Solidaridad Independent Internal Auditor

1. Introduction

Solidaridad Network is an international solution-oriented civil society organisation working through seven regional expertise centres to transform markets to make them more sustainable and inclusive. Our eight regional expertise centres include Asia, Eastern and Central Africa, Europe, Latin America, North America, Southern Africa, West Africa and our global Secretariat in the Netherlands. Solidaridad Eastern and Central Africa, one of the regional centres, is headquartered in Nairobi, Kenya, with country offices and programmes in Ethiopia, Kenya, Tanzania and Uganda.

We bring together supply chain players and engage them with innovative solutions to improve production, ensuring the transition to a sustainable and inclusive economy that maximises the benefit for all. We facilitate strengthening of local capacity in developing countries, support the creation of enabling environments for economies to thrive, and improve market access. Solidaridad supports Ethiopia’s transition toward a more inclusive and resilient agricultural sector, addressing key challenges such as climate change, environment, food security and economic instability while focusing on coffee, dairy, fruits and vegetables, leather, cotton and textile value chains.

1. Objective of the Assignment

The objective of the internal audit is to provide independent assurance and advisory services that enhance the effectiveness of Solidaridad’s governance, risk management, and control processes. Specifically, the Internal Auditor will:

• Assess the adequacy, effectiveness, and efficiency of internal controls across all operations and projects.
• Recommend measures to strengthen accountability, ethics, and internal efficiency.
• Evaluate financial and operational processes to ensure transparency, economy, and value for money.
• Review compliance with donor agreements, internal policies, and statutory laws.

1. Scope of Work

The Internal Auditor shall examine and report on the following areas:

1. Internal control and governance:

• Review and appraise the adequacy and effectiveness of Solidaridad’s internal control systems and procedures.
• Evaluate governance processes, accountability mechanisms.
• Assess organisational risk management practices to determine their adequacy, implementation, and effectiveness.
• Develop, review and periodically update the internal audit charter to ensure alignment with International Internal Audit Standards.
• Promote ethical conduct, integrity, and compliance with organisational values.

1. Financial management and accounting:

• Conduct regular, risk-based audits of financial transactions and records to verify accuracy, completeness, and compliance with policies and donor requirements.
• Evaluate internal controls governing cash management, budget monitoring, staff advances, cash payments, and financial reporting processes.
• Assess segregation of duties and authorisation protocols to prevent financial mismanagement.
• Provide independent assurance on the reliability of accounting systems and the quality of financial reporting.

1. Procurement, asset management, and operations:

• Review procurement procedures and transactions for compliance with internal and donor procurement guidelines.
• Assess transparency, fairness, and value for money in supplier selection and contract management.
• Verify the existence, proper tagging, and safeguarding of fixed assets.
• Evaluate operational efficiency and resource utilisation to support effective service delivery.

1. Grants and donor compliance:

• Review the financial management of donor-funded projects for adherence to grant conditions.
• Confirm that expenditures are eligible, adequately supported, and accurately reported in line with donor requirements.
• Assess the timeliness and accuracy of financial liquidations, reporting, and partner fund management.
• Evaluate the implementation of audit recommendations from donor or external reviews.

1. Financial information, technology and systems:

• Assess the reliability, integrity, and timeliness of financial data captured and processed within the systems.
• Review the accuracy and completeness of financial entries and ensure data is regularly updated, validated, and reconciled across relevant modules.
• Evaluate the effectiveness of system-based controls to detect, prevent, and correct errors or irregularities.
• Review controls governing financial management and information systems, including access rights, segregation of roles, and authorisation protocols.
• Review cybersecurity measures, change management, and audit trail functionality to ensure transparency and accountability.
• Assure the overall reliability and integration of digital systems supporting financial, operational, and donor reporting.

1. Governance, compliance and risk oversight:

• Review adherence to internal policies, procedures, and Board directives across all departments and country offices.
• Evaluate compliance with national laws, donor regulations, and regulatory frameworks across operating countries.
• Verify statutory and regulatory compliance, including but not limited to PAYE, NSSF, NHIF, tax filings, and other relevant obligations.
• Review the risk management framework to ensure that strategic, operational, financial, and reputational risks are identified, monitored, and mitigated.
• Provide recommendations for strengthening compliance culture, accountability, and governance processes.

1. Approach and Methodology

The Internal Auditor shall adopt a systematic, disciplined, and risk-based approach to evaluating and improving the effectiveness of Solidaridad’s governance, risk management, and control processes:

• Prepare an annual internal audit plan aligned with Solidaridad’s strategic priorities, key risk areas, and operating context. The plan shall be reviewed by the Financial Controller and approved by the Managing Director.
• Conduct all work in accordance with the International Standards for the Professional Practice of Internal Auditing (IIA Standards) and the IIA Code of Ethics. Maintain independence, objectivity, and confidentiality throughout the engagement.
• Utilise a mix of document review, analytical testing, transaction verification, interviews, and field assessments to validate findings. Apply sampling, data analytics, and trend analysis to detect potential irregularities, inefficiencies, or emerging risks. Ensure periodic review of data entries, system accuracy, and reporting integrity.
• Engage constructively with management. Discuss preliminary findings and recommendations with management to confirm factual accuracy and secure ownership of corrective actions.
• Prepare clear, objective reports that include observations, root cause analysis, and practical recommendations.
• Promote continuous improvement and learning. Provide advisory insights to enhance internal controls, efficiency, and governance maturity.

1. Deliverables
2. Duration
3. Qualifications and Experience

The Internal Auditor shall provide the following outputs according to the agreed annual work plan and reporting cycle:

Reports and Timelines

1. Annual internal audit: Outlines key risk areas, objectives, scope, and timelines for all audit engagements for the year. Serves as the guiding framework for audit implementation
2. Submitted by the end of 31 January: Quarterly internal audit reports (including a presentation) Consolidated reports summarising audit activities, findings, risk assessments, and management responses. Each report categorises recommendations by priority (high, medium, low). Includes a presentation to management. Submitted within 15 working days after the end of each quarter
3. Monthly internal audit briefs/reports: Brief Monthly reports highlighting key findings, exceptions, control weaknesses, and immediate corrective actions were agreed with management. Intended to ensure continuous oversight and timely risk mitigation. Submitted every first week of the subsequent month.
4. Annual consolidated internal audit report: Comprehensive summary of all audit activities, major findings, risk ratings, management responses, and overall assessment of internal control effectiveness. Serves as the end-of-year assurance report to the Managing Director. Submitted by 15 December each year
5. Follow-up reports: Review and verification of implementation status of prior audit recommendations, indicating actions completed, in progress, or pending. Submitted semi-annually - by 30 June and 15 December

The engagement shall run for one (1) year, renewable based on performance. The Auditor will dedicate ten (10) days per month, with flexibility for deeper audits as agreed. The internal audit engagement will commence in January 2026, following contract finalisation.

The Internal Auditor - whether an individual consultant or registered audit firm - must meet the following minimum requirements:

• A duly registered audit or consultancy firm, or an individual holding a valid practising certificate from the Institute of Certified Public Accountants of Kenya (ICPAK) or equivalent recognised body.
• A minimum of ten (10) years of progressive experience in internal auditing, financial management, or risk assurance for international NGOs, development agencies, or donor-funded organisations.
• Proven track record of designing or implementing internal audit frameworks, control systems, and compliance reviews in complex program environments.
• Strong knowledge of International Financial Reporting Standards (IFRS), International Standards for the Professional Practice of Internal Auditing (IIA), and International Public Sector Accounting Standards (IPSAS).
• Familiarity with donor regulations and reporting requirements (including EU, USAID, DANIDA, FCDO/DFID, GIZ, and others).
• Proficiency in the use of data analytics and audit software for testing, trend analysis, and reporting.
• Demonstrated understanding of ICT controls, system audits, and digital finance environments (ERP, QuickBooks, Microsoft Dynamics, etc.)
• Demonstrated experience conducting risk-based audits, governance reviews, and performance audits across multi-country operations.
• Proven reputation for integrity, confidentiality, and professional objectivity in handling sensitive organisational and financial information.
• At least three (3) recent references from similar assignments conducted within the last five years, preferably in the NGO or donor-funded sector.

How to apply

Application process

The interested firms and/or individuals are required to submit an application containing technical and financial proposals separately (same email but different files) by 30 November 2025. All applicants must meet the minimum requirements described above; those who do not will not be considered.

The application must submit two (2) separate documents:

1. Technical proposal (maximum 15 pages, Arial 11, excluding annexes) including:

• A clear understanding of the assignment and proposed approach.
• Work plan and timeline.
• Relevant experience of the consultant, with roles and responsibilities.
• Updated CV(s) of key personnel (maximum 3 pages each).
• Three (3) professional references with full contact details (name, organisation, position, email, and phone).

Provide, as annexures, copies of the valid firm registration certificate, tax compliance certificate, and relevant professional certifications.

1. Financial proposal (maximum 2 pages) detailing:

• Professional fees and any other costs, broken down by activity or deliverable.
• All relevant taxes (e.g., VAT) must be clearly indicated in the proposal, in compliance with national tax regulations.
• All costs should be quoted in Kenya Shillings, and the financial proposal should remain valid for at least 60 days from the date of submission.

Subject reference: “Solidaridad Independent Internal Auditor”

Submissions are by email to: procurement.eca@solidaridadnetwork.org

Note: Canvassing will lead to automatic disqualification. If you do not receive any feedback from us one month after the submission deadline, consider your application unsuccessful.