- Background information
The African Regional Intellectual Property Organization (ARIPO) is an Intergovernmental Organization created in 1976 under the Lusaka Agreement concluded under the auspices of the United National Economic Commission for Africa (ECA) and the World Intellectual Property Organization (WIPO). Membership in the Organization is open to all African Union members (AU) states. Presently, members of the Organization include Botswana, Cape Verde, The Kingdom of Eswatini, The Gambia, Ghana, Kenya, The Kingdom of Lesotho, Liberia, Malawi, Mauritius, Mozambique, Namibia, Rwanda, Sao Tome and Principe, Seychelles, Sierra Leone, Somalia, Sudan, Uganda, United Republic of Tanzania, Zambia, and Zimbabwe. (Total: 22 states).
In line with the requirements of its Risk Management Policy, ARIPO seeks to appoint a duly qualified service provider to provide risk management support in facilitating its annual risk assessment process.
- Objective of the assignment
This bid aims to appoint a suitably qualified and experienced service provider to provide risk management services to ARIPO. The primary objectives of the service required are as follows:
- To ensure that the Audit Committee, Administrative Council and Management are equipped with relevant information to be able to discharge their responsibilities efficiently and effectively.
- To ensure that strategic, operational, and fraud risks that can impede ARIPO from achieving its strategic objectives efficiently and economically are identified and assessed in line with ARIPO Risk Management policy and methodology.
- To ensure that uncertainties and untapped opportunities that affect the Organization’s strategy and strategy execution are explored.
- To develop the ARIPO risk appetite and tolerance levels/statement with Audit Committee and Administrative Council through the Internal Audit in line with the best business practice and norms.
- To assess the Organization’s risk maturity level and make recommendations for the improvement plan.
- To review and update ARIPO Risk Management policy in conjunction with Internal Audit.
- Scope of work and deliverables
The successful service provider will provide risk management services to ARIPO. The service provider will be expected to deliver, amongst others, the following key requirements:
| Scope of Work | Deliverables |
| 3.1. Conduct risk introductory awareness training for participants
| Participants pack for each attendee to be circulated before the actual date of the risk assessment workshop. |
| 3.2. Facilitate and report on Strategic (1) Risk Assessment | Produce a complete, accurate and valid Strategic Risk Assessment Report and Risk Profile. |
| 3.3. Facilitate and report on Operational Risk Assessment (the operational risk assessments for all the divisions/departments) | Produce complete, accurate and valid Operational Risk Assessment Report and Risk Profile. |
| 3.4. Facilitate and report on Fraud (1) Risk Assessment | Produce complete, accurate and valid Fraud Risk Assessment Report and Risk Profile. |
3.5. Facilitate the development and update of the ARIPO’s risk appetite and tolerance levels by:
| Produce a risk appetite and tolerance levels report. |
| 3.6. Conduct assessment status of the current Enterprise Risk Management (ERM) maturity levels of the organisation and recommend improvement plan; | Produce a Risk Management Maturity Assessment report with key findings, areas of improvement and recommendations. Formulate a three (3) year risk Maturity Improvement Plan based on the risk maturity assessment outcomes. |
| 3.7. Review and update the overall organisational risk management policy and strategy, including appropriate tools and techniques for identifying, assessing, and responding to risks. | Revised and updated risk management policy and strategy. |
4. Reporting Requirements
The service provider shall report to the Director General through the Head of Internal Audit. The Head of Internal Audit shall be the contact person for ARIPO.
- Duration of the Assignment
The assignment is tentatively set to start on 14 October 2022 and should be completed by 31 December 2022.
- Required Technical Expertise
For undertaking the assignment, the consultant should:
- Be a risk management expert.
- Demonstrate a track record of similar assignments in the Public Sector or related institutions, with at least five (5) years’ experience.
- Provide the qualifications, experience, and professional competencies in Enterprise Risk Management of the lead consultant/partner and team members to be used to provide the service.
- Provide a detailed explanation of the methodology and project implementation plan, which details how the service will be carried out as outlined in the scope. The project plan must have deliverables and timeframes.
- Evidence of infrastructure capacity availability, if any (e.g., ERM software-risk rating tools).
- Demonstrate adequate understanding and knowledge in facilitating ERM training and awareness.
- Provide contactable positive references from clients where projects were executed in a similar nature.
- Assessment Criteria
Proposals will be assessed based on the following criteria:
- Understanding of the scope of work
- Methodology for undertaking the assignment
- Evidence of undertaking similar work for large-scale organizations
- Qualifications and experience of the consultant and the team who will be working on the project
- Consultancy fees
- Submission of Proposals
Interested risk management consultants who are eligible are invited to submit their proposals detailing capabilities, experience, and a list of completed and ongoing similar projects on or before Monday, 26 September 2022, before 1100 hours. No late submissions will be accepted. Proposals clearly marked “ATIN:2022/08/RISK-MAN-SERVICES/09” should be addressed to:
The Director General
African Regional Intellectual Property Organization (ARIPO)
11 Natal Road, Belgravia
P O Box 4228
Harare, Zimbabwe
E-mail: procurement@aripo.org