Request for Proposal

Governance Risk and Control (GRC): What is it? How is it different than Enterprise Risk Management (ERM)?

The Institute of Internal Auditors Research Foundation (IIARF) is the global leader in sponsoring, disseminating, and promoting research and knowledge resources to enhance the development and effectiveness of the internal audit profession. The IIARF continually monitors demands by members and stakeholders of the professional to ensure they are receiving relevant and timely information. This document outlines a topic of interest to The IIARF. Proposals should present the approach you would take to meet the requirements as stated in this Request for Proposal. Proposals should not exceed five pages exclusive of the appendices described below, and should contain the following basic elements: 1. Identification of the Priority Topic for which proposal is submitted. 2. A one-paragraph abstract, summarizing the research question, the method to be used and how it will benefit the internal audit profession. 3. Project description including: a. A statement of the research issue/question being addressed and how it relates to the internal auditing profession; b. A description of previous research, if any, and how your project adds to the previous work; c. A statement of research hypotheses being tested, if applicable; d. A statement of the research method that will be used; e. A statement of the expected results and benefits to the internal audit profession; f. A statement of the expected publication output(s) from the project, (e.g., practitioner article, monograph, scholarly journal article, book, etc.); g. Itemized timeline and budget, including budget rationale. h. Identification of proposed members of the research team including a brief description of their role. i. Appendices: i. An appendix containing proposed interview questions/guidelines, and survey or experimental instruments, if applicable. ii. Curriculum vitae (CV) for each researcher (3 pages maximum) iii. Previous researcher affiliation with The IIA (previous research or educational products produced, volunteer participation, chapter officer, etc.) Return your proposal as a Microsoft Word document via e-mail to When this completed document is returned to us, we will begin our review process which normally lasts 4-6 weeks, but may take longer.

If additional information is needed, please contact The IIA Research Foundation: Tel: +1-407-937-1356 E-mail:
Page | 1

Page | 2 . or “generally accepted. The Research Foundation is seeking an applied research report. The common. and advance the global profession. Target Audience The target audience for this report is chief audit executives. ERM function(s). The research will address the following questions: 1. Proposals with a global scope are encouraged and will receive preferred review status. The participation of internal audit practitioner(s) on the research team will be a plus. What are the common elements of GRC frameworks globally? What are the variations? What is internal auditing’s role? 2.Request for Proposal TOPIC INFORMATION Priority Topic Topic Description Governance Risk and Control (GRC): What is it? How is it different than Enterprise Risk Management (ERM)? GRC and ERM are “hot topics” since the enactment of Sarbanes-Oxley in 2002 and the roll-out of the Committee of Sponsoring Organizations of the Treadway Committee (COSO) ERM framework. But different organizations (and professional associations) have defined and implemented GRC and ERM differently. What are the common elements of ERM frameworks globally? What are the variations? What is internal auditing’s role? Product Type Purpose and Objectives Content Guidelines The IIA Research Foundation (IIARF) aims to expand knowledge and the practice of internal auditing by providing relevant research and educational products that help us to understand. based on survey (40-80 pages) The purpose of this study is to assist enterprise oversight function(s) and internal auditing in defining and clarifying the state of their GRC and/or ERM implementation.” components of GRC and ERM need to be identified and put in context relative to each other. shape. and board-level committee(s). GRC function(s).

and/or The IIARF web site. etc.Request for Proposal Timeframe Deliverables Six to nine months. May be 10-20 slides for use at meetings.(researcher discretion) [X] A PowerPoint presentation summarizing the major findings and conclusions of the research. What GRC Could Mean to Your Organization. August 2010 References Page | 3 . other IIA publications. Tone at the Top. [X] An article suitable for Internal Auditor. conferences. [X] The primary deliverable is an applied research report of 40 to 80 pages. [ ] An academic article. The Institute of Internal Auditors. The research will begin immediately upon approval of contract.