First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Author Archive - Apolone Gentles, JD, CPA,CGA, FCCA, Bsc (Hons)

Apolone Gentles is a CPA,CGA and Ontario lawyer and editor with over 20 years of business experience. She has held senior leadership roles in non-profit organizations, leading finance, human resources, information technology and facilities teams. She has also held senior roles in audit and assurance services at a “Big Four” audit firm. Apolone has also lectured in Auditing, Economics and Business at post-secondary schools. Read more here

Use payroll reports to improve internal controls

Payroll reports, if properly designed, prepared, distributed and reviewed, assist with more than just cost control—they can help to significantly improve several internal controls. Very simply put, internal controls include the activities, processes, policies and procedures which an organization implements to ensure that it meets its objectives.

 

, , , , , , ,

Learn from British Airways’ security breach reporting and notification

British Airways’ experience described in this article underscores that cybersecurity is important, and Canadian entities preparing for mandatory security breach reporting and notification coming into force soon can take lessons from British Airways’ response to a security breach.

 

, , , , , , , , , , ,

Overarching limit on the collection, use and disclosure of personal information

A key takeaway for organizations is that it is not enough to comply with other provisions in PIPEDA, for example, obtaining meaningful consent. Organizations must still show that their purposes for collecting, using or disclosing personal information are those that a reasonable person would consider appropriate in the circumstances.

 

, , , ,

Upcoming deadlines and changes for charities and other not-for-profits

Charities and not-for-profit organizations need to be aware of some upcoming changes to rules and laws.

 

, , , ,

Collective agreement, not software, drives employee entitlements

Organizations must carefully and proactively determine user requirements and document them with great specificity when designing or evaluating software options to manage payroll and benefits within their companies.

 

, , , , , , , , , , , , , , , , ,

Improve internal controls over fixed assets (Part 2)

A failure to satisfy proper cut-off, completeness, existence, accuracy and ownership are common problems arising from weak or non-existent fixed asset policies. The overarching approach to satisfying these issues is to design and implement internal controls in proper policies and procedures.

 

, , , , , , , , , , , , , , , , , , , ,

Improve internal controls over fixed assets (Part 1)

Many organizations face challenges with recording and physically safeguarding fixed assets. Organizations must also meet disclosure and other requirements when they prepare audited or other financial statements, corporate tax returns (applicable to for-profit organizations) and T3010 Registered Charity Information Returns (applicable to charitable organizations). Accounting processes and procedures must facilitate these activities.

 

A step-by-step guide to creating a cybersecurity plan

The first step is easily accomplished by reviewing a few definitions. The second step is trickier. The third step may involve a lot of work, but you can start with six straightforward steps.

 

, , , , , , , , , , , , ,

Employee forfeits $115,000.00 in bonuses by resigning; active employment clause valid

A bonus policy may state that employees who are eligible for bonuses must also be actively employed to receive their bonus payments. That is, employers may institute an “active employment clause”. Courts will uphold valid active employment clauses, as demonstrated by Bois v. MD Physician Services Inc., 2017 ONCA 857 (CanLII). MD Physician Services Inc. […]

 

, , , , , ,

Phishing losses exceed $224,000.00 after insurer denies coverage

In August 2010, someone called The Brick’s accounts payable (AP) department, pretending to be from Toshiba Canada. The caller said he was new to Toshiba and needed some payment details. The Brick employee faxed the payment information to the number which the caller provided.

 

, , , , , , , , , , ,

Not-for-profits need a plan to determine whether to take a stand or policy position

Not-for-profits should continuously assess current and emerging issues to determine whether to take a stand or policy position. Emerging issues may be strategically important to the organization and are often time-sensitive; the opportunity to take a stand on an issue may be fleeting because attention may soon be re-directed to something new. Not-for-profits will need […]

 

, , , , , , , , , , , , ,

Mitigate the risks associated with IT systems acquisition

Any organization which acquires IT systems must do so carefully. Among other reasons, systems may be costly, they may be critical to business operations, and they may create significant risks (for example a risk of security breaches). The following suggestions will help to mitigate some of the risks associated with IT systems acquisition:

 

, , , , , , , , , , ,

Social impact bonds – investing in communities

Social Impact Bonds (SIBs) are an innovative way for organizations to practice Socially Responsible Investing (SRI). Canada joins other jurisdictions like the United Kingdom, the United States and Australia, in investing in SIBs.

 

, , , , , , , , , , , , , , ,

Canada Revenue Agency (CRA) updates for charities and other not-for-profits

Canada Revenue Agency recently released the following updates which are of interest to charities and other not-for-profits.

 

, , , , , , , , , , , , , , , , , , , ,

Processes to support information technology effectiveness reviews

This blog post reminds organizations that they should take the time to conduct information technology effectiveness reviews, to evaluate and improve the IT department’s role in achieving the organization’s goals.

 

, , , , , , , ,

Previous Posts