Scope of Work (SOW) for Annual Audit

Audit Period: July 1, 2024 – June 30, 2025

1. Introduction

This Scope of Work outlines the Annual audit engagement to be conducted for the Non-Profit Organization “Institute of Informatics and Development”. The Annual audit will assess the adequacy, effectiveness, and efficiency of internal controls, risk management practices, and governance processes, with a particular focus on compliance, financial stewardship, and operational effectiveness.

2. Objectives

The objectives of the Annual audit are to:

  • Review the effectiveness of internal controls over financial reporting, procurement, grants, and general operations.
  • Assess compliance with applicable laws, regulations, donor requirements, and internal policies.
  • Review the reliability and integrity of financial and operational information.
  • Promote accountability, transparency, and the efficient use of resources.

3. Scope of Review

The Annual audit will cover the following areas, subject to the final agreed-upon audit plan:

3.1. Governance and Oversight

  • Review of board governance, roles, responsibilities, and oversight practices.
  • Assessment of risk management frameworks and strategic planning processes.

3.2. Financial Management and Accounting System

  • Review of accounting records, budgeting processes, financial planning, and variance analysis.
  • Examination of cash management, banking practices, and investment procedures.
  • Assessment of internal controls over accounting, reporting, and record-keeping.
  • Review of reconciliation processes (bank, petty cash, accounts receivable/payable).

3.3. Revenue and Fund Management

  • Assessment of donor fund management, grant compliance, and restricted/unrestricted fund usage.
  • Review of fundraising practices, documentation, and reconciliation of donations and grants.

3.4. Procurement and Asset Management

  • Evaluation of procurement policies, supplier selection, and contract management.
  • Review of expense approvals, invoice processing, and payment controls.
  • Physical verification and reconciliation of fixed assets and inventory records

3.5. Human Resources and Payroll

  • Examination of payroll procedures, timesheet verification, and benefits administration.
  • Review of HR policies, hiring practices, and personnel file documentation.

3.6. Operational and Administrative Controls

  • Review of administrative expenditures, travel, and event-related expenses.
  • Assessment of documentation, approvals, and expense controls.
  • Evaluation of the general internal control environment and segregation of duties.

3.7. Compliance and Regulatory Adherence

  • Assessment of compliance with local laws, tax regulations, and donor requirements.
  • Review of documentation for statutory filings and reporting obligations.

3.7. Information Technology and Data Security

  • High-level review of IT controls related to financial and donor data.
  • Assessment of data backup, access controls, and cybersecurity policies.

4. Methodology

The audit will follow professional Annual audit standards, including those set by the Institute of AnnualAuditors (IIA). The process will include:

  • Preliminary meetings with key personnel and management.
  • Review of policies, procedures, and internal documentation.
  • Sampling of financial and operational transactions for testing.
  • Interviews with staff, management, and board members as needed.
  • Presentation of preliminary findings for management feedback.
  • Issuance of a formal Annual Audit Report with findings and recommendations.

5. Deliverables

  • Audit Plan: A risk-based audit plan customized to the Organization’s structure and operations.
  • Interim Updates: Periodic progress reports during the audit phase.
  • Annual Audit Report: A comprehensive report detailing findings, risk ratings, and actionable recommendations.
  • Management Response Matrix: Documented responses and action plans from management for each recommendation.
  • Executive Summary Presentation: Summary report presented to the Board or Audit Committee.

6. Timeline

The audit is expected to be conducted over six weeks, commencing on September 1, 2025, and concluding with final reporting by October 15, 2025.

7. Roles and Responsibilities

  • Audit Firm/Annual Auditor: To conduct the audit independently and objectively following professional standards.
  • Management: To provide access to relevant documentation and staff, and to support the audit process.
  • Board/Audit Committee: To provide oversight and receive the final audit report.

8. Confidentiality

All information obtained during the audit should be treated as confidential and used solely for the Annual Audit. The auditor will sign a confidentiality agreement before commencement.

9. Proposal Submission:

Interested audit firms are invited to submit their technical and financial proposals for the Annual audit engagement outlined in this Scope of Work. Proposals must be submitted no later than 11:59 AM (Bangladesh Time) on 20th August 2025.

All proposals should be submitted via the bdjobs.com and emailed to hr@iid.dev. Submissions should include:

  • A brief company profile
  • Relevant experience with similar organizations
  • Proposed methodology and audit plan
  • Timeline and work plan
  • Financial proposal including fee structure

For any queries or clarifications regarding this engagement, please contact:
Md. Rabiul Islam
Sr. Assistant Director – HR & Admin
Institute of Informatics and Development (IID)
Phone: 01681137069

Late or incomplete submissions will not be considered. IID reserves the right to accept or reject any proposal without assigning any reason.