Registry Audit

• Self-audit: registries conduct their own, internal audits to determine if processes and procedures are being complied with, and make adjustments if necessary.
• Self-report: registries will be asked to update their Registry Profile on an annual basis and return it to the ICTRP Secretariat. This form will be used by the Secretariat to monitor continued compliance with ICTRP criteria.
• Site visit: a small audit team will visit a registry and examine all processes and procedures.
  1. Audits are required for all new Primary and Partner Registries and for Primary Registries who are having a major change in their structure or their operating procedures.
  2. Audits will be conducted in the same fashion for all registries in the WHO Registry Network.
  3. The Primary Registry will cover the cost of one person from the audit team. These costs include travel and accommodation costs.
  4. The audit will be on average for one full working day for each registry divided equally between the administrative and the information technology (IT) functions. The IT audit should include a visit to the data centre. If the data centre is not in the same location, the ICTRP auditor should be informed at least a week before the audit date, and the registry will organize a separate site visit to the data centre location.
  5. An audit sheet will be sent to the registry and it is expected to be completed and returned to the ICTRP at least one week before the audit date. This sheet will help with preparing the audit.
  6. After the audit, a report will be established and sent with the audit sheet and other documentation to the ICTRP Advisory Group for the final review.
  7. An audit is typically valid for a period of five years.