Internal Audit of Security and Controls in WFP's Windows Active Directory - August 2016 - Report not publicly disclosed under the Policy for disclosure of oversight reports - WFP/EB.2/2012/4-A/1)

As part of its annual work plan for 2016, the Office of Internal Audit conducted an audit of the security and controls in WFP’s Windows Active Directory (AD). The audit covered the period from 1 June 2015 to 31 May 2016. The audit team conducted the field work between 8 June and 22 July at WFP headquarters in Rome. The audit was conducted in accordance with the International Standards for the Professional Practice of Internal Auditing.