First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

2011

IT compliance dictionary – yes!

Maybe this will help directors get up to speed on IT. If you want to know the meanings of tech terms like WEP, WPA, kernel,malware, trojan, sniffing, MIME, deployment strategy, server,implementation and just about any other IT term you can think of, then check it out.

 

, , , , ,

Is it time for directors to take responsibility for IT governance and strategy?

The International Organization for Standardization (ISO) thinks so. It has developed ISO 38500 to complement COBIT and ITIL, comparing the standards to the roof, walls and foundation of a house…

 

, , , , , , , , , , ,

Laws not enough to stop fraud

A recent US survey finds that “Business losses due to fraud increased 20% in the last 12 months, from $1.4 million to $1.7 million per billion dollars of sales. … 88% of the respondents reported being victims of corporate fraud over the past 12 months.” Does this worry you?

 

, , , , , , ,

Canada’s anti-spam law: it’s getting closer every day

The latest info from Industry Canada has the new anti-spam legislation coming into force in early 2012. The consultation period is over, and the government will now finalize the regulations that organizations will have to follow.

 

, , , , , , , , , , , , , ,

Sustainable business frameworks

Recently, I wrote about the concept of shared value, a business strategy under which organizations consider the needs of their communities alongside those of their shareholders, in order to improve conditions for business (and communities where they operate) and maximize profit. What a crazy idea, right? Healthier communities mean more profitable businesses? So crazy it just might work.

 

, , , , , , ,

Can customers be encouraged to read privacy policies?

When was the last time you read a privacy policy? I use dozens of online services—email, social networking, data storage, banking, photos, shopping, etc.—and I’ve only skimmed a couple. What does this mean for the companies that offer these services? Can they reasonably say that they have informed their users of the content of their policies, if most users simply click “Okay” without bothering to read the things?

 

, , , , , , , , , , , , , , ,

The hyperlink case – a licence to defame?

In Crookes v. Newman, Mr. Crookes sued Mr. Newman for online defamation because of hyperlinks that Mr. Newman had placed in articles he published online. The hyperlinks, when clicked, took the readers to websites that contained statements that Mr. Crookes claimed were defamatory of him. Mr. Crookes lost at trial and on appeal and took his case all the way to the Supreme Court of Canada.

 

, , , , , ,

IFRS transitioners take note!

The Ontario Securities Commission has reviewed many Ontario issuers’ International Financial Reporting Standards financial reports and found them lacking in key respects. Based on first quarter 2011 IFRS filings, the OSC found three main deficiencies…

 

, , , , , , , , , , , , ,

Third time the charm for copyright reform?

The last copyright amendments in Canada happened in 1997, long, long before copyright piracy entered the mainstream. Now, the Conservative government will make its third attempt to update the law. Will this be their lucky time? The current bill is essentially the same as the previous effort, Bill C-32, which was thwarted after its second reading when the government fell earlier this year on a non-confidence motion. The newly elected government promised to reintroduce the amendments and pass them in short order, and here we are.

 

, , , , , , , , , , , , , , , , , , ,

First Reference author and collaborator Jeffrey Sherman named Fellow of the Institute of Chartered Accountants

Jeffrey D. Sherman is the lead author of all four volumes of First Reference’s Internal Controls Library: Finance and Accounting PolicyPro (including Operations and Marketing PolicyPro), Information Technology PolicyPro and Not-for-Profit PolicyPro. While we knew our internal control publications were in good hands before, we don’t mind saying we’re especially proud to have Jeffrey’s name on them now.

 

, , , , , , , , , , , ,

Personal information online: new tools, old responsibilities

Sometimes, technology creates new ways to exploit information faster than the law and business can keep up. The Office of the Privacy Commissioner of Canada is trying to make sure that doesn’t happen in the case of behavioural advertising. Last year, the Privacy Commissioner conducted consultations on the new ways that organizations are collecting and using customers’ personal information, and prepared its Report on the 2010 Office of the Privacy Commissioner of Canada’s Consultations on Online Tracking, Profiling and Targeting, and Cloud Computing.

 

, , , , , , , , , ,

New rules arriving soon for non-profits in federal jurisdiction, Ontario

You not-for-profit organizations and charities out there probably remember that, in the not-too-distant past, the federal and Ontario governments enacted new laws governing the activities of NFPs. Well, some expect these laws to come into force within the next six months. That’s sooner than you probably think.

 

, , , , ,

And now an update on HST transitions!

If you’ve been following the story of Quebec’s efforts to harmonize its sales tax (the QST) with the federal Goods and Services Tax, you probably know that it took a bit longer than expected, besides the 19 previous years of semi-harmonization during which nothing really happened. The federal government and the province originally set a deadline of September 15 to reach a deal, but they subsequently extended the period, and as of Friday, the deed is done—kind of.

 

, , , , , , , , ,

Do you offer ‘paperless receipts’?

If you do, you should make sure you understand the privacy and personal information implications. CTV reports that some Canadian retailers are now offering their customers an “e-receipt”, which they can receive by email or access at dedicated websites. Sure, it’s a “green” option, and maybe more convenient for customers who want to track their purchases, but it requires the customer to provide an email address, which might allow retailers to “learn a lot about a customer’s preferences and buying habits”.

 

, , , , , , , , , , , ,

Charities and compliance agreements: know what you’re signing!

Charities know they’ve got strict rules to follow, and they know there are stiff penalties for non-compliance. They should also know that the Charities Directorate and the Canada Revenue Agency will work with organizations to help them maintain their charitable status, if necessary through a compliance agreement which both the CRA and the charity accept.

 

, , , ,

Previous Posts