First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Network, Systems and Data Security

Talking about software for GRC

The Open Compliance and Ethics Group (OCEG) recently published the 2019 OCEG GRC Technology Strategy Report.

 

, , , , , , ,

SWIFT publishes cybersecurity counterparty risk guidelines

On February 15, 2019, the Society for Worldwide Interbank Financial Telecommunication (“SWIFT”) published guidelines for assessing cybersecurity counterparty risk for financial institutions (the “Guidelines”).

 

, , , , , ,

Hyperventilating about cyber – Part 2

Is the level of concern about cyber merited? Should organizations and individuals be as worried about the possibility and consequences of a breach as they are advised by the consultants, information security pundits, and in news reports?

 

, , , ,

Hyperventilating about cyber – Part I

It’s hard to see a survey these days that doesn’t include cyber as one of the top risks faced by organizations around the world. But should it be?

 

, , ,

Fintech regulatory developments: 2018 year in review

2018 proved to be another busy year for Fintech in Canada, with a number of notable and anticipated regulatory developments. We look back to summarize some of 2018’s most notable Fintech-related developments in Canada, and developments to watch for in 2019.

 

, , , ,

Making intelligent decisions that consider cyber risk

Should the paradigm be changed from managing a list of cyber risks to helping the organization’s leaders take the right level of risk and manage the business for success?

 

, , ,

Transforming risk management in 2019 and beyond

The consideration of risk is integrated into the setting and then the execution of strategies through daily decisions.

 

, ,

Department of Finance Canada issues consultation paper on open banking

On January 11, 2019, the Department of Finance Canada released a consultation paper seeking the views of Canadians on the potential benefits and risks of an open banking system.

 

, , ,

Stop managing and start taking risk

Success in business is taking the right level of the right risks. It all comes down to helping leaders make informed and intelligent decisions.

 

, , , , ,

People still don’t know how to assess cyber risk!

Why do the consultants keep advising management and the boards to consider cyber risk as if it is separate from all other business risks?

 

, , , , , ,

Top 10 most-read Inside Internal Controls posts for 2018

This year on the Inside Internal Controls blog we’ve been covering some of the hot topics in internal controls, governance, information technology, not-for-profit, and business management.

 

, , , , ,

Who takes cyber risk?

Who is taking cyber risk? Is it the board and top management who are deciding how much scarce resource to invest in breach prevention, detection and response? Or is it the business leaders whose initiatives are damaged or worse should there be a security incident?

 

, ,

Security breach notification and reporting requirements are now in force under Canada’s PIPEDA

Canada’s long-awaited federal private-sector data breach notification and reporting requirements came into force on November 1, 2018.

 

, , , , ,

UK government guidance on risk and cyber: the very good and the very bad

The National Cyber Security Center (NCSC) is a part of the UK’s Government Communications Headquarters (GCHQ). If you are like me, you may have only heard about GCHQ in an unflattering context, that of working with US intelligence agencies to spy on foreign heads of state and hack foreign agencies.

 

, ,

Ten considerations for a cybersecurity incident response plan

If you ask a group of cybersecurity experts what should be included in a Cybersecurity Incident Response Plan (“CIRP”), you will get a wide variety of answers. Happily, many of those answers contain similar themes including these ten important considerations your organization should be aware of when creating and managing a CIRP.

 

, , , , ,

Previous Posts