Programme and Operations
Policies and Procedures
Search
icon-language English icon-global Locations
Policy Areas

Programme and Project Management

Crisis Response

Financial Resources Management

Human Resources Management

Procurement

Partnerships

Administrative Services

Accountability

Information and Communications Technology

Security

System Acquisition, Development and Maintenance Standards

Effective Date

Nov 15, 2024

Summary of Changes

The Cybersecurity Standard on Cloud Acquisition, Maintenance, and Termination of Cloud Services offers guidelines, security controls and other considerations to securing UNDP data stored on cloud services platforms throughout their lifecycle, from acquisition to maintenance to termination. The objectives of the new standard are to:

  • Protect sensitive data and systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
  • Remain cognizant of data privacy regulations and industry standards.
  • Reduce UNDP’s risk exposure to cloud-related security incidents.
  • Ensure cloud services are appropriately secured and managed throughout their lifecycle.

Cybersecurity Standard on Cloud Acquisition, Maintenance, and Termination of Cloud Services

This document offers guidelines, security controls and other considerations to securing UNDP data stored on cloud services platforms throughout their lifecycle, from acquisition to maintenance to termination. 

Document Type

Guide

Focal Point

Oleksiy Kuzmenko

Effective Date

Nov 15, 2024

Planned Review Date

Nov 15, 2027

Published in:

TTS.3 form: Request for exception to the standard of accommodation for air travel

Document Type

Template

Published in:

Business Continuity Management

Effective Date

Oct 30, 2024

Summary of Changes

The Business Continuity Management policy has been streamlined and updated to:

  1. Align with the UN Organizational Resilience Management System on training requirements.
  2. Clarify the process of conducting Risk Assessment at HQ NY and Offices/Units.
  3. Confirm that sub-offices are included in country office (CO) Business Continuity Plans (BCPs).
  4. Clarify the BCP approval process based on current practice, including the support role of the Management Specialist in BMS.

The Business Continuity Planning procedure and the Business Continuity Management User Guide have been aligned with the updated Business Continuity Management policy.

Security Clearance

Effective Date

Oct 10, 2024

Summary of Changes

The policy has been updated to incorporate language adjustments for clarity and in alignment with existing UNSMS policies and the following updates to the ‘Other travel related information’ section:

  • The ceilings on the maximum number of passengers per commercial flight have been adjusted and Bureau Directors have been added to the line of approval in alignment with the UNDP’s Framework of Accountability for Security policy
  • Approval from the BMS Director will be required for more than 30 personnel on the same commercial flight. 
Subscribe to