June 22, 2023

GRF-How INGOs Can Maximize Their Internal Audit FunctionInternational Non-governmental Organizations (INGOs) are particularly vulnerable to fraudulent activity due to their multinational offices and dependence on remote access technologies. These geographically dispersed organizations need to get the full benefit of their internal audit function, where most fraud can be detected or prevented.

This was a prevailing issue at a recent Humentum CEO Roundtable discussion, where the GRF’s Risk & Advisory services team shared fraud prevention best-practices with C-Suite Executives from INGOs worldwide.

To instill a sense of importance regarding internal audit among staff and gain buy-in from process owners, GRF shared the following strategies:

Communicate the importance of Internal Audits

Effective communication is crucial. Leaders within the organization should show a commitment to the process and clearly convey the significance of audits and assessments to the process owners involved. Help staff to recognize the value of these assessments by stressing that there will be opportunities to address risks and identify strategic process enhancements.

Involve Impacted Staff

Engaging local or impacted staff in the planning process fosters a sense of ownership and empowers them to contribute to risk identification and mitigation. Include them in discussing their top risks, areas where they require assistance, and what they hope to gain from the assessment.

Pay Attention to Terminology

Adapting the terminology used to refer to the audits can enhance staff buy-in and comfort with the procedures. Depending on the purpose and scope of the activity, internal audits can be referred to as Risk Reviews, Operational Assessments, or Capacity Building Exercises. It is important to note that formal internal audits, which are compliance-focused, may require the use of specific terminology and should not be altered.

Be Collaborative in Reporting

Incorporating a collaborative approach to reporting allows process owners and related stakeholders to review draft findings, observations, and recommendations before the final report is released. This facilitates their ability to provide feedback, assess the feasibility of recommendations, and address potentially inaccurate findings. Furthermore, highlighting positive attributes and strengths within the audited office, process, or control can encourage cross-training opportunities and facilitate the implementation of successful procedures across the organization.

GRF Can Help

If you need help getting the most out of your internal audit function, our certified professionals provide risk-based internal audit solutions across all aspects of operations for domestic and international organizations. We can help prioritize and assess key processes to identify vulnerabilities, enhancements, opportunities for automation, and best practice recommendations.

For any additional questions, feel free to contact the GRF team that led the discussion:


Senior Manager, Risk & Advisory Services

Kristen Ocampo, CPA, CIA, CFE

Kristen Ocampo, CPA, CIA, CFE

Risk & Advisory Services Supervisor