Skip Ribbon Commands
Skip to main content

Programme and Operations Policies and Procedures

Please Wait ...Processing


36. Enterprise Risk Management, October 29th, 2021

The ERM policy was updated to 1) modify risks-sub categories and 2) launch UNDP’s Risk Appetite Statement (RAS) which aims to create a risk-enabled culture within UNDP, where risk-based decisions are taken, and opportunities are pursued according to the needs and circumstances of the project or programme, our development partners, and the resources and skills available.

35. Bussiness Continuity Management, September 2nd, 2021

The Business Continuity Management policy is now available in French. To access the document, click on the French language tab.

34. Internal Control Framework, June 11th, 2021

The purpose of the Internal Control Framework (ICF) policy is to help UNDP achieve its goals and to provide accountability for its activities. An effective internal control system provides reasonable assurance to UNDP regarding the achievement of its objectives in the following categories:
  • Promotion of orderly, ethical, economical, efficient and effective operations;
  • Meeting accountability obligations by making available reliable and relevant internal and external financial and non-financial information, through the maintenance of proper records and information flows;
  • Safeguarding resources from inappropriate use, loss, or damage due to waste, abuse, mismanagement, errors, fraud and irregularities;
  • Compliance with applicable regulations, rules and internal policies.
The Operational Guide to the Internal Control Framework supplements the Internal Control Framework (ICF) policy to bring together the main existing prescriptive content within the Programme and Operations Policies and Procedures (POPP) with respect to internal controls, and help UNDP offices implement effective internal controls. It draws upon acknowledged international best practices, while taking into account the characteristics of UNDP.

33. Internal Control Framework, January 15th, 2021

Updates to the ICF Operational Guide provide additional clarity on the responsibilities for monitoring budget overrides, and overseeing override match exception functions. Additional sentences have been added on override match exceptions to page 39 and on monitoring of budget overrides to pages 16, 22 and 23.

32. Bussiness Continuity Management, December 31st, 2020

The Business Continuity Management policy is now available in Spanish. To access the document, click on the Spanish language tab.

31. Internal Control Framework, November 13th, 2020

The Operational Guide to the ICF is now available in French. To access the document, click on the French language tab.

The Operational Guide to the ICF is now available in Spanish. To access the document, click on the Spanish language tab.

29. Internal Control Framework, July 29th, 2020

The Operational Guide to the ICF has been updated to incorporate some streamlining improvements, as well as address recent issues identified by audits:

1. The removal of the provision which enabled low-value Requisitions and related Purchase Orders to be approved by the same individual, as communicated by the CFO to all Offices on 16th September 2019.

2. Aligning the consistency of language on vendor creation and approval, and updating it to reflect additional control processes needed when changing vendor bank account information.

3. Further streamlining the ICF, e.g. by removing a redundant control (that bank signatories cannot approve vendors, in COs where there are 2 bank signatories), and authorizing GS7 staff in COs and GS6 staff in the GSSU to perform approval functions for POs, prepayments and no-PO vouchers up to $10,000.

4. Incorporating the recently issued reforms effected through the various rounds of BMS business process streamlining. These changes include:

a. authorising three vendor approvers for large offices with delivery above $50m per year;

b. clarifying functions that must be performed by staff, and functions where other contractual modalities may now be utilized per the streamlining exercises.

5. Consolidating the list of control functions to be performed by staff within a single section of the ICF.

6. Updates to include new business process services provided by the GSSU.

28. July 8th, 2020

The ICF Operational Guide has been revised to reflect the division of roles and responsibilities between country offices and GSSU with detailed guidance provided for the following 14 business processes services:

  1. bank-to-book (B2B) reconciliation;
  2. cash management;
  3. assets management;
  4. inventory management;
  5. vendor management;
  6. accounts payment processing;
  7. pay cycle;
  8. general accounting;
  9. travel processing;
  10. project financial closure and donor financial reporting;
  11. VAT processing;
  12. procurement: LTA Goods, Services and Works;
  13. procurement: purchases over US$ 150,000 except IC;
  14. human resources services: (a) recruit, source, and select employees; (b) employee on-boarding; (c) manage employee performance, reward and retention; (d) manage employee well-being; (e) employee development and training; (f) administration of contracts, benefits and allowances; (g) administer payroll. 


22. Delegation of Authorities, March 26th, 2019

​The Delegation of Authorities policy is now available in Spanish. To access the document, click on the Spanish language tab.

21. Managing Prescriptive Content, March 26th, 2019

​The Managing Prescriptive Content main policy and procedures are now available in Spanish. To access the documents, click on the Spanish language tab.

20. Risk Management, March 13th, 2019

The updated Enterprise Risk Management policy and procedures, which are now available in English, French and Spanish, call for a change in how UNDP collectively approaches risk management in order to become a smarter and more agile organization. They provide a roadmap for moving from risk averse to responsible risk taking practices. To access the Spanish and French documents, click on the relevant language tabs.

19. Anti-Fraud, December 13th, 2018

The Anti-Fraud Policy has been updated to reflect UNDP’s review of the policy and assessment of fraud risks faced by the organization. The updates include:

1. The UN’s single definition of what constitutes fraud, as well as cases of suspected or presumptive fraud, as recommended by the Joint Inspection Unit of the UN and as formulated, and approved by the High-Level Committee on Management (HLCM) pursuant to General Assembly resolution A/RES/70/238.

2. References on criminal accountability of United Nations officials and experts on mission pursuant to General Assembly resolution A/RES/62/63, which states that credible allegations of a crime committed by United Nations officials or experts on mission may be brought by the Secretary-General to the attention of the States against whose nationals such allegations are made.

18. Managing Prescriptive Conent (POPP), November 14th, 2018

The Managing Prescriptive Conent Policy is available in French. Kindly note that any differences in the English and French texts will be interpreted in accordance with the English version.

17. Anti-Fraud, September 28th, 2018

The Anti-Fraud Policy is available in French. Kindly note that any differences in the English and French texts will be interpreted in accordance with the English version.

16. Internal Control Framework (ICF), September 19th, 2018

 The ICF Operational Guide reflects the following changes:

1) Increase the threshold above which Purchase Orders and E- requisitions are required from $2,500 to $5,000. 

2) Increase the number of vendor approvers to three staff members in offices whose previous year delivery is above $50 million per year. 

15. Business Continuity Management (BCM), January 17th, 2018

The BCM policy has been revised is now available in POPP. The revision is mainly editorial and does not include any substantive changes. The revised policy has also included a reference to UN Organizational Resilience Management System (ORMS) which was approved by UN CEB in 2014.

14. Enterprise Risk Management Policy, October 27th, 2017

The ERM policy has been supplemented with clarification of the end-to-end risk management process to simplify application. The business process provides a summary of risk management at all levels of the Organizational and the risk escalation process.  It also provides information on linkages between risk management and how this could be mainstreamed in most key business processes within the Organization. 

13. The Information Disclosure Policy, August 11th, 2017

The policy was updated to reflect best practice in the review and appeal process relating to information disclosure. The new provisions are intended to ensure independence of the Information Disclosure Panel in its decision making on contested disclosures. 

12. Managing The Information Disclosure Policy, August 2nd, 2017

The new policy on the management of prescriptive content (Programme and Operations Policies and Procedures -- POPP) provides a full-cycle approach to maintaining the POPP. The cycle starts with conceptualization and preparation of prescriptive content, country office inputs and feedback, inter-Bureau consultations, approval and publication. The Policy sets out key principles on what constitutes prescriptive content, and formalizes new standards for writing polices to ensure that they are short, easy to understand and apply. The Policy requires that policy contain procedures in simple form, preferably in tabular form, to facilitate quick reference. Coherence and timely publication and communication of updates and new content is also required.

11. Delegation of Authority Policy, April 7th, 2017

This is an update from 2012 and describes how authority is delegated in UNDP from the Administrator to Heads of UNDP offices. It also provides guidance on how and when such delegated authorities could be further delegated.  These accountabilities are in line with the Corporate Accountability Framework (see link) approved by the Executive Group in 2016. This policy also serves as a single point of reference of the authorities of the Administrator, Associate Administrator and heads of UNDP offices in headquarters and in country offices including those funds and programmes administered by UNDP. A Summary Table of Delegated Authority of UNDP Administrator is available at Annex A.

10. Revised Making Information Available to the Public Policy, April 4th, 2016

Independent nature of Information Disclosure Panel is more emphasized.  The independent Panel now consists of four members, including one from a United Nations agency other than UNDP; and one from a non-governmental organization.

9. New Enterprise Risk Management Policy, January 26th, 2016

This new Policy enhances the way we identify opportunities and threats at an early stage and manage those proactively. It guides users to assess risks, approach to risk treatment, monitor and review risks, while clarifying risk management roles and responsibilities. An updated risk log that is integrated into the Integrated Work Plan has already been set up in the Corporate Planning System. The Policy is based on ISO's Internal Risk Management Industry Standard (ISO 31000).

8. Revised Making Information Available to the Public Policy, April 12th, 2016

Independent nature of Information Disclosure Panel is more emphasized.  The independent Panel now consists of four members, including one from a United Nations agency other than UNDP; and one from a non-governmental organization.

7. Revised Information Disclosure Policy, February 18th, 2014

The Information Disclosure Policy now includes requirements for "robust reasoning" to exclude information from the public domain. Amendments have been benchmarked against international best practice.

6. UNDP Policy on Fraud and other Corrupt Practices, March 14th, 2011

The Results Management and Accountability chapter has been updated with the revised anti-fraud policy which now replaces the UNDP fraud policy statement of August 2005 and brings, in one place, currently dispersed policies and practices.

5. Version 4 of Internal Control Framework, July 15th, 2010

Version 4 of Internal Control Framework policy now can be accessed through the Results Management and Accountability chapter. The updated version incorporates 1) new introduction to encapsulate the attributes and components of internal control as is best practice, taking full consideration of all existing control processes in UNDP. The new introduction follows more closely the COSO internal control model, and is therefore very broad in its coverage of administrative and programmatic areas. 2) The Operational Guide of the ICF, to better reflect its level of detail.

4. Branding UNDP's Policy Work: Corporate templates for UNDP knowledge products, August 24th, 2009

On 22 July, the Operations Group endorsed a list of standard templates for knowledge products in order to professionalize the look of UNDP knowledge products and ensure that key audiences know what to look for and what to expect.  Knowledge products are grouped under three categories - development policy, development practice, and advocacy. By providing practical guidance on "how to" produce UNDP knowledge products, the aim is to establish a recognizable series of UNDP products with improved quality, consistency, and relevance.

The full menu of on-line templates will be completed and available for application in the fourth quarter of 2009.

BDP is now in the process of hiring a design house to develop a common design for each template so we can reduce the need to repeatedly hire designers as well as improve recognition of UNDP's brand. All the designed templates will then be available to all staff through the intranet (including in the Communications Toolkit) in the same way as the Fast Facts template is now available.

3. Guidelines for managing the risks of engagement with military/defense forces, July 21st, 2009

On 3 June 2009, the Operation Group approved the revised version of guidelines for managing the risks of engagement with military/defense forces. The guidelines: Include a definition of military/defense forces; Are mandatory for engagement with military/defense forces, optional for engagement with police, customs, etc. Apply to all country settings: post-conflict or not. Apply to situations where UNDP is involved programmatically and/or the local administrative agent; Include a check on United Nations sanctions; Refer to OECD guidelines. The guidelines will be incorporated into the POPP during the third quarter of 2009.

2. Accountability issues in the POPP, June 30th, 2009

While accountability principles run through all programme implementation arrangements, operational activities and performance management regimes, finding the right balance between procedural compliance and flexibility of response can be difficult to achieve.

The recently-approved accountability framework has given further impetus to revision of POPP content to incorporate results managements, accountabilities and risk management perspectives for different development contexts. Share your ideas on how to make the POPP communicate accountabilities better.

1. Business Continuity Management, June 20th, 2009

The aim of the BCM Policy is to protect the interest of UNDP and its internal and external stakeholders by establishing a business-owned and business driven strategic and operational framework, which proactively ensures UNDP's ability to respond appropriately to anticipated risks identified within the context of a corporate risk assessment and unit level risk logs and unexpected disruptive challenges of the future, while maintaining staff safety and security.

Language English | Español | Français
Page Properties
Focal Point