As part of its annual work plan for 2017, the Office of
Internal Audit conducted an audit of SAP GRC (Governance,
Risk and Compliance) Access Control and related modules
implemented in WFP’s Enterprise Resource Planning (ERP)
system, the WFP Information Network and Global System
(WINGS II). The audit focused on the period from 1 January
2016 to 30 April 2017. The audit team conducted the field
work between 18 May and 27 June 2017 at WFP headquarters
in Rome. The audit was conducted in conformance with the
International Standards for the Professional Practice of
Internal Auditing.