First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Competition

My cyber confession

Should we give up auditing information security and the management of cyber risk? Not at all. But we should do so with eyes wide open. We should recognize the limitations of our knowledge, tools and techniques and the likelihood that hackers have new techniques that are unknown both to auditors and management.

 

, , , , , , , , , ,

Supreme Court confirms in R. v. Comeau that provinces can restrict interprovincial trade in beer and other goods

On October 6, 2012, New Brunswick resident Gerard Comeau was stopped by the RCMP at the Quebec/New Brunswick border with 354 bottles or cans of beer and two bottles of whiskey. Mr. Comeau stood accused, under section 134(b) of the Liquor Control Act (New Brunswick), of having in his possession an excessive amount of liquor not purchased from the New Brunswick Liquor Corporation (the “Corporation”). Mr. Comeau challenged the constitutionality of this statutory provision by invoking section 121 of the Constitution Act, 1867.

 

, , , , , , , ,

New GRC guidance from OCEG might be missing a crucial point

GRC is “the integrated collection of capabilities that enable an organization to reliably achieve objectives, address uncertainty and act with integrity”. A new Guide from OCEG, A Practical Guide About GRC Metrics and Measurement, says, a major part of GRC is about “break[ing] down silos between governance, strategy, performance management, risk management, compliance management, internal audit and other departments”.

 

, , , , ,

514-BILLETS gets billed by the CRTC for CASL violations

This case reminds organizations that CASL applies to any form of CEM, even text messages, used to promote products and services, and that the CRTC is actively monitoring and responding to complaints involving different types of CEMs.

 

, , , , , , , , , ,

Reporting on risk to the board

Those charged with reporting on risk to the board and to the executive team should understand what they are trying to achieve, what information they need to be successful and how they can help.

 

, , , , , , ,

Improve internal controls over fixed assets (Part 1)

Many organizations face challenges with recording and physically safeguarding fixed assets. Organizations must also meet disclosure and other requirements when they prepare audited or other financial statements, corporate tax returns (applicable to for-profit organizations) and T3010 Registered Charity Information Returns (applicable to charitable organizations). Accounting processes and procedures must facilitate these activities.

 

Is the goal of risk governance taking boards in the wrong direction?

The board is discharging its responsibilities to ensure stakeholders get the performance they should: value creation as well as (and not just) value protection. The board should make sure the management team is effective in running the organization, and that is not done by focusing on a list of harms. Effective governance of an organization is limited if the board focuses on risks.

 

, , , , , , , ,

10 top ways to be a wildly effective compliance officer

Competition law

To be wildly effective, compliance officers should have a positive working relationship with the other functions in the business, especially Legal, Audit and Human Resources.

 

, , , ,

How to protect trade secrets following the departure of a key employee

Employers must keep in mind the fact that there is a thin line between, on the one hand, confidential information belonging to a company that remains protected by virtue of the duty of loyalty and, on the other hand, the personal knowledge and skills that an employee has acquired throughout the years and is entitled to bring to a competitor.

 

, , , , , , ,

One objective but multiple risks

Some organizations and consultants are wedded to the idea that the level of risk can be quantified and calculated as the magnitude of a potential effect (or consequence) multiplied by its likelihood.

 

, , ,

Competition Act update

The Competition Bureau must generally be given advance notice of proposed transactions when the acquired assets in Canada or revenues generated in or from Canada from such assets exceed C$92 million, and when the combined Canadian assets or revenues in, from or into Canada of the parties together with their respective affiliates exceed C$400 million.

 

, , ,

Ontario ban on door-to-door sales in effect as of March 1st

Door-to-door sales contracts have been among the top complaints received by the Ministry of Government and Consumer Services. Starting March 1, 2018, Ontario has banned unsolicited, door-to-door sales of certain household appliances to better protect consumers from aggressive and misleading contracting at home. This will bring about some changes for some companies business model and marketing strategies.

 

, , , , , , , , , ,

New initiatives to hold companies accountable for human rights violations abroad

On January 17, 2018, the federal government announced two new initiatives to hold Canadian companies doing business and operating abroad accountable for human rights violations abroad.

 

, , , , , , , , , , , ,

An example of game theory in risk management

One of the risks identified by many organizations as significant and included in the risk disclosures required in corporate filings, such as the annual and quarterly filings with the U.S. Securities and Exchange Commission, is the loss of key personnel.

 

, , ,

Risk and game theory

game theory

The Cuban Missile Crisis is frequently cited as an example of the use of Game Theory. I am talking about the situation confronting the Kennedy government when they found that the USSR had installed missiles in Cuba that were capable of hitting American cities with nuclear weapons. Here is a link to a summary of […]

 

, , , , , , , , , , , , , , ,

Previous Posts