Request for Proposal: Consultancy Services for Enterprise Risk Services

Synopsis of the Request for Proposal

Solicitation Reference No. RFP-0249-LEGAL-2020
Title of Solicitation Consultancy Services for Enterprise Risk Services
Issuing Office & Address Alliance for a Green Revolution in Africa (AGRA) Website:  
Point of contact for clarifications, questions and ammendments AGRA General Procurement,
Email Address for submission of Proposals/ Quotes AGRA General Procurement,
Solicitation Issue Date May 28, 2020 East African Time.
Deadline for submission questions and clarifications June 05, 2020 5:00PM, East African Time.
Deadline for Answering questions and clarifications June 09, 2020 5:00PM, East African Time.
Deadline for Submission of Proposals June 12, 2020 5:00PM, East African Time. Please include the subject line “RFP-0249-LEGAL-2020” of the email
Anticipated Award Type Consultancy agreement
 Evaluation Criteria Bidder Must provide the below listed information.   Mandatory Eligibility Requirement Company profileTrading license or certificate of incorporation TAX clearance certificatesAt least three reference letters of similar assignments carried out Evaluation Criteria Organizational Capacity: ….. ……………………………………………..10%General experience and experience in Enterprise Risk Services..30%Proposed methodology and approach criteria: ……………………….20% Experience and Qualification of key personnel: …………………….40%              Total: …………………………………………………………………………..100%   NB. The minimum technical score shall be 75% to proceed to Financial valuation. Weighted scoring: Technical proposal weight: 70% and Financial proposal weight: 30%

Alliance for a Green Revolution in Africa (AGRA) was founded in 2006 with a mission to trigger a uniquely African Green Revolution that transforms smallholder agriculture into a highly productive, efficient, competitive and sustainable system to ensure food security and lift millions out of poverty.

AGRA is currently registered or has operations in the following African countries: Kenya, Tanzania, Ethiopia, Malawi, Mali, Ghana, Burkina Faso, Mozambique, Nigeria, Uganda and Rwanda (“the AGRA Countries”).

AGRA has an Enterprise Risk Management Framework that was established in the year 2016 that seeks to enable the institution have a systematic way of assessing, recording, monitoring, reporting and ultimately managing its risks.

Since the year 2016, AGRA has implemented annual risk plans and the following are currently in place as detailed below:

  • Year 2016- 2017:
    • Establishment of the Risk Management Framework,
    • Risk assessments and development of a risk register template, scenario analysis template, reporting template and dashboards.
    • Development of training materials on the risk assessment process and procedures.
    • Development of a consolidated risk register.
    • Submission of the final risk register and final report for the period of 2017.
  • Year 2018:

The 2018 Annual Risk Plan was implemented under six components, as follows:

Strategy and appetite   Aligned the use of risk management to enable the achievement of business plans, goals and strategic objectives by linking AGRA’s risk management objectives to the corporate strategy and developing a clear risk strategy and defining AGRA’s risk appetite and tolerance. Developed redefined risk appetite statements based on the 2018 strategic risks.Assigned key risk indicators and tolerance limits.
Risk Governance Defined the structure through which AGRA directs, manages and reports its risk management activities including defined roles and responsibilities, decision rights, the risk governance operating model and reporting lines. Developed risk management dashboards.
Risk culture   Reviewed AGRA’s risk communication culture within AGRA. Developed a risk and incident communication plan. Identified skills and competencies needed to implement the ERM framework.
Risk assessment and measurement   Reviewed and updated the AGRA risk taxonomy and control matrix. Updated risk registers for key divisions for the year.  Formal risk escalation plan. Linkage of key risks to strategic objectives. Revised the Organizational Capacity Assessment tool with risk analysis. Conducted a formal risk assessment process. Executed top down risk assessment. Prepared risk reports with a trend analysis and HEAT maps.Updated key risk indicators and measurements.Documented key risk indicators. Simulated business objectives against risk performance data. Documented scenarios for strategic risks.Conducted formal scenario analysis and stress testing.
Risk management and monitoring   Identified risk mitigation activities updated in a central repository.Implemented a standard process to track identified issues and related action plans.Implemented a formal process to manage/monitor risks associated with major initiatives/projects.Formalized process for management self-assessment.Risk assurance process.Leading and lagging key risk indicators.Dashboard identifying the coverage of key risk.Project risk guidelines and catalogue and assessment criteria.
Risk reporting and insights   Developed the 2018 strategic risk report and reports for selected divisions and units. Developed reporting dashboard and templates.Developed reports for management and the Board on key corporate risks.  Conducted risk awareness training. Risk data analytics.
Business Continuity Management Framework Developed a business continuity strategy and plan.Developed an emergency response and crisis management strategy.   Developed asset protection and physical security program. Developed an Information Technology (IT) Disaster Recovery plan.  
  • Year 2019:

In 2019, we reviewed and updated the following that are currently in place:

Risk Strategy & Governance

Updated ERM maturity assessment. Updated Risk Management Policy with redefined key risk indicators. Updated risk-bearing capacity.Updated Organizational Capacity Assessment tool.
Risk Culture and Awareness Developed training materials for various levels of risk management. Conducted learner centric ERM awareness training.
Risk Assessment and analysis

Updated units, program and country level risk registers. Updated the strategic risk register. Refined key risk indicators for top 5 risks at each level Developed an aggregation report for cross cutting risks at various levels. Updated risk controls and mitigation activities for risks identified.
Risk monitoring and reporting Revised the implementation action plan tracker. Prepared a risk report to the Board and management at scheduled times in line with organizational calendar of events.
Risk automation plan   Developed a risk automation proposal and a 2020 Risk Implementation Plan.
Business Continuity Management Framework Developed resilience and recovery capabilities maturity report. Implemented a business impact analysis, business continuity strategy for all functions within the scope of the AGRA Business Continuity Framework. Conducted trainings on the BCM. Developed and implemented the AGRA BCM Policy.Conducted emergence response and crisis management. Implemented the risk treatment plan.     

AGRA seeks to implement a comprehensive risk plan for 2020 in order to increase the organization’s maturity in terms of risk management. AGRA seeks the assistance of a risk consultant in implementing its 2020 Annual Risk Plan. The consultant shall report to AGRA’s Senior Adviser, Enterprise Risk and Donor Compliance.


The Consultant will provide AGRA with the following services:

Implementation of AGRA’s 2020 Risk Plan

  • Risk Strategy and Governance:
    • Perform a gap analysis on the charters on risk management to determine if they contain elements on common industry practice.
    • Develop the risk charters as per risk management standards and best practice.
    • Review to determine if the board and its risk management committee are appropriately organized, structured and focused on areas vital to risk management.
    • Review committee membership (size and expertise) for the risk management committee to assess reasonableness given the committee purpose. Provide improvement areas to be considered.
    • Review the boards’ risk oversight role to establish if it is extensive, fully evidenced and value adding (risk reporting to the board at defined intervals, evidenced risk topics as agenda items in board meetings).
  • Risk Culture and Awareness:
  • Roll out the risk culture assessment questionnaire, identify gaps and provide recommendations for addressing gaps noted.
  • Articulate the roadmap to getting to the desired culture and define measures of success at the corporate and process level.
  • Continuous measurement of progress made against the roadmap.
  • Continuous training and capacity building at various levels at AGRA including a specific training on the post COVID-19 risk management practices:
  • Board
  • Senior management team at country and unit level
  • Risk champions
  • Risk management team
  • All staff
  • Provide additional tools for building risk awareness to supplement the face to face workshops/trainings.
  • Risk Assessment and Analysis:
  1. Review and update risk registers developed at unit and country level by the risk champions against industry trends, AGRA’s strategy, unit/country objectives, and other risk trends.
  2. Update key performance indicators and key risk indicators for unit/country risks identified.
  3. Update risk mitigation measures and categorize these against control frameworks for different types of risks.
  4. Identification and documentation of the key signals of change impacting AGRA’s strategy positively or negatively.
  • Risk Monitoring and Reporting:
    • Map roles and responsibilities, including those related to assurance providers, across the three lines of defence to each of the key risks that is ongoing in coordination with Internal Audit.
    • Develop risk monitoring dashboards incorporating the use of KPIs and KRIs to support in the continuous risk monitoring process.
    • Identifying the need for additional controls/mitigations.
    • Monitor implementation progress of the identified improvement action plans.
    • Assign responsibility and revised due dates to the action plans.
    • Develop risk reports (strategic, unit and country level) for review by senior management team and the board. The reports should reflect risk tolerance and risk limits.
  • Risk Implementation Plan
    • Develop a 2021 Risk Implementation Plan.

The Consultant shall be expected to submit the following deliverables to AGRA:

Component Deliverables By when
Risk Strategy & Governance   Board risk committee charter.Board risk performance evaluation criteria.Agenda items for strategic risk.Action plan tracker for key risks by the board and risk committees. Within 150 calendar days after contract award
Risk Culture and Awareness Risk culture assessment results reportRisk culture improvement roadmap trackerTraining materials including a specific training on the post COVID-19 risk management practices.Training delivery at the various levels.Risk awareness tools such as periodic email posters. Within 150 calendar days after contract award
Risk Assessment and analysis   Updated strategic, unit and country level risk registers.Updated key performance indicators and key risk indicators.Documented signals of change.Aggregation report for cross cutting risks at various levels. Updated Strategic Register – within 30 days after contract award.   Other deliverables-within150 calendar days
Risk Monitoring and Reporting    Formalized process for management self-assessments.Risk monitoring dashboards.Updated implementation actions plan tracker.Risk reports to units, boards and senior management. Risk Reports to AGRA Board of Directors – within 30 calendar days after contract award.The other deliverables-within150 calendar days
Risk Management Plan Annual year 2021 Risk Implementation Plan. Within  180 calendar days  after contract award

The assignment will take place in AGRA head office in Nairobi, Kenya and where/when applicable may consist of travel to any of the other AGRA offices. Given Covid-19 related travel restrictions and social distancing requirements, we are open to this assignment being conducted virtually using applicable technology provided by the successful consultant.


The assignment is estimated to be carried out in a period of 60 man-days; estimated spread from July 2020 to January 2021.

  • Strong knowledge and demonstrated experience in the field of risk management, knowledge about best practices regarding risk management;
  • Experience in conducting and facilitating similar risk assessments and planning processes with International NGOs, with experience in international development sector in Africa; 
  • Excellent communication, analytical, and reporting skills in a cross-cultural environment; and
  • Knowledge and experience using participatory approaches and innovative facilitation techniques.
Technical Evaluation Criteria Points Allocated
Organizational CapacityCompany profileClient portfolio and company accreditations 10%
Experience of the firm:Experience in conducting and facilitating similar risk assessments and planning processes with International NGOs, with experience in international development sector in AfricaPast performance, provide details of at least three similar assignments carried out in the past and  reference letters detailing work done and the contact details of three client references. Strong knowledge and demonstrated experience in the field of risk management, knowledge about best practices regarding risk management   30%
Proposed approach, methodology and work plan (maximum 10 pages): Understanding the assignment requirementsProposed methodology relative to the context of the assignmentproposed work plan and staffing schedule, risk assessment and mitigation strategies integrated into the service, planning, appropriateness of the implementation schedule to the project timelines and project quality assurance measures.   20%
Key personnelDetailed Curriculum Vitae of the Team Leader and at least two additional Risk ExpertsQualification and experience of the key staff in carrying out similar assignmentsExcellent communication, analytical, and reporting skills in a cross-cultural environmentKnowledge and experience using participatory approaches and innovative facilitation techniques   40%


  • Only techinical proposals that score above 75% shall be considered for financial evaluation
  • Technical weight shall be evaluated out of  70% and Financial proposals shall be evaluated out of 30%

The proposal should include:

Technical Proposal

  1. Company profile and company accreditations
  2. Proposed methodology and approach
  3. Detailed work plan, including deliverables timing.
  4. Proposed key staff including their CVs
  5. Relevant experience including three client reference letters
  6. Current company registration documents/certificate of incorporation

Financial Proposal

  1. A breakdown of the financial proposal in USD indicating daily rate for each of the proposed experts, time input and all applicable reimbursable expenses (international and/or local transport, accommodation as applicable);
  2. All applicable taxes (VAT and withholding taxes) should be quoted separately;
  3. If the financial proposal is silent on taxes, AGRA shall assume that these are inclusive;
  4. Other costs, e.g. accommodation, travel, support staff, printing and other incidental costs will be reimbursed based on the actual costs incurred.
  5. Use the template provided under annex 1 for the financial proposal


  • Questions and/or clarifications may be submitted to
  • The proposals SHALL be submitted to by deadline indicated in the synopsis
  • The proposal and ALL Attachments submitted via email SHALL NOT exceed 10MB
  • VALIDITY of the proposal shall be for a period of 90 days from the date of bid closure.
  • Financial proposal shall be sent as a separate attachment and MUST be password protected. The password shall be requested from companies meeting the minimum technical score

AGRA reserves the right to determine the structure of the process, number of short-listed participants, the right to withdraw from the proposal process, the right to change this timetable at any time without notice and reserves the right to withdraw this tender at any time, without prior notice and without liability to compensate and/or reimburse any party.


  1. Financial proposal Form: Summary of Costs
Item Cost  
{Insert Foreign Currency # 1} USD value Total cost
Cost of the Financial Proposal, including      
(1) Remuneration (from table A)      
(2)Reimbursables (from table C)      
Total Cost of the Financial Proposal:        
Indirect Local Tax Estimates – to be discussed and finalized at the negotiations if the Contract is awarded
{insert type of tax}      
Total Estimate for Indirect Local Tax:          
  • Financial proposal Form: Breakdown of Remuneration

Provide a breakdown of remuneration fees in the table below

A. Remuneration        
No. Name Position Person-month Remuneration Rate Time Input in Man-days   {Currenc) USD Total USD cost
  Key Experts                
K-1     [Home]        
K-2 [Home]        
K-3 [Home]          
        Total Costs        
  • Financial proposal Form: Breakdown of [Reimbursable Expenses]

Provide a breakdown of reimbursable expenses (if applicable)

Type of [Reimbursable Expenses] Unit Unit Cost Quantity {Currency} Total value in USD
  {e.g., Per diem allowances**} {Day}        
  {e.g., International flights} {Ticket}        
  {e.g., In/out airport transportation} {Trip}        
  {e.g., Communication costs between Insert place and Insert place}          
  { e.g., reproduction of reports}          
            Total Costs