First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Corporate Governance

Canada moves forward with a remediation agreement regime

It is likely that many organizations will choose to enter into a remediation agreement with the hope of obtaining a stay of the charges and avoiding the risk of a lengthy prosecution and subsequent criminal conviction.

 

, , , ,

Good decisions take time and more

Do risk, governance, and audit practitioners consider the problem of decisions where insufficient time was taken to obtain the necessary information, consult with all affected parties, and THINK about the options?

 

, , , ,

Why are SOX compliance costs increasing so much?

From a recent survey by Protiviti, the information on how many organizations had to issue a cyber-security disclosure is interesting. Apparently, this generally resulted in an increase on SOX compliance hours – although the reason for a significant increase is not clear.

 

, , , , ,

Learn from British Airways’ security breach reporting and notification

British Airways’ experience described in this article underscores that cybersecurity is important, and Canadian entities preparing for mandatory security breach reporting and notification coming into force soon can take lessons from British Airways’ response to a security breach.

 

, , , , , , , , , , ,

Talking about inherent and residual risk

Are organizations unnecessarily risk averse? That can be crippling in many ways, including slowing agility and decision-making as well as failing to take advantage of opportunities.

 

, , ,

The “Weinstein Clause” may mark a new era of social due diligence

To gauge the civility of an organization’s culture, adequate policies and training are not enough. The behavior and accountability of top leadership play a key role. You can’t delegate ethics. And it seems the “Weinstein Clause” indicates that boards are finally beginning to understand that.

 

, , , , , , , , , ,

What you need to know about the July 2018 amendments to the Ontario Construction Lien Act

On July 1, 2018, the first round of amendments to the Ontario Construction Lien Act – including its new name, the Construction Act – came into force.

 

, , ,

The Crown pierces the corporate veil: Court imposes liability on individual for fines imposed against a corporate defendant

An Ontario Court has revolutionized the law with respect to whether an individual can be held personally liable for fines imposed against the corporation for breaches of regulatory legislation.

 

, ,

Cannabis regulations: Health Canada’s solution to support the Cannabis Act

The Cannabis Act will provide a comprehensive national framework for restricted access to regulated cannabis and control its production, distribution, sale, importation, exportation and possession. Within that framework, new sets of regulations were published on July 11, 2018, that spell out the rules and standards for authorized cannabis production, distribution, sale, importation and exportation among other things.

 

, , , , , , ,

The most important question is WHY

Too often, people do things without asking themselves why they are doing them. It may be because that is what they have always done, what somebody told them to do, or because they read about it in a book or standard.

 

, , , ,

Is there an ROI for investing in cyber or information security?

IS ROI on cyber really as high as it may seem at first glance? At some point, it may be better to consider cyber risk as a “cost of doing business”. If you can’t actually reduce the likelihood of a breach, can you at least increase the likelihood of prompt detection and response?

 

, , , , , ,

Casinos, cards and counter-strike: A brief overview of skin gambling in Canada and abroad

In recent years, the gaming industry has seen the rise of so-called “skin gambling” websites. Critics have been quick to raise red flags, citing the need for profound regulation and protective measures shielding children from such platforms. This bulletin explores the practice of skin gambling, including regulatory responses in Quebec and the rest of the world.

 

, , , , , , , , , , , ,

The role of internal audit in risk management

If we are stressing that risk management is really all about effective, informed and intelligent decision-making, shouldn’t internal audit start focusing on the quality of decision-making processes?

 

, , ,

Plastic bag bans

Communities such as the City of Victoria recently enacted a bylaw prohibiting businesses from providing single-use plastic bags to customers and otherwise charging a fee for paper and reusable bags.

 

, , ,

What is an internal control, really?

What is a control, at an abstract level: what is it supposed to achieve, and how is it supposed to operate within an organization?

 

, , ,

Previous Posts