Hiring a consulting firm to support the Information Systems (IS) Audit Division at Audit Service Sierra Leone(ASSL) to audit Information Systems in selected MDAs(NRA and AGD)

Tel: (+232-76-672-186)

Email: [email protected]

Project Fiduciary Management Unit –PFMU

13 Howe Street

Freetown

Sierra Leone

GOVERNMENT OF SIERRA LEONE

REQUEST FOR EXPRESSIONS OF INTEREST

(CONSULTING SERVICES – FIRM SELECTION)

Sierra Leone

Accountable Governance for Basic Service Delivery Project (AGBSDP)

Grant No.: D8380-SL

Issue date: 23rd April 2025

Assignment Title: Hiring a consulting firm to support the Information Systems (IS) Audit Division at Audit Service Sierra Leone (ASSL) to audit Information Systems in selected MDAs (NRA and AGD)

Reference No.: SL-MOF-484836-CS-CQS

The Government of Sierra Leone has received financing from the World Bank toward the cost of the Accountable Governance for Basic Service Delivery Project (AGBSDP) and intends to apply part of the proceeds for consulting services.

Objective of Activity

The primary objective of this engagement is to enhance the IT audit capabilities of ASSL by conducting the audit jointly with the selected firm. The firm will work as part of the ASSL audit team, providing technical guidance, methodology, and hands-on training throughout the audit process. This approach aligns with the mandate and powers of the Office of the Auditor General and ensures sustainable capacity building within ASSL.

The principal objectives of the assignment are to:

• Offer technical assistance and expert advice and improve capacity-building support of information audits on IS audit;

• Provide coaching and mentoring for staff to undertake IS audit engagements;

• Review the current IS audit practices and documentation at ASSL to ascertain whether it fits the key requirement of the global IS audit standards;

Scope of Assignment and Services

The activities to be carried out by the firm include:

• Audit performance and reporting

• Execute IT audit procedures jointly with ASSL audit staff, ensuring knowledge transfer through hands-on-involvement.

• Location

• The firm will be stationed in the ASSL office, and the assignment will be primarily conducted in Freetown.

• Any other related duties as may be assigned by the Auditor-General.

OUTPUTS/DELIVERABLES

Phase 1: Inception and Planning

• Conduct an initial skills assessment survey to gauge current capacity levels in IS auditing.

• Develop a general IS risk register

Phase 2: Capacity Building and Training

• Roll out customized training for staff based on identified priority areas such as risk assessment, data analytics, and audit tools.

• A jointly conducted IT audit, with ASSL team members actively involved in the planning phase.

• Execute IT audit procedures jointly with ASSL audit staff, ensuring knowledge transfer through hands-on involvement.

• Provide training and mentorship to ASSL staff, integrating best practices in IT audit methodologies.

• Assist in risk assessment, audit planning, data analysis, and reporting while ensuring ASSL team members actively participate.

• Support the development of IT audit frameworks, tools, and documentation tailored to ASSL’s operational needs.

• Develop staff capabilities to apply an advanced understanding of complex information systems

• Audit evidence-collection techniques

• Audit sample methodology

• Update the course materials developed based on feedback received from the training course.

• Develop staff capabilities on the audit of databases (for example, MSSQL & Oracle)

Phase 3: Execution and Reporting

• Jointly conduct two IS audits of ITAS and IFMIS with ASSL auditors, applying lessons from prior phases.

• A jointly conducted IT audit, with ASSL team members actively involved in the execution and reporting phases.

• Ensure feedback loops to refine the training approach and audit processes.

• Develop a structured training kit that ASSL can use post-assignment for internal capacity-building sessions.

• An end-of-Firm report summarizing progress and achievements and providing locally implementable recommendations for the continuation of the development of the Information Systems Audit Division.

Duration of the Assignment

The assignment is expected to be undertaken within 130 days from contract signature

The Project now invites eligible Consulting firms to indicate their interest in providing the Services. Interested Consulting firms should provide information demonstrating that they have the required qualifications and relevant experience to perform the Services.

Qualification and Experience of the Firm and Key Experts

Firm qualification

The firm is expected to possess and submit the following key qualifications:

• The firm’s core business must be in Information Systems, Auditing, and relevant field

• Profile indicating its leadership and management capacity with detailed information on why the firm is suitable and qualified for this assignment.

Firm Experience

The firm is expected to possess and submit the following key competencies:

• Experience in conducting Information Systems Audits, including in public sector institutions, financial institutions, or other highly regulated industries

• Proven track record of undertaking IT audits of Government Integrated Financial Management Information Systems (IFMIS) at an international or regional level.

• Experience in conducting IT audits of Integrated Tax Administration Systems (ITAS) or similar platforms at an international or regional level.

• Must have at least 10 years of experience in providing IS audit engagement assignments.

• Experience in providing technical assistance and projects to a country with a similar level of development, preferably in public sector institutions.

• Provide references for two completed IS audit and capacity-building projects in the last five years

Personnel:

The suggested minimum of four (4) personnel starting with experience in the respective/relevant field:

• Team Lead: A qualified IS Auditor with relevant professional certifications, such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), etc. A holder of a professional audit/accountancy qualification (ACCA, CPA, CIMA, etc.) will be an added advantage. At least 7 years of experience in IS auditing, including expertise in capacity building and training.

• Team member 1: master’s degree in Finance/Accounting/OR Computer Science, with a minimum of 5 years’ experience in IS auditing.

• Team member 2: a minimum of 4 years of experience in auditing databases such as MSSQL, MySQL, and, Oracle etc. Knowledge of the public sector IT environment will be an added advantage.

• Team member 3: A degree in Human Resource, business administration or other related field of studies with a minimum of 5 years of experience in developing training materials and delivering IS Audit training.

This REoI will lead to the preparation of Short list of Consulting firms

The attention of interested CSO’s is drawn to Section III, paragraphs, 3.14, 3.16, and 3.17 of the World Bank’s “Procurement Regulations for IPF Borrowers” July 2016 Revised November 2017, August 2018, November 2020, September 2023 and February 2025 (“Procurement Regulations”), setting forth the World Bank’s policy on conflict of interest. The Consultant will be selected in accordance with Consultant Qualification Selection (CQS) method set out in the Consultant Guidelines.

Further information can be obtained at the address below or via email request to [email protected] during office hours 0900 to 1700 hours

Expressions of interest can be delivered in a written form to the address below (in person)

Project Management Unit

3rd & 4th Floor (Sierra Leone Commercial Bank Building)

35 Liverpool Street

Freetown

Attn: Head of Procurement

OR

Electronically by e-mail to: [email protected]

When submitting, please indicate clearly in the sealed envelope or email subject heading 'EOI IS AUDIT-ASSL.’

SUBMISSION DEADLINE is 8th May 2025.