First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Software Acquisition, Implementation and Maintenance

Ensure secure disposal of hardware

Organizations often make the mistake of considering the disposal of hardware only when they are ready to discard equipment, if at all. Instead, they should plan for hardware disposal throughout the entire systems development lifecycle, from acquisition and testing through to operations.

 

, , , , , , , , , , , , ,

Talking about software for GRC

The Open Compliance and Ethics Group (OCEG) recently published the 2019 OCEG GRC Technology Strategy Report.

 

, , , , , , ,

Department of Finance Canada issues consultation paper on open banking

On January 11, 2019, the Department of Finance Canada released a consultation paper seeking the views of Canadians on the potential benefits and risks of an open banking system.

 

, , ,

Contractual considerations in robotic process automation and artificial intelligence outsourcing

RPA and AI technologies can be a game-changer for your organization from a commercial perspective, but procuring those technologies and managing the new risk landscape requires a fundamental shift in mindset vis-à-vis a traditional outsourcing contract.

 

, , , , , ,

We’re at a tipping point for third-party risk management

If indeed creating a culture of ethics, integrity and respect is the top objective of more than two-thirds of organizations, we could start seeing the results very soon when it comes to a new wave of investing in third-party systems.

 

, , ,

Collective agreement, not software, drives employee entitlements

Organizations must carefully and proactively determine user requirements and document them with great specificity when designing or evaluating software options to manage payroll and benefits within their companies.

 

, , , , , , , , , , , , , , , , ,

Improve internal controls over fixed assets (Part 2)

A failure to satisfy proper cut-off, completeness, existence, accuracy and ownership are common problems arising from weak or non-existent fixed asset policies. The overarching approach to satisfying these issues is to design and implement internal controls in proper policies and procedures.

 

, , , , , , , , , , , , , , , , , , , ,

Talking sense about technology risk and cyber

You have to have sponsorship from the CEO and throughout the company to really understand and diagnose IT risks, data security risks and business risks, and then prioritize them.

 

, , , ,

Improve internal controls over fixed assets (Part 1)

Many organizations face challenges with recording and physically safeguarding fixed assets. Organizations must also meet disclosure and other requirements when they prepare audited or other financial statements, corporate tax returns (applicable to for-profit organizations) and T3010 Registered Charity Information Returns (applicable to charitable organizations). Accounting processes and procedures must facilitate these activities.

 

A step-by-step guide to creating a cybersecurity plan

The first step is easily accomplished by reviewing a few definitions. The second step is trickier. The third step may involve a lot of work, but you can start with six straightforward steps.

 

, , , , , , , , , , , , ,

Artificial intelligence: The year in review

The regulatory landscape impacting AI continues to evolve both domestically and abroad. As we begin the new year, we pause to reflect on some of 2017’s most notable developments in AI and prepare for new trends to watch out for in 2018.

 

, , , , ,

Risk and game theory

game theory

The Cuban Missile Crisis is frequently cited as an example of the use of Game Theory. I am talking about the situation confronting the Kennedy government when they found that the USSR had installed missiles in Cuba that were capable of hitting American cities with nuclear weapons. Here is a link to a summary of […]

 

, , , , , , , , , , , , , , ,

Mitigate the risks associated with IT systems acquisition

Any organization which acquires IT systems must do so carefully. Among other reasons, systems may be costly, they may be critical to business operations, and they may create significant risks (for example a risk of security breaches). The following suggestions will help to mitigate some of the risks associated with IT systems acquisition:

 

, , , , , , , , , , ,

Getting risk management right

In this commentary on a recent article by Doug Anderson, an advisor on behalf of the IIA on the COSO ERM update project, examples are provided on getting risk management right.

 

, , , , ,

Survival of the fittest: How can technology help small businesses thrive?

Canada’s failure rate for small and medium sized businesses is staggeringly high. Around one half of small and medium sized businesses survive past five years, while 15% don’t last a year. Today’s smaller businesses face a daunting task. The complexities of today’s market have created new risks, and myriad laws and regulations that can overwhelm just about any sized business.

 

, , ,

Previous Posts