Programme and Operations
Policies and Procedures
Search
icon-language English icon-global Locations
Policy Areas

Programme and Project Management

Crisis Response

Financial Resources Management

Human Resources Management

Procurement

Partnerships

Administrative Services

Accountability

Information and Communications Technology

Security

Framework of Accountability for Security

Effective Date

Nov 22, 2024

Summary of Changes

The policy has been updated to reflect the following changes:

  • The term ‘SFP’ (Security Focal Point) has been updated to ’ACSFP’ (Agency Country Security Focal Point) which is the accurate term for country-specific roles, as the term ‘SFP’ refers to the Director of the Security Office (SO).  
  • In paragraph 36 - a footnote has been eliminated to align with the requirements of the UNSMS (United Nations Security Management System) and of the UNDP Framework of Accountability for Security that assign day-to-day oversight of security to the ACSFP in the absence of a security professional. The elimination of this footnote also aligns with best practices in crisis management and accountability requirements when there are both a security professional and an ACSFP in a duty station.
  • The role ‘LSA’ (Local Security Associate) has been removed from the framework as those posts have been migrated to Country Office Security Associate (COSA) level positions.

The UNDP Security Framework of Accountability (FoA) Explainer is also updated to align with the updated policy and is now available in French and in Spanish. The Framework of Accountability for Security procedure is now available in French and in Spanish.

System Acquisition, Development and Maintenance Standards

Effective Date

Nov 15, 2024

Summary of Changes

The Cybersecurity Standard on Cloud Acquisition, Maintenance, and Termination of Cloud Services offers guidelines, security controls and other considerations to securing UNDP data stored on cloud services platforms throughout their lifecycle, from acquisition to maintenance to termination. The objectives of the new standard are to:

  • Protect sensitive data and systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
  • Remain cognizant of data privacy regulations and industry standards.
  • Reduce UNDP’s risk exposure to cloud-related security incidents.
  • Ensure cloud services are appropriately secured and managed throughout their lifecycle.

Cybersecurity Standard on Cloud Acquisition, Maintenance, and Termination of Cloud Services

This document offers guidelines, security controls and other considerations to securing UNDP data stored on cloud services platforms throughout their lifecycle, from acquisition to maintenance to termination. 

Document Type

Guide

Focal Point

Oleksiy Kuzmenko

Effective Date

Nov 15, 2024

Planned Review Date

Nov 15, 2027

Published in:

TTS.3 form: Request for exception to the standard of accommodation for air travel

Document Type

Template

Published in:

Business Continuity Management

Effective Date

Oct 30, 2024

Summary of Changes

The Business Continuity Management policy has been streamlined and updated to:

  1. Align with the UN Organizational Resilience Management System on training requirements.
  2. Clarify the process of conducting Risk Assessment at HQ NY and Offices/Units.
  3. Confirm that sub-offices are included in country office (CO) Business Continuity Plans (BCPs).
  4. Clarify the BCP approval process based on current practice, including the support role of the Management Specialist in BMS.

The Business Continuity Planning procedure and the Business Continuity Management User Guide have been aligned with the updated Business Continuity Management policy.

Security Clearance

Effective Date

Oct 10, 2024

Summary of Changes

The policy has been updated to incorporate language adjustments for clarity and in alignment with existing UNSMS policies and the following updates to the ‘Other travel related information’ section:

  • The ceilings on the maximum number of passengers per commercial flight have been adjusted and Bureau Directors have been added to the line of approval in alignment with the UNDP’s Framework of Accountability for Security policy
  • Approval from the BMS Director will be required for more than 30 personnel on the same commercial flight. 
Subscribe to