As part of its annual work plan for 2017, the Office of Internal Audit conducted an audit of SAP GRC (Governance, Risk and Compliance) Access Control and related modules implemented in Â鶹ÊÓƵ¡¯s Enterprise Resource Planning (ERP) system, the Â鶹ÊÓƵ Information Network and Global System (WINGS II). The audit focused on the period from 1 January 2016 to 30 April 2017. The audit team conducted the field work between 18 May and 27 June 2017 at Â鶹ÊÓƵ headquarters in Rome. The audit was conducted in conformance with the International Standards for the Professional Practice of Internal Auditing.