How we audit
IAD uses a risk-based approach in developing its three-year work plan. The purpose of risk-based work planning is to ensure that IAD assignments are directed at areas where achievement of the United Nations objectives is at higher risk. Risk-based annual work plans enable IAD to focus on how well the United Nations is managing major risks, rather than targeting audits at areas of suspected weaknesses. Each year, we undertake an annual risk assessment exercise to validate and update the audit universe to consider new and emerging risks.
We take into account the United Nations enterprise risk management framework and consult with management and other relevant stakeholders in developing the plan.
Internal Audit Reports and Audit Recommendations
At the end of each assignment, we issue an audit report, which is published and available on this website 30 days after the issuance date. Through our audit reports, we provide transparency regarding the operations of the United Nations while also continuing to provide assurance and reporting to management to encourage improved economy, effectiveness and efficiency in the management of United Nations operations and activities.
Internal audit reports contain recommendations to improve governance, risk management and internal control processes. Programme managers are expected to promptly act on the audit results and recommendations and to report periodically to IAD on the status of their implementation. IAD follows up and monitors its audit recommendations until they are fully implemented.
International Standards for the Professional Practice of Internal Audit
In conducting its work, IAD is guided by the International Standards for the Professional Practice of Internal Auditing promulgated by the Institute of Internal Auditors (IIA).
As part of its efforts to continue improving its processes and services and to comply with the IIA Standards, the Division has implemented a robust Quality Assurance and Improvement Programme. The Programme is designed to provide reasonable assurance to the various stakeholders that IAD: (i) performs its work to a standard which is consistent with the IIA Standards; (ii) operates in an effective and efficient manner; and (iii) is perceived by stakeholders as adding value and improving its operations. The Programme provides continuous review of and improvement to audit practices and enhances performance of audit work conducted through ongoing and periodic internal and external assessments.
IAD has established a number of performance metrics not only to ensure that it delivers on its mandate, strategy and goals, but also to enhance internal control over audit processes and to measure the outcome and impact of its activities on the Organization.
Resolutions and reports pertaining to internal audit report disclosure
- Resolution on the public disclosure of internal audit and evaluation reports (A/Res/69/253).
- Resolution on the proposal on the dissemination and distribution of audit reports of the Office of Internal Oversight Services (A/Res/67/258; Part III), 3 June 2013
- Proposal on the dissemination and distribution of audit reports (A/66/674), 30 January 2012
- Review of implementation of General Assembly resolutions 48/218B and 54/244 (A/Res/59/272), 2 February 2005