First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Network, Systems and Data Security

Making intelligent and informed decisions around cyber

The experts continue to bombard us with their advice, insight, and guidance for addressing cyber.

 

, , , ,

Scratching the surface on Facebook and its problems

​Facebook Data Exposure Offers Critical Lesson for Internal Auditors makes some good points, including:

 

, , , , , , ,

Anti-money laundering considerations in cannabis finance

While the right financing structure can be a critical advantage to any cannabis-related business, it is also important to remember that there are legal considerations involved, including in respect of anti-money laundering (AML) matters.

 

, , ,

Time (again and still) for the IIA Standards to be correct

Internal audit can assist management by facilitating a fraud risk assessment. Management should make the decision both on the level of risk and whether it is acceptable. Internal audit can provide their opinion and advice on both.

 

, , , , , , , , ,

New reports on the cost and incidence of cyber breaches

A cyber breach can affect an organization in many ways, from trivial to devastating. There is a range of potential effects, each with its own likelihood.

 

, , , , , , ,

A board that would fail any test of its governance practices

I am planning a meeting with the CRO from a company during which I had planned to share some of the principles of effective risk management, based on what is considered world-class, and the governance of risk management by the board.

 

, , , , , , ,

Talking about software for GRC

The Open Compliance and Ethics Group (OCEG) recently published the 2019 OCEG GRC Technology Strategy Report.

 

, , , , , , ,

SWIFT publishes cybersecurity counterparty risk guidelines

On February 15, 2019, the Society for Worldwide Interbank Financial Telecommunication (“SWIFT”) published guidelines for assessing cybersecurity counterparty risk for financial institutions (the “Guidelines”).

 

, , , , , ,

Hyperventilating about cyber – Part 2

Is the level of concern about cyber merited? Should organizations and individuals be as worried about the possibility and consequences of a breach as they are advised by the consultants, information security pundits, and in news reports?

 

, , , ,

Hyperventilating about cyber – Part I

It’s hard to see a survey these days that doesn’t include cyber as one of the top risks faced by organizations around the world. But should it be?

 

, , ,

Fintech regulatory developments: 2018 year in review

2018 proved to be another busy year for Fintech in Canada, with a number of notable and anticipated regulatory developments. We look back to summarize some of 2018’s most notable Fintech-related developments in Canada, and developments to watch for in 2019.

 

, , , ,

Making intelligent decisions that consider cyber risk

Should the paradigm be changed from managing a list of cyber risks to helping the organization’s leaders take the right level of risk and manage the business for success?

 

, , ,

Transforming risk management in 2019 and beyond

The consideration of risk is integrated into the setting and then the execution of strategies through daily decisions.

 

, ,

Department of Finance Canada issues consultation paper on open banking

On January 11, 2019, the Department of Finance Canada released a consultation paper seeking the views of Canadians on the potential benefits and risks of an open banking system.

 

, , ,

Stop managing and start taking risk

Success in business is taking the right level of the right risks. It all comes down to helping leaders make informed and intelligent decisions.

 

, , , , ,

Previous Posts