Author Archive - Jeffrey Sherman
Jeffrey D. Sherman, BComm, MBA, CIM, FCA, is a director or CFO of several public companies and has had over 20 years of executive management experience. He is the author of Finance and Accounting PolicyPro, Not-for-Profit PolicyPro and Information Technology PolicyPro (guides to governance, procedures and internal control, all published by First Reference and the CPA). Read more
August 4, 2015 Jeffrey Sherman Backup and Disaster Planning, Business and Legal Issues, E-Commerce, IT, Privacy and Security, Network, Systems and Data Security, Sales, Marketing and Operations, Systems and Data Management
Backup and disaster planning should be evaluated as part of an organization’s overall risk management process. There are two elements to disaster planning…
business continuity, business continuity planning, critical business processes, disaster planning team, disaster recovery plan, disaster recovery team, Information technology recovery planning, IT recovery planning, risk management
July 6, 2015 Jeffrey Sherman Accounting Systems and Controls, Business and Legal Issues, Corporate Administration, Corporate Administration and Legal Matters, Corporate Governance, Finance and Accounting, Financial Management, Fraud and Corruption, Not for Profit, Records Management and Retention
A good ongoing banking relationship is very valuable, but it is useful to review offerings from other banks from time to time. In particular, enterprises with unusual needs.
account reconciliation, accounting, accounting records, anti-fraud controls, bank reconciliation, bank transactions, banking, banking contacts, board resolutions, credit, internal control deficiencies, loans, operating accounts, shareholder guarantees
April 6, 2015 Jeffrey Sherman Accounting Systems and Controls, Budgeting and Auditing, Finance and Accounting
Insufficient data analysis is often caused by too much information, not too little. A few well chosen statistics that highlight critical trends and pinpoint areas that require follow-up may be much more useful…
analyzing financial information, cost of goods sold, data analysis, fapp, Finance and Accounting PolicyPro, financial data, financial metrics, financial statistics, financial trends, gross margin, gross sales, net sales, operating profit, sales, selling and administrative expense, selling expense ratio
March 2, 2015 Jeffrey Sherman Accounting Systems and Controls, Business and Legal Issues, Corporate Administration, Corporate Governance, Environmental Issues, Finance and Accounting, Leadership and Management, Sales, Marketing and Operations
Sustainability is a characteristic of a process or condition that can be maintained at a particular level for an indefinite period. In the context of a corporation or other organization, we can consider sustainability in two broad ways…
business ethics, Control and sustainability, control-based approach, corporate social responsibility, COSO, CSR, environmental social governance, ESG, internal control, Internal Control: Integrated Framework, legal compliance, monitoring, multiple stakeholders, sustainability
February 2, 2015 Jeffrey Sherman Accounting Systems and Controls, Business and Legal Issues, Corporate Administration, Finance and Accounting, Financial Compliance / Planning / Management, IT, Privacy and Security, Leadership and Management, Network, Systems and Data Security, Payroll and Personnel Management, Privacy Compliance and Management, Records Management and Retention, Sales, Marketing and Operations, Systems and Data Management
What are the time limits for those boxes accumulating dust in the archives? Does all backup material need to be kept or just the final product? Who is actually making sure that this happens?
business records, commercial records, contracts, electronic records, Employee records, employment equity records, Employment Insurance Act, employment insurance records, Employment Standards Act, employment standards records, how long to keep business records, Income Tax Act, income tax records, Labour Code, paper records, record keeping, records retention, retaining records, sales contracts, statute of limitation, tax records
January 19, 2015 Jeffrey Sherman Business and Legal Issues, Finance and Accounting, IT, Privacy and Security, Mobile Device Management, Network, Systems and Data Security, Payroll and Personnel Management, Sales, Marketing and Operations, Social Media/Social Networking, Software Acquisition, Implementation and Maintenance, Systems Acquisition, Maintenance and Disposal, Systems and Data Management
Policies can help you manage employees’ and others’ use of company IT resources, and dramatically reduce the potential risk to you and your assets.
acceptable use, Employee computer use, end-user, HR, Human Resources, internet access, IT policies, IT resources, IT risk, IT risk assessment, legal compliance, legal liability, malware, manage IT risks, resource capacity, risk assessment, risk management, unauthorized access
January 5, 2015 Jeffrey Sherman Charities, Corporate Administration and Legal Matters, Financial Management, Not for Profit
It’s a rare not-for-profit that isn’t spending a great deal of its time and attention scrabbling for revenue. In fact, it hardly needs to be said that effective generation and management of revenue flows are almost always critical success factors for not-for-profits.
charitable status, customer records, donations, fees for services, fund development, grant proposals, legal compliance, managing donor relationships, membership base, membership fees, privacy policy, professional certification, revenue controls, sales revenues
September 2, 2014 Jeffrey Sherman Anti-spam, Do-not-Call, Business and Legal Issues, Corporate Administration, Corporate Governance, E-Commerce, IT, Privacy and Security, Privacy Compliance and Management, Sales, Marketing and Operations, Social Media/Social Networking, Systems and Data Management
It should be clear that managing your anti-spam obligations will mean modifying your information technology processes. The CRTC has created comprehensive anti-spam guidelines that demonstrate some of the ways IT will be involved…
anti-spam, auditing, Canada anti-spam legislation, Canadian Radio-television and Telecommunications Commission, CASL, commercial electronic message, complaint-handling, compliance, corrective action, CRTC, CRTC guidelines, Information Technology PolicyPro, ITPP, monitoring, policies and procedures, record keeping, risk assessment, senior management, social media, training, written policy
July 7, 2014 Jeffrey Sherman Business and Legal Issues, Corporate Governance, E-Commerce, Fraud and Corruption, Intellectual Property, IP, IT, Privacy and Security, Mobile Device Management, Network, Systems and Data Security, Privacy Compliance and Management, Sales, Marketing and Operations, Software Acquisition, Implementation and Maintenance, Systems and Data Management
When the environment cannot be controlled, encrypting the data is necessary to protect the data against unwarranted disclosure or unauthorized and undetected modification. Note that the Internet is considered a hostile environment…
business plans, cleint contact, confidential data, controlled environment, decryption, digital signatures, encrypted email, encryption, fraud, hostile environment, relationship information, research results, sensitive enterprise data, spoofing, user access
June 2, 2014 Jeffrey Sherman Accounting Systems and Controls, Accounts payable and receivable, Backup and Disaster Planning, Board of Directors, Process and Responsibilities, Budgeting and Auditing, Business and Legal Issues, Corporate Administration, Corporate Administration and Legal Matters, Corporate Governance, Finance and Accounting, Financial Compliance / Planning / Management, Financial Management, Fraud and Corruption, IT, Privacy and Security, Network, Systems and Data Security, Not for Profit, Payroll and Personnel Management, Records Management and Retention, Systems and Data Management
Anti-fraud controls mainly apply to the general area of accounting (purchasing, revenue, payroll, banking and treasury, inventory, assets, etc.), but they will also involve many specific areas of operations, such as sales, payments, expenses, receivables, travel, suppliers, taxes, promotions and much more.
anti-fraud controls, COSO, employee fraud, external fraud, fapp, Finance and Accounting PolicyPro, fraud, fraud and misconduct, fraud risk, fraudulent reporting, internal fraud, legal compliance, managing risk, record keeping, risk management
May 5, 2014 Jeffrey Sherman Accounting Systems and Controls, Business and Legal Issues, Corporate Administration, Corporate Administration and Legal Matters, Corporate Governance, Finance and Accounting, Fraud and Corruption, Leadership and Management, Not for Profit
In COSO’s updated Internal Control – Integrated Framework, one of the 17 principles they present is that the organization holds individuals accountable for their internal control responsibilities in the pursuit of objectives. Have you considered how your control system enforces accountability?
accountability, achieving objectives, authorities, board of directors, corrective action, COSO, disciplinary action, ethical conduct, evaluating performance, excessive pressures, holding individuals accountable, ICIF, Internal Control: Integrated Framework, Internal Controls, legal compliance, performance evaluation, performance incentives, performance measures, performance rewards, points of focus, responsibilities, responsible business conduct, standards of conduct, structures
April 7, 2014 Jeffrey Sherman Accounting Systems and Controls, Budgeting and Auditing, Business and Legal Issues, Corporate Governance, Finance and Accounting, Financial Compliance / Planning / Management, Income Tax Planning / Tax Schedules / Remittances, Records Management and Retention
In many small and even medium-sized companies, financial reporting during the year does not include all of the adjustments made at the year-end (often in connection with the audit or review of the annual financial statements by an independent professional accountant).
Accounting Standards for Private Enterprises, ASPE, bad debt, bonuses, capital leases, depreciation expenses, dividends, fapp, Finance and Accounting PolicyPro, financial statements, GAAP, generally accepted accounting principles, interest expenses, inventory overhead, long-term debt, missing adjustments, royalties, sales overhead, tax returns, total net income, warranty reserves, write-offs, year-end adjustments
March 3, 2014 Jeffrey Sherman Backup and Disaster Planning, Business and Legal Issues, Corporate Administration, Corporate Governance, IT, Privacy and Security, Network, Systems and Data Security, Privacy Compliance and Management, Sales, Marketing and Operations, Software Acquisition, Implementation and Maintenance, Systems Acquisition, Maintenance and Disposal, Systems and Data Management
Whenever data leaves the control perimeter of a company, there is a risk that the data will not be protected at the same level of security that is required by company policy. It is essential that data created, stored, manipulated or transmitted by a third party on the company’s behalf be accorded the level of protection that is defined by the company’s standards and policies.
access to data, best practices, contingency planning, contract review, contracts, data control, data managment best practices, data protection, defaults and termination, dispute resolution, insurance, legal compliance, ownership of data, performance measurements, pricing, reputational damage, subcontracting, third-party service providers
February 3, 2014 Jeffrey Sherman Corporate Governance, Finance and Accounting
Over the past half century, a great deal of literature has appeared in Canada and the United States about how to design, document and assess internal controls. First Reference has built upon the most current internal control authorities to provide organizations with practical tools for designing and evaluating controls.
analytical auditing, audits, Canadian Professional Engagement Manual, control design matrix, control procedures, COSO, CPEM, document and evaluate internal controls, evaluating controls, evaluating internal control, external auditors, fapp, Finance and Accounting PolicyPro, formal risk management process, ICIF, Internal Control: Integrated Framework, legal compliance, managing risk, Multilateral Instrument 52-109, PolicyPro, risk, risk assessment, Risk assessment tools for effective internal controls, risk control strategy, risk factors, risk identification, risk management, Sarbanes-Oxley, Sarbanes-Oxley Act
January 6, 2014 Jeffrey Sherman Corporate Governance, Finance and Accounting, Not for Profit, Sales, Marketing and Operations
Registered charities have special concerns when it comes to the legal and administrative application of the Income Tax Act. To maintain charitable status under the Act, a charity must devote substantially all of its resources to charitable purposes and activities—and avoid excessive political activity…
Canada Revenue Agency, charitable donations, charitable donations for political activity, Charitable organizations, charitable status, charity and tax law, charity law, charity reporting, charity rules, CPS-022, CRA, CRA policy statement, CRA requirements for charitable registration, donations to charity, Income Tax Act, legal compliance, limits on political activity, Lobbying, non-charitable activities, non-partisan political activities, not-for-profit policypro, partisan activity, political activity, political advocacy, political purpose, registered charity, Registered Charity Information Return, T3010, T3010 E (13)