First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Leadership and Management

Sports and recreation: Risk mitigation and occupiers’ liability

In Ontario, the occupiers’ duties towards people who access their premises is governed by the Occupiers’ Liability Act (“OLA”). The OLA defines an “occupier” as:

 

, ,

OECD principles on artificial intelligence released

On May 22, 2019, the Organization for Economic Cooperation and Development (OECD) approved the OECD Recommendation on Artificial Intelligence.

 

, , ,

Time (again and still) for the IIA Standards to be correct

Internal audit can assist management by facilitating a fraud risk assessment. Management should make the decision both on the level of risk and whether it is acceptable. Internal audit can provide their opinion and advice on both.

 

, , , , , , , , ,

5 key FAQs about Canadian cannabis company “key investor” disclosure requirements

It’s key that all stakeholders clearly understand the Cannabis Regulations’ key investor disclosure obligations to avoid surprises and to ensure compliance. Here are the answers to five key frequently asked questions about cannabis companies’ “key investor” disclosure requirements.

 

, , , , , , ,

Effective monitoring of internal controls is critical

If the most serious internal control violation is a failure to implement internal controls in the first place, the failure to monitor existing internal controls is a close contender. Identify where in the organization effective monitoring occurs and leverage those successes.

 

, , , , , , , , , , , ,

Decision-making and the practitioner

McKinsey has shared three articles with insights into effective decision-making.

 

, , ,

The corporate identification doctrine clarified through an intervention in the Supreme Court of Canada

A corporation is of course an abstract entity. It is a legal person, but can only act through human beings. Certain causes of action, such as fraud or knowing assistance of a breach of trust, have a knowledge requirement: the defendant can only be held liable if he or she – or it, in the case of a corporation – has knowledge of certain facts. How can a corporation be held liable for having certain knowledge if it has no brain to possess that knowledge?

 

, , , , ,

New reports on the cost and incidence of cyber breaches

A cyber breach can affect an organization in many ways, from trivial to devastating. There is a range of potential effects, each with its own likelihood.

 

, , , , , , ,

Canadian government announces new Digital Charter

On May 21, 2019, the Honourable Navdeep Bains, Minister of Innovation, Science and Economic Development, announced the introduction of Canada’s new Digital Charter. This blog post summarizes the highlights of Minister Bains’ announcement and the principles of the Digital Charter.

 

, , , , , , ,

Do your expectations align with reality — Why compliance training needs more attention

For many years, organizations paid minimal attention to ethics and compliance training. Training was done by someone who had another important job to do on the ethics and compliance team. It was seen as a check-the-box exercise, and employees felt the brunt of that approach.

 

, , ,

How often should you assess risk?

I recently listened to a new video by my friend, Alex Sidorenko. In How often [should] the risk assessments be performed, he makes some solid points, including:

 

, , ,

New Environmental Emergency Regulations

The new Environmental Emergency Regulations apply to a responsible person that owns or has the charge, management or control of any of the 249 listed hazardous substances located at any fixed land-based facility in Canada.

 

, , ,

A board that would fail any test of its governance practices

I am planning a meeting with the CRO from a company during which I had planned to share some of the principles of effective risk management, based on what is considered world-class, and the governance of risk management by the board.

 

, , , , , , ,

Not-for-profit boards need a succession plan for their CEOs/EDs

Notwithstanding the vast differences between for-profit and not-for-profit entities, both need succession plans to quickly and effectively replace CEOs/EDs, whether the departure is planned or abrupt.

 

, , , , , , , , , ,

Previous Posts