Internal Audit and Oversight Division

Internal Audit Section

Internal Audit Strategy 2012-2015

Internal Audit Strategy 2012-2015

TABLE OF CONTENTS PAGE 1. BACKGROUND 2. THE PURPOSE OF THE INTERNAL AUDIT STRATEGY 3. STRATEGIC OBJECTIVES OF INTERNAL AUDIT SECTION 4. AUDIT PLANNING PROCESS 5. QUALITY CONTROL AND ASSURANCE 6. REVISION 1 1 1 2 2 2

Internal Audit Strategy 2012-2015

I. 1.

BACKGROUND In 2007, the Internal Audit and Oversight Division (IAOD) developed a strategy document to set out the framework for internal audit activities at the World Intellectual Property Organization (WIPO). After the reorganization that took place within IAOD in 2008, the Audit Strategy has been revised and kept up-to-date by the Internal Audit Section (IAS). THE PURPOSE OF THE INTERNAL AUDIT STRATEGY The purpose of the internal audit strategy is to put in place a strategic approach which enables the Internal Audit Section to provide the DG, the Member States and other stakeholders with an independent and objective assessment of the organizations business processes and systems, risk management, control and governance processes. The audit strategy aims to define the priorities of the Internal Audit Section, which are aligned with the WIPOs strategic goals and objectives in order to provide high quality audit services in line with the internationally recognized standards, guidance and other best practice. STRATEGIC OBJECTIVES OF INTERNAL AUDIT SECTION The strategic objectives for the IAS are to increase the value added, through internal audits, to the Organizations structures, systems and processes and improve operational effectiveness and efficiency by: 4.1. Aligning the audit work plans and other oversight activities with the WIPOs Strategic Objectives and Plans; Providing adequate audit coverage of WIPOs strategic business initiatives and high risk areas as determined in the risk assessment exercise; ; each very high risk area should be audited at least once every biennium and each high risk areas should be audited every three years. Improving the quality of audit reports by increasing the use of available information technology tools to gather, analyze and present factual data to further enhance the accuracy, completeness and timeliness of audit reports; Making cost efficient, SMART recommendations that will add value; Cooperating closely with all the oversight bodies at WIPO, i.e. the External Auditor, Independent Advisory Oversight Committee (IAOC) to better coordinate oversight activities with a view to providing effective audit coverage and reducing any overlaps; Communicating effectively with the Senior Management, IAOC, and Internal Audit Customers; Promoting continuous professional education and career development of Internal Audit Staff by well focused job-specific training programs in line with the audit work plans and the career development objectives of staff members;
1

II. 2.

3.

III. 4.

4.2.

4.3.

4.4. 4.5.

4.6.

4.7.

SMART stands for Specific, Measurable, Achievable, Relevant and Time bound

Page 1 of 3

Internal Audit Strategy 2012-2015

4.8.

Providing professional advice on risk management, internal controls and governance issues;

IV. 5.

AUDIT PLANNING PROCESS Risk management relates to how an organization sets objectives, then identifies, analyzes, and responds to those risks that could potentially impact its ability to realize its objectives. The establishment and maintenance of a sound enterprise risk management (ERM) system is the responsibility of Senior Management in an organization which performs risk assessment activities as part of the ordinary course of business. As WIPO has not established an ERM yet, IAS conducts the Audit Needs Assessment (ANA) exercise with a view to assessing the level of audit coverage necessary for all operational areas, priority being given to the areas of high risks. The ANA helps determine the full amount of audit resources the IAOD should have to carry out effectively its mandate and links the resource requirements to the Audit Work Plans. Based on the ANA, the IAS prepares risk-based audit work plans which define the audits and other significant oversight activities to be undertaken in each year of the biennium. The audit plans are revised as necessary on an annual basis to take account of any relevant changes to WIPOs strategic objectives, organizational structure, business systems and processes. In preparing and revising audit work plans, input provided by the IAOC, External Auditor and the WIPO Management are duly taken into account. A diagram of the audit planning process is shown below. Audit Work Planning Process WIPOs Strategic Objectives

6.

Oversight Charter Audit Strategy

Audit Universe & Risk Assessment

Audit Needs Assessment (ANA)

Biennial Audit Work Plan

ANA not covered reported & Risk Acceptance by the DG

V. 7.

QUALITY CONTROL and ASSURANCE It is the strategic aim of Internal Audit to follow the procedures for Quality Assurance set out by the IIA and to have an external quality review in every five years and a self assessment exercise every year in accordance with the quality self assessment guidance and the Internal Audit Capability Model for the public sector organizations (IA-CM), developed by the IIA. This document is restructured to make sure that it is of appropriately positioned to set out the framework of internal audit activities at WIPO until 2015. REVISION

8.

VI.

The Internal Audit Strategy is subject to review at least once every three years, or sooner if need Page 2 of 3

Internal Audit Strategy 2012-2015

be, to ensure that internal audit work plans are aligned with WIPOs strategic business plans and objectives and audit resources are allocated effectively and efficiently to maximize the value added to the Organization by providing reasonable assurance on the risk management, system of internal controls and governance at WIPO.

Page 3 of 3