First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Corporate Administration

Is asking about risk culture the right question?

If you don’t have a consistent attitude towards taking risk among the few members of the executive team, how can you expect to have a consistent attitude among the population of employees and decision-makers?

 

, , ,

Alberta Court of Appeal reaffirms importance of considering factual matrix in contractual interpretation

The rules of contractual interpretation have evolved significantly in the last several years in Canada. At one time, the circumstances surrounding the preparation of a contract were rarely considered by the courts; the courts preferred to look within the “four walls” of the contract to interpret ambiguous phrases or to resolve uncertainties. More recently, however, the courts have begun to consider all of the circumstances involved in the drafting of the contract in order to give meaning to it and to ensure that the intention of the parties is carried out.

 

, ,

Name is psychological safety but my friends call me culture

psychological safety

Psychological safety refers to the climate in which people operate, think and speak. A psychologically safe climate is one in which people feel comfortable being themselves and expressing themselves without the fear of retribution. This concept is directly applicable to the group dynamics of teams trying to spitball the next big thing; however, when we expand this view to our largest corporate group, the employee base, we start to see a lot of overlap with a true speak-up culture.

 

, , , , , , , ,

Mitigate the risks associated with IT systems acquisition

Any organization which acquires IT systems must do so carefully. Among other reasons, systems may be costly, they may be critical to business operations, and they may create significant risks (for example a risk of security breaches). The following suggestions will help to mitigate some of the risks associated with IT systems acquisition:

 

, , , , , , , , , , ,

Is it about managing risk?

Managing risk absent the context of your objectives leads you to manage what may be irrelevant and miss what may be crucial.

 

, , , ,

Bill 141 – Proposed amendments to the Act respecting the Autorité des marchés financiers with regard to whistleblowing

Following the example of the Ontario Securities Commission, the Authority implemented a whistleblower program in June 2016. Contrary to Ontario, Quebec’s program does not give financial awards to whistleblowers, but it does guarantee a framework that ensures confidentiality and protects whistleblowers against reprisals. However, no legislative amendment guaranteeing these protections has been introduced until now.

 

, , , , , ,

Getting risk management right

In this commentary on a recent article by Doug Anderson, an advisor on behalf of the IIA on the COSO ERM update project, examples are provided on getting risk management right.

 

, , , , ,

Should you adopt the updated COSO ERM Framework? My assessment

It has been 13 years since the original COSO ERM Framework and eight years since ISO 31000:2009 was published. The updated COSO ERM Framework was an opportunity for COSO to “leap forward”. But did it?

 

, , , , , , , ,

How well did COSO address comments on the ERM draft?

My impression is that COSO only tinkered with the draft. But, have they done enough to move practices forward, in the right direction? Will this update change the percentage of executives answering the piercing question by Deloitte, “Does risk management support, at a high level, the ability to develop and execute business strategies”, up from 13% close to 80%?

 

, , , , , ,

No priority for pension claims in Wabush CCAA

Wabush is a welcome decision for third-party lenders to companies with defined benefit pension plans, and employers who sponsor defined benefit pension plans who may have had issues in accessing capital as a result of the SCC decision in Indalex.

 

, , , , ,

Which are the best principles for effective risk management?

I will let you decide which is the best set of principles: which is clearer in setting expectations for the effective management of risk and which is better as a basis for assessing the maturity of risk management.

 

, , , ,

Is the COSO ERM update a success or failure?

Recently, COSO published an update to their 2004 ERM Framework. The product, retitled Enterprise Risk Management: Integrating with Strategy and Performance, is available from the AICPA or IIA.

 

, , , , ,

The root compliance problem: Shadow process

Sometimes I revisit my compliance roots in the world of Sarbanes-Oxley – a place much more concerned with financial reporting than corporate ethics and culture, I know. Yet lessons from one group that can help the other still abound.

 

, , , , , ,

Small business corporate tax rate reduction 2018

The government news release announcing the reduction in the small business corporate income tax rate did not address whether there would be corresponding changes to the dividend gross-up or non-eligible dividend tax credit rate.

 

, , , , , , , , , , , ,

Shareholders have fundamental right to call meetings, Ontario appeal court rules

Court limits ability to refuse a proposal based on “personal grievance” exemption… The Court gave some considerations on the shareholders fundamental right to call meetings, on how to differentiate between “personal grievances” that are not properly matters for a shareholder meeting, and the business and affairs of the company, which are proper matters.

 

, , , , , , , , , ,

Previous Posts