As part of its annual workplan, the Office of Internal Audit audited WFP cooperating partners’ digital and data processing risks. The audit focused on the adequacy, efficiency and effectiveness of WFP governance, risk management and internal controls to mitigate cooperating partners’ digital and data processing risks. WFP routinely relies on its cooperating partners’ processes and technology to process and safeguard beneficiaries’ personally identifiable information. WFP’s cooperating partners process a large amount of personally identifiable information, including current and prospective beneficiaries' personal data. Protecting this information is a fundamental duty of care to those WFP serves. Therefore, it is incumbent on WFP to ensure beneficiaries' privacy rights and personal data are safeguarded and processed by its cooperating partners in a manner that does not compromise its confidentiality, availability and integrity. Breaches in privacy could have profound consequences for individual beneficiaries or beneficiary communities and impact WFP's mission objectives. Based on the results of the audit, the Office of Internal Audit has come to an overall conclusion of major improvement needed.