Office of the Inspector General

Audit of Risk Management Processes

16 May 2017

OIG auditors found that risk management at the Global Fund has improved considerably over the past decade. A risk management policy and framework were approved by the Board, roles and responsibilities for the Board and its committees have been clarified, a Risk Management Department is growing, and committees have been set up to oversee both enterprise and operational risks. However, they also found that risk appetite needs to be better articulated and operationalized in the organization. In its absence, there are diverging understandings of what are acceptable risks for the Global Fund, leading to inconsistent responses when risks materialize.

The Global Fund operates in over 100 countries including some of the world’s most challenging environments. Strong risk management at all levels is therefore critical for the Global Fund to succeed in its mission to end the three epidemics. These risks include, for example, financial risks such as losses from foreign exchange exposure, programmatic risks such as the threat of increasing drug resistance to tuberculosis, malaria and HIV and reputational risks such as poor governance that can inflict institutional harm.

The OIG found that that the overall governance, oversight and accountability of risks “need significant improvements”. Although risk roles have been defined, related accountabilities are not yet clearly documented. Lack of accountability limits ownership for risk-related decisions and compliance, making embedding a risk management culture more difficult. Furthermore, there is currently no key performance indicator to measure progress on risk management.

The OIG auditors also rated the effectiveness of the Secretariat risk management framework and processes as “needing significant improvements”. There is a need for more structured analysis to identify key risks, assess their impact, prioritize mitigating actions and monitor their effectiveness. For example, in 2016, the Secretariat put in place a pilot project for mapping and improving risk mitigation and assurance in six countries. However, despite apparent mismatches between the identified portfolio risks and Global Fund investments in assurance, no adjustments were made to align them in any of the pilot countries. Another example is the use of the primary measurement of aggregate risks in Global Fund grants, the Portfolio Risk Index. Although the index represents a positive effort to measure and report on risks, it has significant limitations. Its coverage of the portfolio is low with only 20 countries used in the analysis for 2016 and all risk categories are treated equally in calculations, regardless of their significance for the portfolio.

Finally, the OIG concluded that the overall risk management environment and culture of the Global Fund need significant improvement. Besides the impact of issues above on risk culture, there are no incentives to enforce a strong risk culture, leading to different staff attitudes towards risk as demonstrated, for example, by low compliance with the Secretariat main tool to assess and track risks at the grant level called the QUART.

In addition to ongoing work on an accountability framework and integrating risk tools, the Secretariat is putting in place measures to address the issues noted by the OIG audit including: a paper to be presented to the Board recommending risk appetite for the key risks to delivering the Global Fund 2017-2022 strategy; an enhanced framework to provide holistic measurement and reporting of risk management performance to the Board and senior management; and a process to align assurance plans with prioritized risks in a selection of countries.

  • Global Fund Risk Management Processes (GF-OIG-17-010 - 16 May 2017)
    download in English | Français

For more information:

Thomas Fitzsimons
Mobile: + 41 (0)79 412 1461


The Office of the Inspector General safeguards the assets, investments, reputation and sustainability of the Global Fund by ensuring that it takes the right action to defeat AIDS, tuberculosis and malaria. Through audits, investigations and consultancy work, it promotes good practice, reduces risk and reports fully and transparently on abuse.

Established in 2005, the Office of the Inspector General is an independent yet integral part of the Global Fund. It is accountable to the Board through its Audit and Ethics Committee and serves the interests of all Global Fund stakeholders. Its work conforms to the International Standards for the Professional Practice of Internal Auditing and the Uniform Guidelines for Investigations of the Conference of International Investigators.

The Global Fund believes that every dollar counts and has zero tolerance for fraud, corruption and waste. Through its whistle-blowing channels, the Office of the Inspector General encourages all to speak out to report fraud, abuse and human rights violations that prevent Global Fund resources from reaching those who need them.