Aligned with Global Internal Audit Standards

Elevate Public Sector
Governance & Compliance

A secure, digital monitoring platform enabling public institutions to self-assess against the Global Internal Audit Standards (GIAS) and Risk Management Guidelines with a clean, guided experience. Track maturity, identify gaps, and ensure 100% PFM compliance.

Start Assessment How it works

5+

Core Domains

200+

Assessment Criteria

100%

PFM Compliant

Real-Time

Live Reporting

Assessment Progress

LIVE

Domain	Status	Score
Risk Mgmt	Completed	92%
Ethics	In Progress	65%
Governance	Action Req	40%
Audit Svc	Pending	—

Total Completion 78%

Ave. Risk

68%

Compliance

82%

Governance

45%

Role-based access Secure workflow

The Workflow

How It Works

From assessment to action plan in four easy steps.

Register

Select Evaluation

Select a risk or compliance evaluation and conduct the guided survey.

Risk Score

Receive an instant risk rating and detailed breakdown upon completion.

Action Plan

Get prioritized remediation steps to improve your score and governance.

Assessment frameworks

Explore Compliance Domains

Comprehensive coverage of Risk Management and Internal Audit Standards. Use the tabs to explore the scope at a glance.

Framework Structure

Approved risk management policy and framework.
Inclusion of sustainability, ethics, and compliance risks.
Cost-effectiveness of the framework and controls.
Communication and understanding throughout the organization.

Culture & Resources

Governing body and senior management commitment.
Incentives and accountability mechanisms.
Approved budget and allocation of human/tech resources.
Defined authorities, responsibilities, and accountabilities.

Sample Assessment Criteria

Ref	Criteria	Evidence
RMF 1.1	Do you have an approved risk management policy and framework in your entity?	Policy document
RMF 2.1	Has the governing body and senior management demonstrated continued commitment to risk management?	Board minutes
RMF 4.1	Has the entity defined risk appetite and tolerance aligned to applicable laws and objectives?	Risk appetite statement

Identification & Analysis

Systematic, collaborative risk identification process.
Consideration of upside opportunities and downside risks.
Qualitative and/or quantitative evaluation methods.
Risk analysis at inherent and residual levels.

Treatment & Recording

Risk response strategies (mitigation, avoidance, acceptance, transfer).
Treatment plans with owners, timelines and measures.
Maintenance of a comprehensive risk register.
Reporting and escalation of significant risks.

Domain I: Purpose

Annual workplan includes assurance and advisory engagements.
Internal audit serves the public interest in conformance with GIAS.

Domain II: Ethics

Honesty and professional courage.
Ethical expectations and adherence mechanisms.
Legal and ethical behavior policies.
Maintaining objectivity and safeguards.

Competency & Care

Competency and training frameworks for internal auditors.
Continuing Professional Development (CPD) expectations.
Due professional care and professional skepticism.
Confidentiality and protection of information.

Domain III: Governing the Function

Documented Internal Audit Charter approved by the board.
Independence, reporting lines and safeguards.
Chief Audit Executive qualifications and leadership expectations.
Board interaction on plans, budgets and results.

Domain IV: Managing the Function

Strategic planning aligned with organizational objectives.
Resource management: financial, human and technology.
Effective communication and stakeholder engagement.
Quality assurance and improvement program (QAIP).

Compliance & Security

Committed to Data Protection Act (2019)

We prioritize the security and privacy of institutional data. Our platform is architected to align strictly with the Data Protection Act, 2019 (Kenya), ensuring that citizen and institutional data is processed lawfully, transparently, and securely.

Lawful Processing

Data is collected solely for compliance monitoring purposes with valid consent under Sections 2 & 3 of the Act.

Secure Storage

Implementing technical and organizational measures to prevent unauthorized access, loss, or damage (Section 42).

Subject Rights

Institutions retain the right to access, correct, or delete their assessment data in accordance with Sections 24-31.

System Status

ENCRYPTED

                > Initiating secure handshake...

                > TLS 1.3 Protocol Active

                > Data Location: Kenya (Local Region)

                > Audit Logs: Enabled

                > Compliance: VERIFIED

ODPC COMPLIANT ARCHITECTURE

Built on Global Standards

The platform is mapped to rigorous frameworks that support consistent public-sector governance, internal audit practice, and risk management.

PFM Act

Public Finance Management

GIAS

Global Internal Audit Standards

ISO 31000

Risk Management Guidance

PSASB

Public Sector Standards

Help

Frequently Asked Questions

Who should use this platform?

Public institutions, including state corporations, ministries, and agencies, required to conduct structured monitoring and self-assessments for governance, risk management, and compliance.

Is the data secure?

The platform supports role-based access controls (RBAC) so only authorized personnel can view or edit sensitive monitoring data, aligned to institutional governance needs and the Data Protection Act.

Can we save progress and complete later?

Yes. The system can support saving progress so teams can continue later and return to where they left off.

Ready to Enhance Your Compliance?

Join public institutions using the Global Internal Audit Standards Monitoring Platform to strengthen governance and improve control environments.

Elevate Public Sector Governance & Compliance

5+