, through proposal review and oral presentations, if necessary, culminating in the selection of the service provider. This document can be used as a general guide to understand the structure and strategy for an RFP with similar intentions.
The document also provides information on the company’s operations, financials and IT environment and outlines areas requiring focused effort such as Sarbanes-Oxley compliance and other high-risk areas. Service providers are expected to demonstrate their experience, resources, methodology, communication strategies, IT auditing capabilities, pricing estimates and value-added contributions specific to company needs. The RFP includes timelines for submission deadlines and highlights the importance of maintaining confidentiality with any provided financial statements. Sections in this tool include:
- Information Technology (IT) Audits
- Internal Audit Team
- Startup Assistance and Communication
- References and Pricing