1. Obtain an independent view before a dispute forces one on you
Every organization develops blind spots. HR may know how the rules are applied in practice. Legal may know how they should be interpreted. Management may know what it wants the rules to achieve. Staff representatives may know where the rules are creating friction. None of these perspectives is neutral on its own.
An audit creates an independent map of the rulebook and of the risks hidden in it. It asks basic but often uncomfortable questions: who has authority to decide, whether that authority is properly delegated, whether the same terms are used consistently, whether time limits are realistic and enforceable, whether the rules describe actual practice, whether staff members and managers can understand the process without legal assistance, and whether the organization could defend the process before an appeal board or administrative tribunal.
This matters because international civil service law is not limited to what is written in the staff rules. Across the administrative tribunals serving international organizations, staff disputes are generally assessed not only against the organization’s written regulatory framework, but also against general principles of international civil service law and international administrative law. Silence in the rules therefore does not always mean absence of obligation.
Practical audit result: a short risk map identifying the provisions most likely to generate disputes, inconsistent practice or tribunal criticism.
2. Remove contradictions, gaps and obsolete rules
Staff rules usually grow in layers. A staff regulation is amended. An administrative instruction is added. A policy is adopted after an incident. A circular is issued to clarify the policy. A template or FAQ then becomes the real rule in daily practice.
Over time, the rulebook can become difficult to navigate. The problem is not only length. The problem is hierarchy and coherence. A staff member, manager or tribunal should be able to see which instrument prevails, which rule applies, who may decide and what procedure must be followed.
Recent institutional practice shows that this is not a theoretical concern. In the 2024 edition of the United Nations Staff Regulations and Rules, editorial changes were approved to simplify and streamline the text, improve clarity, improve user-friendliness and eliminate duplication. The same update also added a new regulation on employment and accessibility for staff members with disabilities. That is a useful example of what regular maintenance should achieve: not just new rules, but clearer rules.
A coherence audit should test the hierarchy between constituent instruments, staff regulations, staff rules, administrative instructions, policies, manuals and templates. It should also test whether later policies silently contradict earlier rules, whether key terms are used consistently, whether exceptions are clear and approved by the right authority, and whether obsolete provisions still appear in the rulebook.
Practical audit result: a hierarchy chart and a conflict table showing which provisions should be amended, merged, repealed or elevated to a higher legal instrument.
3. Staff rules must provide answers, not just principles
A rule that is legally elegant but operationally unusable will fail. Staff rules should not require managers to guess the next step, invent a form, ask three departments for approval, or rely on institutional memory.
Good staff rules answer four practical questions: who acts, by when, on what evidence and with what remedy. These questions should be answerable from the rulebook itself.
This is especially important in high-risk areas such as recruitment, probation, performance management, disciplinary measures, harassment complaints, remote work, medical leave, abolition of post, separation, whistleblower protection and internal appeals.
An audit should therefore review both wording and workflow. The question is not only whether a provision is legally valid. The question is whether it can be applied consistently on a difficult day, by a busy manager, under time pressure, with a staff member who may later challenge the decision.
The OECD’s 2024 Anti-Corruption and Integrity Outlook makes the same governance point in a broader public-sector context: rules and frameworks often exist on paper, but implementation gaps remain. Effective internal control and risk management reduce vulnerabilities to fraud and corruption, yet internal audit is still not always used to its full potential as a governance tool.
Practical audit result: simplified process maps for the most important staff-life-cycle decisions, including deadlines, responsible actors, required documents, decision templates and appeal routes.
4. Keep the rules up to date in line with today’s legal standards
Staff rules that were adequate ten years ago may no longer meet today’s expectations. International organizations are facing new or intensified risks in several areas.
First, harassment and workplace-conduct rules must be modern, accessible and trauma-informed. ILO Convention No. 190 was adopted in 2019 as the first international treaty recognising the right of everyone to a world of work free from violence and harassment, including gender-based violence and harassment. Within the UN system, the Chief Executives Board has developed a common understanding of a victim-centred approach to sexual harassment, emphasizing dignity, protection against retaliation, confidentiality, informed consent, support and prevention.
Second, data protection can no longer be treated as an IT issue only. The UN Personal Data Protection and Privacy Principles aim to harmonise standards across the UN system, facilitate accountable processing of personal data and ensure respect for privacy and fundamental freedoms. Staff rules should therefore address personnel files, access rights, retention periods, investigation data, medical information, monitoring tools, data breaches and publication of decisions.
Third, artificial intelligence is becoming relevant to HR decisions. The OECD AI Principles, updated in 2024, promote trustworthy AI that respects human rights and democratic values, including privacy, non-discrimination, fairness and internationally recognised labour rights. The EU AI Act also identifies the risk that AI systems may unfairly disadvantage individuals, including in hiring and employment contexts. Even where an international organization is not directly subject to a particular domestic or EU regime, these standards are increasingly relevant benchmarks for responsible governance.
Fourth, integrity and whistleblower rules must be practical. Staff must know where to report, what protection exists, how retaliation is assessed and how confidentiality is preserved. Managers must know what they may and may not do after a protected disclosure.
Fifth, staff rules should be in line with the size and complexity of the organization. A small international organization with only a limited number of staff members, for example three researchers and one administrative officer, does not require the same level of procedural detail, delegation structure or internal review mechanisms as a large organization with several departments, decentralized offices and complex reporting lines. The rules must be sufficiently robust to ensure legality, transparency and due process, but they should not become so heavy that they paralyse daily management or create unnecessary administrative burdens.
Practical audit result: a modernization gap list covering harassment, retaliation, data protection, AI, accessibility, hybrid work, investigations and duty of care, all in line with the size and complexity of the organization.
5. Ensure that dispute mechanisms work and meet internal justice standards
For international organizations, internal justice is not optional. Privileges and immunities protect the independence of the organization, but they also increase the importance of credible internal remedies.
The access-to-justice standard is becoming more concrete. In 2024, the UN Human Rights Committee considered a staff dispute involving the Asian Development Bank. The Committee recalled that international organizations enjoy functional immunity, but also stated that such immunity is not intended to prevent staff access to justice through internal grievance mechanisms or, alternatively, national courts. The Committee further stated that organizations should provide reasonable alternative means of dispute resolution for labour disputes with staff. The Committee ultimately found no violation on the facts, but the reasoning is important: an organization should be able to demonstrate that its internal justice system is not theoretical, arbitrary or illusory.
The broader practice of administrative tribunals serving international organizations points in the same practical direction. Once an organization has created an internal review or appeal procedure, that procedure must be real, accessible and applied as written. In disciplinary and other high-impact cases, basic due-process safeguards – notice, the right to be heard, impartial review, proper evidence and reasoned decisions – should be built into the rules rather than improvised when a dispute arises.
This is why an audit should not only review the wording of appeal provisions. It should test whether the remedies are accessible, independent, timely and trusted. A recent advisory review of the Global Fund’s internal justice mechanisms used exactly that type of practical lens: design, delivery, experience, awareness and perception. The review considered clarity, robustness, trustworthiness and accessibility, and used process mapping, interviews, benchmarking and expert analysis.
Practical audit result: a remedies assessment covering informal resolution, management review, investigation, disciplinary process, internal appeal, external tribunal access, confidentiality, legal assistance, equality of arms, reasoned decisions and implementation of outcomes.
***
Audit today
As a law firm with vast experience assisting international organizations worldwide, we see a staff-rules audit as a practical legal and HR exercise. It should not produce a long academic memo. It should give the organization a clear answer to four questions: what is unclear, what is outdated, what is legally risky and what should be changed first.
In our experience, a structured audit has become an indispensable part of good governance. For well-governed international organizations, a full review at least once every decade is a prudent minimum, with earlier targeted reviews after a reorganization, a tribunal judgment, an important internal appeal, a serious complaint, a new workplace risk or a significant change in HR practice.
The reason is simple: staff rules age. They may still reflect the organization’s mandate, but no longer reflect current expectations of international civil service law, international administrative-law principles and responsible HR management. Modern staff regulations should now deal clearly with issues such as whistleblowing, protection against retaliation, harassment and workplace conduct, data protection, disability inclusion, hybrid work, investigations, duty of care and the responsible use of technology in HR processes.
Why an audit is almost always external
Internal audits are often triggered by one negative experience and are conducted by people who, however competent, may be influenced by internal habits, sensitivities or agendas. An external legal expert is expected to bring independence, distance and comparative experience, and can assess whether the staff rules are in line with the practice of other international organizations, the case law of administrative tribunals and current best-practice standards. That external benchmark is what makes the audit valuable: not merely as a reaction to a problem, but as a preventive governance exercise.
Keep the methodology simple
The method most often used is deliberately practical:
1. Define the scope: the full regulatory framework or a focused review of one risk area, such as discipline, harassment, recruitment, restructuring, remote work or internal appeals.
2. Collect the rulebook: constituent instruments, headquarters agreements, staff regulations, staff rules, administrative instructions, codes of conduct, HR policies, delegations of authority, templates, internal-justice decisions and relevant tribunal case law.
3. Map hierarchy and conflicts: which instrument prevails, where the gaps are, which provisions are obsolete and where daily practice relies on guidance that was never properly adopted.
4. Test real HR scenarios: recruitment, probation, performance, leave, complaints, investigations, discipline, restructuring, separation and appeals.
5. Translate findings into action: ranked legal risks, proposed wording, responsible decision-makers, timing, communication and training.
The end product should be an implementation document, not a theoretical review. In practice, we usually deliver a short executive summary, a hierarchy and conflict table, a risk-ranked gap analysis, proposed amendments, process maps, model decision templates and a timetable for adoption.
The report should be concrete. It should not merely say: ‘clarify the disciplinary procedure’. It should identify the article, the problem, the recommended wording, the approval route and the HR and legal steps required to make the change work.
Conclusion
Auditing staff rules is no longer a luxury exercise. It is a best-practice governance tool for any international organization that wants to protect its independence, improve trust, prevent disputes and ensure that managers can apply the rules consistently.
International organizations should not wait for an appeal board, administrative tribunal or crisis to reveal gaps in their rules. A periodic staff-rules audit helps them remain legally defensible, operationally workable and aligned with current expectations.
That is the value of a good audit: fewer ambiguities, fewer contradictions, stronger safeguards and a clearer path from rule to decision to remedy.
—
Bert Theeuwes is a Belgian lawyer and partner at Monard Law, where he heads the international civil service law practice. He is an expert with more than 25 years of experience advising international organizations worldwide on staff regulations, internal governance, employment-related disputes and best-practice compliance. His work focuses on helping international organizations align their internal rules with administrative-tribunal case law, modern HR standards and the practical realities of international public administration.
