Search
Policy Areas

What's new

See All

02 December 2024

Cash Management

The policy has been updated with the following changes: Introduction of a new rule of 5% of imprest level added to the current threshold of $50,000 for acceptance of local receipts with the following revised wording: “Country offices (COs) may accept the cumulative of all receipts, up to equivalent USD 50,000 monthly or 5% of their established imprest level, whichever is higher, without prior authority from Treasury, provided the receipt of funds locally will not create or add to an ac...

The policy has been updated with the following changes: 

  • Introduction of a new rule of 5% of imprest level added to the current threshold of $50,000 for acceptance of local receipts with the following revised wording: “Country offices (COs) may accept the cumulative of all receipts, up to equivalent USD 50,000 monthly or 5% of their established imprest level, whichever is higherwithout prior authority from Treasury, provided the receipt of funds locally will not create or add to an accumulation of non-convertible or convertible bank balances in their local bank accounts.”  The higher of the two figures will be the threshold of reporting to Treasury if an exceptional approval from Treasury is required from the CO for accepting local receipts. 
  • Expansion of the scope of currencies to USD and EUR, as long as these are received locally in the country office bank accounts.
  • Clarification to apply the cost of currency conversion to the respective projects. 
  • Other minor editorial changes. 

22 November 2024

Framework of Accountability for Security

The policy has been updated to reflect the following changes:The term ‘SFP’ (Security Focal Point) has been updated to ’ACSFP’ (Agency Country Security Focal Point) which is the accurate term for country-specific roles, as the term ‘SFP’ refers to the Director of the Security Office (SO).  In paragraph 36 - a footnote has been eliminated to align with the requirements of the UNSMS (United Nations Security Management System) and of the UNDP Framework of Accountability for Security that ...

The policy has been updated to reflect the following changes:

  • The term ‘SFP’ (Security Focal Point) has been updated to ’ACSFP’ (Agency Country Security Focal Point) which is the accurate term for country-specific roles, as the term ‘SFP’ refers to the Director of the Security Office (SO).  
  • In paragraph 36 - a footnote has been eliminated to align with the requirements of the UNSMS (United Nations Security Management System) and of the UNDP Framework of Accountability for Security that assign day-to-day oversight of security to the ACSFP in the absence of a security professional. The elimination of this footnote also aligns with best practices in crisis management and accountability requirements when there are both a security professional and an ACSFP in a duty station.
  • The role ‘LSA’ (Local Security Associate) has been removed from the framework as those posts have been migrated to Country Office Security Associate (COSA) level positions.

The UNDP Security Framework of Accountability (FoA) Explainer is also updated to align with the updated policy and is now available in French and in Spanish. The Framework of Accountability for Security procedure is now available in French and in Spanish.

15 November 2024

ICT Security

The Cybersecurity Standard on Cloud Acquisition, Maintenance, and Termination of Cloud Services offers guidelines, security controls and other considerations to securing UNDP data stored on cloud services platforms throughout their lifecycle, from acquisition to maintenance to termination. The objectives of the new standard are to:Protect sensitive data and systems from unauthorized access, use, disclosure, disruption, modification, or destruction.Remain cognizant of data privacy regulations and...

The Cybersecurity Standard on Cloud Acquisition, Maintenance, and Termination of Cloud Services offers guidelines, security controls and other considerations to securing UNDP data stored on cloud services platforms throughout their lifecycle, from acquisition to maintenance to termination. The objectives of the new standard are to:

  • Protect sensitive data and systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
  • Remain cognizant of data privacy regulations and industry standards.
  • Reduce UNDP’s risk exposure to cloud-related security incidents.
  • Ensure cloud services are appropriately secured and managed throughout their lifecycle.

30 October 2024

Business Continuity Management

The Business Continuity Management policy has been streamlined and updated to:Align with the UN Organizational Resilience Management System on training requirements.Clarify the process of conducting Risk Assessment at HQ NY and Offices/Units.Confirm that sub-offices are included in country office (CO) Business Continuity Plans (BCPs).Clarify the BCP approval process based on current practice, including the support role of the Management Specialist in BMS.The Business Continuity Planning procedur...

The Business Continuity Management policy has been streamlined and updated to:

  1. Align with the UN Organizational Resilience Management System on training requirements.
  2. Clarify the process of conducting Risk Assessment at HQ NY and Offices/Units.
  3. Confirm that sub-offices are included in country office (CO) Business Continuity Plans (BCPs).
  4. Clarify the BCP approval process based on current practice, including the support role of the Management Specialist in BMS.

The Business Continuity Planning procedure and the Business Continuity Management User Guide have been aligned with the updated Business Continuity Management policy.

28 October 2024

Award and Management of Contract