Examining Audit, Oversight Committee Functions, Fifth Committee Considers Value of Cloud Computing amid Rapid Changes in United Nations Work Environment

GA/AB/4353
9 March 2020
Seventy-fourth Session, 24th Meeting (AM)

Examining Audit, Oversight Committee Functions, Fifth Committee Considers Value of Cloud Computing amid Rapid Changes in United Nations Work Environment

The Fifth Committee (Administrative and Budgetary) today examined how audit and oversight bodies are functioning across the United Nations organizations, while also weighing the benefits and risks of using cloud computing across these entities.

“We are witnessing the rapid pace of change across the work environments of the United Nations system,” said Aicha Afifi, Inspector of the Joint Inspection Unit, as she introduced the body’s report assessing audit and oversight committees of 18 United Nations entities, including the Secretariat, funds and programmes, and specialized agencies.  The report outlines several good practices to ensure that audit and oversight committees are independent, report to both the legislative body and executive head, and have terms of reference with clearly defined membership criteria and provisions for periodic review.  It also contains seven recommendations, of which six involve updates to the terms of reference, and the first four are to be implemented by the end of 2021.

Noting that five participating organizations have not established an independent audit and oversight committee, she pointed out that the performance of most committees is not externally reviewed periodically, and there are no formal indicators against which to assess their performance.

Simona Petrova, Director of the Secretariat and Secretary of the United Nations System Chief Executives Board for Coordination (CEB), said that the United Nations entities appreciated that the report highlighted good practices and provided insight into the structure and operation of audit and oversight committees, concurring with the Inspector’s view that the review was not intended to propose a “one-size-fits-all” model, as the needs of each individual entity vary in size, funding and mandate.

Guyana’s delegate, speaking on behalf of the “Group of 77” developing countries and China, said that the Group is interested in finding out if the Unit’s recommendations are feasible, given that the 18 audit and oversight committees all have specific needs and characteristics.

The speaker from the Republic of Korea expressed a concern that one third of those bodies do not meet international standards, adding that, when assessing the committees, caution is required so that their independence is not compromised.

Turning to the use of cloud computing, Jorge Flores Callejas, Inspector of the Joint Inspection Unit, noted that United Nations organizations enjoy many benefits from such technology, including that service providers allow organizations to have multiple around-the-clock backup and support locations worldwide.  However, he warned that increasing global Internet use also increases the threat of cybercrime, data infiltration and other forms of cyberattacks.  The study found that United Nations organizations are especially attractive targets, he said, noting that, before undertaking a modernization project based on cloud computing, the existing infrastructure must be updated and stabilized.  Similarly, the possibility of creating a private cloud should be examined.

Ms. Petrova said that the United Nations entities concurred with the Inspector’s views that cloud computing offers the opportunity to manage information and communications technology service delivery with more agility, improved business continuity and security, all at a reduced cost.  However, each organization’s business case and adoption strategy must be explicitly designed to meet all four aims, or risk not receiving the full benefits of cloud adoption.

Guyana’s delegate, speaking again for the Group of 77, expressed support for the Unit’s call to implement a more balanced approach to potential benefits of the cloud — such as cost reduction, simplification and flexibility — while considering associated risks to data confidentiality.

The Fifth Committee will reconvene at 10 a.m., on Wednesday, 11 March, to discuss strengthening accountability in the United Nations Secretariat, as well as amendments to the Staff Regulations and Rules.

Joint Inspection Unit

AICHA AFIFI, Inspector, Joint Inspection Unit, introduced the body’s report, titled “Review of Audit and Oversight Committees in the United Nations System” (document JIU/REP/2019/6) transmitted by the Secretary-General’s note (document A/74/670).  She said that the relevance of the review derives from the recognition that audit and oversight committees have as independent expert advisory bodies which provide objective advice and recommendations on various aspects of an organization’s governance, risk management and internal control processes.  This is the first report exclusively focused on audit and oversight committees.  Their role in the United Nations system organizations has developed and grown considerably over the past decade.  The aim was to determine whether such committees are adequately established and serving their purpose as envisaged in their terms of reference, assess any deviation from accepted standards and principles, and identify good practices and lessons learned that could be shared across the system.

Highlighting key findings, she said that the content and quality of the committees’ terms of reference have markedly improved, while there is a wide variance among the 18 audit and oversight committees assessed, in terms of responsibilities, scope, size, resources, capacities and degrees and levels of independence.  The report also found that, in five organizations, the audit and oversight committee answers directly to the governing body, while it reports to both the governing body and the executive head in six other organizations.  In five organizations, it reports only to the executive head.  While the terms of reference of most committees include references to geographical and gender balance requirements, only two have provisions for adequate balance of representation from developed and developing countries.  Five participating organizations have not established an independent audit oversight committee.  The performance of most committees is not externally reviewed periodically, and there are no formal indicators against which to assess their performance.

The report outlines several good practices to ensure that audit and oversight committees are independent, report to both the legislative body and executive head, and have terms of reference with clearly defined membership criteria and provisions for periodic review, she said.  The report contains seven recommendations, of which six involve updates to the terms of reference, and the first four are to be implemented by the end of 2021.  “We are witnessing the rapid pace of change across the work environments of the United Nations system,” she said, emphasizing the need for regular review of terms of reference, as even the best of its kind will be rendered obsolete in short order.

SIMONA PETROVA, Director of the Secretariat and Secretary of the United Nations System Chief Executives Board for Coordination (CEB), introduced the related note by the Secretary-General (document A/74/670/Add.1) transmitting his and CEB members’ comments.  She said that the organizations across the United Nations system appreciated that the report highlighted good practices and provided insight into the structure and operation of audit and oversight committees, concurring with the Inspector’s view that the review was not intended to propose a “one-size-fits-all” model, as the needs of each individual entity vary in size, funding and mandate.  Organizations underscored that the review and advice provided by the audit and oversight committees is valuable regardless of whether the committee reports to their legislative body, executive head or both.  Organizations in which the audit and oversight committees have been designated by the legislative and/or governing bodies to serve as an advisory instrument to the executive head found that the proposed recommendations’ wording is not actionable.

MEGAYLA AUSTIN (Guyana), speaking on behalf of the “Group of 77” developing countries and China, said that the reports introduced today are closely related to the review of the efficiency of the administrative and financial functioning of the United Nations accountability system.  The Group appreciates the Joint Inspection Unit’s work, including the analysis of issues of cross‑cutting nature.  The Group looks forward to interacting with the Unit and CEB regarding this report that, for the first time, solely covers the audit and oversight committees in the United Nations Secretariat, the funds and programmes, the specialized agencies and the International Atomic Energy Agency (IAEA).

She said that the Group believes that many findings in the Unit’s previous oversight-related reports still hold true and the Organization can always benefit from re-examining them.  The Group is pleased that both the Unit and CEB acknowledge good practices and lessons learned are not intended to be applied under the “one-size-fits-all” approach.  The 18 audit and oversight committees all have specific needs and characteristics.  The Group looks forward to learning more about the particulars of these audit and oversight committees and is interested in finding out if the recommendations are feasible.

JISUN JUN (Republic of Korea) attached great importance to the first comprehensive analysis of audit and oversight committees in the United Nations system.  Although considerable progress has been noted by the report, it is concerning that one third of those bodies do not meet international standards.  Caution is required to assess the committees so that their independence is not compromised, she said, adding that her delegation will engage constructively in discussions on this agenda item.

JORGE FLORES CALLEJAS, Inspector, Joint Inspection Unit, introduced its report titled “Managing cloud computing services in the United Nations system” (document JIU/REP/2019/5) transmitted by the Secretary-General’s note (document A/74/691).  He noted that United Nations organizations worldwide experience many benefits in qualitative terms of the widely shared nature of cloud computing, including continuity of service, high volume, wide availability of resources and overlap of systems. Multiple data centres of cloud service providers allow organizations to have multiple backup and support locations worldwide, 24 hours a day, 7 days a week.

Profitability is another attraction of cloud computing, with clients sharing resources and discussing economies of scale, he said.  Clients hope for better management of information technology systems, while the use of public cloud computing eliminates the need for capital investment in equipment, computer programmes and associated network infrastructure.  However, increasing global Internet use also brings the rising threat of cybercrime, data infiltration and other forms of cyberattacks, with the study also unfortunately finding that United Nations organizations are especially attractive targets.  He therefore noted that, before undertaking a modernization project based on cloud computing, the existing infrastructure must be updated and stabilized.  Similarly, the possibility of creating a private cloud should be examined.  The report makes five recommendations, he stated, including one to strengthen the Management Committee of the United Nations International Computing Centre.

Ms. PETROVA introduced the related note by the Secretary-General (document A/74/691/Add.1) transmitting his comments and those of CEB.  Organizations of the United Nations system concurred with the Inspectors’ views that cloud computing offers the opportunity to manage information and communications technology service delivery with more agility, improved business continuity and security, all at a reduced cost, she said.  However, the Inspectors found each organization’s business case and adoption strategy needs to be explicitly designed to meet all four objectives, or risk not receiving the full benefits of cloud adoption.  Several organizations identified the need for synergy and consistency in leveraging and sharing common experience and policies.

Ms. AUSTIN (Guyana), speaking again for the Group of 77, acknowledged that cloud computing use has grown considerably over the past decade, with almost all United Nations organizations reviewed by the Joint Inspection Unit already using a variety of those services including email, hosting public website recruitment and collaboration tools.  While cloud use engenders many benefits including cost reduction, simplification and flexibility, it also comes with risks related to data confidentiality, as well as safeguarding the organizations’ privileges and immunities.  She expressed support for the Unit’s call to implement a more balanced approach to potential benefits of the cloud while considering associated risks.  The Group is carefully examining the report’s recommendations to maximize the potential of the United Nations International Computing Centre.

For information media. Not an official record.