Office of Audit

WHO relies on a global network of human and financial resources in order to achieve its overall mission of health for all. This network depends on streamlined processes across governance groups and the workforce to ensure that risks are identified and managed, and programmes are operating economically and sustainably.

To achieve this, the Office of Audit conducts internal audits, which are independent, objective assurance and advisory activities designed to add value and improve the Organization’s operations. These audits use a systematic, disciplined approach to evaluating and improving the effectiveness of governance, risk management and control processes within WHO.

The Office of Audit conducts different types of internal audits, including integrated, and operational and information technology.
 

Integrated audits

Integrated audits assess the performance of WHO at country level, as well as the performance of a department/division at a regional office or headquarters. These audits also focus on risks to areas and functions, including the organizational setting, the programmatic and operational processes, and the achievement of results. They also assess WHO’s readiness and response to Health Emergencies in accordance with the updated Emergency Response Framework performance standards.

Integrated audits include specific tests related to the integration of equity, gender, human rights and social determinants in the work of the audited entity, fostering compliance with the requirements of the United Nations System-wide Action Plan on Gender Equality and the Empowerment of Women.
 

Operational and information technology audits

These audits assess the risk management and control processes in the finance, administration and information technology areas, with respect to the integrity of financial and managerial information. They also assess the efficiency and economy in the use of resources (including value for money); compliance with WHO regulations, policies and procedures; and the safeguarding of assets.
 

Other services

The Office of Audit may provide advisory services, as detailed in IOS’s mandate, participating in “reviewing draft policies, guidance, systems and work processes”, however without decision-making authority.
 

Audit standards

IOS’s Internal audits are conducted in accordance with the International Standards for the Professional Practice of Internal Auditing and the Code of Ethics established by the Institute of Internal Auditors (IIA), and relevant practices promulgated by the United Nations Representatives of Internal Audit Services (UNRIAS).

For more information on internal audits conducted by IOS, please visit our page on frequently asked questions.