First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Corporate Administration

Which way is the true Agile?

When I started this article, I was looking for a catchy, colorful image to depict the “Agile Methodology”. After about 30 minutes, I started to realize that my fruitless search was actually confirming the entire basis of my article; that Agile is now being used as just another catchphrase or gimmick to convey that a project is up to date on the latest and greatest in newer methodologies for IT transformation. However, I hope to show you that Agile is more than just a trendy process and is also not “new” per se, despite how on-trend its adoption is in today’s business automation projects.

 

, , , , , , ,

CEOs are not idiots when it comes to risk management

If you consider the small number of organizations where risk management is considered as providing a strategic advantage, one of these alternatives must be true:

 

, , , ,

If risk management is the answer, what is the question?

We need to stop coming up with new words and phrases when all we need to address is the effectiveness of management. So stop talking about ERM, IRM, or even objective assurance, and start thinking about how to obtain reasonable assurance that the management of the organization, including how it sets objectives and makes related execution decisions, is effective.

 

, , , , , , ,

How to draft exclusive vs. non-exclusive jurisdiction clauses

Learn why you need to review your contracts and advocacy practices with Not-for-Profit PolicyPro

Non-exclusive jurisdiction clauses identify a jurisdiction that the parties agree may hear their disputes but accept that, in the appropriate circumstances, courts in other jurisdictions may have jurisdiction over a dispute.

 

, , ,

Scratching the surface on Facebook and its problems

​Facebook Data Exposure Offers Critical Lesson for Internal Auditors makes some good points, including:

 

, , , , , , ,

Sports and recreation: Risk mitigation and occupiers’ liability

In Ontario, the occupiers’ duties towards people who access their premises is governed by the Occupiers’ Liability Act (“OLA”). The OLA defines an “occupier” as:

 

, ,

Time (again and still) for the IIA Standards to be correct

Internal audit can assist management by facilitating a fraud risk assessment. Management should make the decision both on the level of risk and whether it is acceptable. Internal audit can provide their opinion and advice on both.

 

, , , , , , , , ,

Decision-making and the practitioner

McKinsey has shared three articles with insights into effective decision-making.

 

, , ,

The corporate identification doctrine clarified through an intervention in the Supreme Court of Canada

A corporation is of course an abstract entity. It is a legal person, but can only act through human beings. Certain causes of action, such as fraud or knowing assistance of a breach of trust, have a knowledge requirement: the defendant can only be held liable if he or she – or it, in the case of a corporation – has knowledge of certain facts. How can a corporation be held liable for having certain knowledge if it has no brain to possess that knowledge?

 

, , , , ,

The Financial Services Regulatory Authority of Ontario

Effective June 8, 2019, the Ontario government launched the Financial Services Regulatory Authority of Ontario (FSRA), which is a new independent and self-funded regulator of financial services and pensions that is intended to help reduce regulatory burden, among other things.

 

, , , ,

Update on the promotion of cannabis on social media

Almost six months after our first article on the Promotion of Cannabis on Social Media was originally published, federal licence holders have now received further guidance from Health Canada regarding the regulatory prohibitions on the promotion of cannabis, cannabis accessories, and cannabis-related services in an online context.

 

, , , , ,

New reports on the cost and incidence of cyber breaches

A cyber breach can affect an organization in many ways, from trivial to devastating. There is a range of potential effects, each with its own likelihood.

 

, , , , , , ,

Interjurisdictional road carriers – Registration under the Greenhouse Gas Pollution Pricing Act

On April 1, 2019, the Greenhouse Gas Pollution Pricing Act came into force in Manitoba, New Brunswick, Ontario and Saskatchewan, and it will come into force on July 1, 2019 for each of Nunavut and the Yukon.

 

, , , , ,

How often should you assess risk?

I recently listened to a new video by my friend, Alex Sidorenko. In How often [should] the risk assessments be performed, he makes some solid points, including:

 

, , ,

Previous Posts