An audit is the examination of a specific aspect of an organization, ideally by someone independent of that organization. The purpose of an audit is to provide independent assurance that an organization’s management, governance and processes are operating effectively, and that any associated assets are being properly and professionally managed.
An audit is the process of gathering and discussing information from multiple and diverse sources in order to develop a deep understanding of the current situation. An audit is also a systematic and independent examination of various documents of an organization to ascertain how far any statements being made present a true and fair view of the reality. An audit is the process of checking that the way an organization presents information about its position is true and fair.
The rationale for conducting a trade secret audit
Although trade secrets have been the neglected step-child of IP, this is slowly but surely changing for a variety of reasons:
- Law changes (DTSA in USA; EU Directive on Trade Secret in Europe; Anti Unfair Competition Law in China)
- Increased trade secret litigation particularly involving US companies but not exclusively so
- Growing interest in trade secrets by the tax authorities (e.g. OECD BEPS Guideliens,Patent Box Tax Regimes including trade secrets as qualifying IP)
- Cyber criminals trying to steal trade secrets
- Companies embracing Open Innovation and sharing trade secrets with one another
- Pending trade wars which some link to trade secret theft
Trade secrets are a very important part of any IP portfolio. It is no exaggeration to say that virtually every business possesses trade secrets, regardless of whether the business is small, medium or large. Trade secrets are an important, but oftentimes an invisible component of a company’s IP portfolio of assets. However, trade secrets can also be the crown jewels within the portfolio.
The starting point
For smaller organizations, the audit may be conducted across the entire organization in one go. However, for larger organizations, it makes sense to divide the trade secret audit into smaller parts rather than trying to audit the entire organization in one go.
A smart approach for conducting a trade secret audit is to begin in one area of the organization, conduct the audit there and learn from that exercise before expanding outward to other functions. There are several good options about where to start, and the selection depends on the needs of the company involved.
A company could start with a business unit, or a particular product line, or its R&D lab, or the marketing department, or its manufacturing function. If there is a section of the company that is believed to contain valuable trade secrets then the company may decide to start there.
Alternatively, a company could start with a particular class or category of trade secrets. For example, given the rise of open innovation, a company could start by enumerating those trade secrets that have been entrusted to third parties. These are often viewed as the most vulnerable trade secrets.
There are a number of ways to intelligently select a good starting point. Some of the factors are company specific, of course.
Our typical approach when conducting an IP audit exercise
We have conducted a number of IP audit exercises for clients. We typically divide such projects into the following phases:
- Planning phase – A comprehensive plan is discussed and agreed with the client
- Communication phase – Details of the project are communicated to those impacted
- Interviews of key individuals phase – A series of interviews of key individuals are conducted
- Data gathering phase – Various trade secret related documents are gathered from the client – including those specific to trade secrets (e.g. trade secret policy, process description, protection mechanisms, etc.) and those whose connection may not be immediately obvious but is in fact fundamental (e.g., key employment agreements, HR policies, IT policies, etc.)
- Data analysis phase – All of the data gathered from the interviews conducted as well as the documents gathered is analyzed
- Reporting phase – A report on the findings as well as recommendations is prepared and presented to the client
- Wrap-up phase – Any outstanding issues on the project are addressed
The components of a trade secret audit
I suggest that there are three component parts to a proper and professional trade secret audit, namely:
- Audit of the trade secret policies & procedures
- Audit of the trade secret portfolio
- Audit of the associated costs & valuations
The purpose of the first part of the audit is to sanity check if the corporate trade secret policy, procedures, processes and systems, education and governance are robust and fit for purpose and if not what enhancements need to be made.
The purpose of the second part of the audit is to examine each trade secret and the associated metadata, and determine if the trade secret warrants still being maintained as a trade secret, and if so, does it still meet the criteria to be defined as a trade secret. In order to conduct this part of the audit, having trade secret metadata is key. Trade secret metadata summarizes basic information about the trade secret, which can make finding and working with this unique form of IP much easier.
In the third part of the audit, the focus is on the costs and valuation of the trade secrets. However, it goes beyond this and should for example address any tax related issues.
Technology to support the audit:
I designed and developed, both for my own consultancy company as well as for IPEG, a very creative and innovation trade secret asset management solution. This technology enables a trade secret audit to be conducted much more efficiently and effectively as a result.
Our solution is like an online library catalog system, a register of all bibliographic items (including author’s name, book title, and even approximate location) found in a library. The catalog is organized and indexed so that you can search by a variety of fields/indexes. Putting it simply we rely on library catalogs to know what is available, and where.
The same applies to Trade Secret Asset Management. With the passage of the Defend Trade Secrets Act in the US back in May 2016, the EU Directive on Trade Secrets due to be enacted by EU member states by 9 June 2018, and OECD BEPS guidelines including trade secrets as one form of intangible asset, this is now becoming an important aspect of intellectual property management. Trade secret metadata summarizes information about the trade secret, which can make finding and working with this unique form of IP much easier.
Having such a trade secret asset management solution supports our trade secret audit process in numerous ways, such as:
- It gives tremendous structure to our audit process
- It allows data gathered during the audit exercise to be logged efficiently and effectively
- It assists greatly in the data analysis phase of the audit
- It enables much insightful reports to be generated
- As the emphasis is on trade secret metadata rather than the trade secrets themselves, it allows the secrecy of such information to be maintained
You typically get what you measure. It is therefore crucial that a trade secret audit is conducted from time to time. Companies generally gain tremendous value by taking a proactive, systematic approach to assessing their trade secrets in a comprehensive manner as described above. A proper trade secret audit should involve the right people with business, technical and legal skills and competencies, knowledge and experience, given the unique nature of IP.
The findings of any trade secret IP audit should be reported to and discussed with senior management in the organization, given that trade secrets may be the most valuable assets the organization possesses.
Donal O’Connell is IPEG consultant and developed a trade secret management tool for companies as well as for Legal & IP Firms to help with the management of these important but fragile assets. Donal also is a speaker at the Workshop Trade Secrets Deep Dive (Conference Centre High Tech Campus, Eindhoven, Netherlands) to be held on Friday September 2018. For program, click here. Registration: www.ipegconsultancy.com/tradesecrets