How we audit
Risk-based approach
IAD uses a risk-based approach in developing its three-year work plan. The purpose of risk-based work planning is to ensure that IAD assignments are directed at areas where achievement of the United Nations objectives is at higher risk. Risk-based annual work plans enable IAD to focus on how well the United Nations is managing major risks, rather than targeting audits at areas of suspected weaknesses. Each year, we undertake an annual risk assessment exercise to validate and update the audit universe to consider new and emerging risks.
We take into account the United Nations enterprise risk management framework and consult with management and other relevant stakeholders in developing the plan.
Audit process
There are four main stages to each audit assignment: planning, fieldwork, reporting and following up. Details of the work done in each stage is documented in the IAD Audit Manual.
Internal Audit Reports and Audit Recommendations
At the end of each assignment, we issue an audit report, which is published and available on this website 30 days after the issuance date. Through our audit reports, we provide transparency regarding the operations of the United Nations while also continuing to provide assurance and reporting to management to encourage improved economy, effectiveness and efficiency in the management of United Nations operations and activities.
Internal audit reports contain recommendations to improve governance, risk management and internal control processes. Programme managers are expected to promptly act on the audit results and recommendations and to report periodically to IAD on the status of their implementation. IAD follows up and monitors its audit recommendations until they are fully implemented.
International Standards for the Professional Practice of Internal Audit
In conducting its work, IAD is guided by the International Standards for the Professional Practice of Internal Auditing promulgated by the Institute of Internal Auditors (IIA).
As part of its efforts to continue improving its processes and services and to comply with the IIA Standards, the Division has implemented a robust Quality Assurance and Improvement Programme. The Programme is designed to provide reasonable assurance to the various stakeholders that IAD: (i) performs its work to a standard which is consistent with the IIA Standards; (ii) operates in an effective and efficient manner; and (iii) is perceived by stakeholders as adding value and improving its operations. The Programme provides continuous review of and improvement to audit practices and enhances performance of audit work conducted through ongoing and periodic internal and external assessments.
IAD has established a number of performance metrics not only to ensure that it delivers on its mandate, strategy and goals, but also to enhance internal control over audit processes and to measure the outcome and impact of its activities on the Organization.
Resolutions and reports pertaining to internal audit report disclosure
- Resolution on the public disclosure of internal audit and evaluation reports (A/Res/69/253).
- Resolution on the proposal on the dissemination and distribution of audit reports of the Office of Internal Oversight Services (A/Res/67/258; Part III), 3 June 2013
- Proposal on the dissemination and distribution of audit reports (A/66/674), 30 January 2012
- Review of implementation of General Assembly resolutions 48/218B and 54/244 (A/Res/59/272), 2 February 2005
Audit Reports
View our list of audit reports, conducted for our clients from all over the world, including New York, Geneva, Nairobi and multiple resident audit offices in field missions.
Audit Manual
The Internal Audit Manual sets out the policies and procedures that govern the conduct of internal auditing at the United Nations. Read more
What we audit
According to United Nations Financial Regulation 5.15, Internal Audit Division (IAD) of OIOS is responsible for conducting independent internal audits. Read more