First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Web design and Management

Proposed Nova Scotia accessibility legislation

On November 2, 2016, the government proposed Nova Scotia accessibility legislation to promote equality of opportunity and increase the inclusion and participation of Nova Scotians who have disabilities or functional limitations in all areas of everyday life by promoting and encouraging the prevention, reduction and removal of barriers.

 

, , , , , , ,

Cybersecurity: CSA issues new guidance

Cybersecurity is top of mind for corporate boards and securities regulators alike. On September 27, 2016, the Canadian Securities Administrators (CSA) issued CSA Staff Notice 11-332 – Cyber Security (2016 Notice). The 2016 Notice updates the CSA’s previous notice on the same topic, CSA Staff Notice 11-326 Cyber Security for reporting issuers, registrants and regulated entities.

 

, , , , , ,

Privacy injunctions in the age of the internet and social media

Canadian common law courts are still far behind the English courts which have developed a much more flexible tort of misuse of private information, as well as remedies for breach that include damages to compensate for the loss or diminution of a right to control private information, and now following the PJS case, perhaps also exemplary or punitive damages and an accounting of profits. Surprisingly, Canadian courts have not had to canvass recently whether the English common law tort of misuse of private information should be adopted in Canada.

 

, , , , , , , ,

IP address as personal information: Canadian and EU positions

The Office of the Privacy Commissioner’s findings do not mean that consent to the collection of an IP address is always required. There may be a number of legitimate reasons for collecting this information, including those relating to security of the site. These reasons would not necessarily extend, however, to collection and use of IP addresses for advertising purposes without some form of consent.

 

, , , , , , , , ,

Consulting with Canadians on accessibility legislation

Between July 2016 and February 2017, the federal government is consulting Canadians on planned accessibility legislation. The goal of the law would be to promote equality of opportunity and increase the inclusion and participation of Canadians who have disabilities or functional limitations in all areas of every day life.

 

, , , , , , , , , , , , ,

Survey results: Risk-based internal audit planning

Clearly, the great majority base their audit plan on some combination of (macro) enterprise-level risks and (micro) risks at a lower level of the organization. Somewhat more have weighted their plan towards the micro level than the macro level. So what does this all mean?

 

, , , , , , , ,

Risk and how we run our business

I am going to use a metaphor involving the board game of Monopoly to illustrate how I feel about risk management. The players compete to win by either having more money when the game ends (if there is a time limit) or by being the only one left standing after all the others have gone bankrupt. Let’s imagine our executive team is playing a game against its main competitors.

 

, , , , , ,

Seggie v. Roofdog Games Inc.: Who is the author of videogame software for copyright purposes?

Last December, the Quebec Superior Court issued its decision in Seggie v. Roofdog Games Inc.[1], in which it attempted to clarify the notion of co-authorship (and by implication, copyright ownership) of a videogame. This case marks the first time that the issue of authorship of a videogame was ever considered by a Canadian court (and one of the very few Canadian cases to consider authorship of software more generally).

 

, , , , , , , , , , , , , , , , , ,

The new privacy tort – Another victory for victims of cyberbullying

In the highly-publicized decision of Doe v. N.D., the Ontario court recently granted a victim of cyberbullying significant damages, to compensate her for the serious emotional and reputational harm she suffered in the hands of the defendant.

 

, , , , , , , , , , , , , , , , ,

Test your knowledge of CASL

The current release of Finance and Accounting PolicyPro updates the policy on Canada’s anti-spam legislation (commonly known as “CASL”). Test your knowledge of CASL with the following questions, then review the answers below to see how well you did.

 

, , , , , , , , ,

Phone companies after R v. Rogers: Constitutional guardians or agents of the State?

People love their phones. Phones now accompany us pretty much wherever we go, whatever we do. People use their phones in church, in restaurants, at the theatre, and, apparently, while committing crimes. And our phones are leaving a trail behind us.

Police know this. They also know that records are created every time our phones connect to cell towers to send and receive calls, SMS messages, or data. Every one of those records indicates that a phone (and, implicitly, the person carrying it) was in range of a particular cell tower, at a particular time.
This could be useful information if, say, one wanted to identify the person (or people) responsible for a string of jewelry store robberies.

The method will be familiar to many from movies and T.V. shows: all you need to do is to gather a list of every single person who was near each of the locations of interest at the time of interest and analyze the patterns. And, hey, that cell tower data can provide that list….

But is it legal?

 

, , , , , , , , , , ,

Canadian cyberbullying laws – Where are they now?

In the recent decision of the Nova Scotia Supreme Court of Crouch v Snell, the Court struck the Cyber-Safety Act, finding it to be unconstitutional. Specifically, the Court held that the Cyber-Safety Act violated section 2(b) (freedom of expression) and section 7 (the guarantee of life, liberty and security of the person) of the Charter of Rights and Freedoms. What impact does the Crouch v Snell decision have on the Federal cyberbullying laws?

 

, , , , , , , , , ,

Internal audit and cyber risk

Deloitte has published good work. One of my favorites is their risk-intelligent white paper series. Recently, they released Cybersecurity and the role of internal audit. It has both superior and inferior advice. Let me walk through it.

 

, , , , , , , , , ,

Proposed Ontario changes to accessibility regulations

The Ministry of Economic Development, Employment and Infrastructure has proposed changes to the Customer Service Standard and Integrated Accessibility Standards regulations under the Accessibility for Ontarians with Disabilities Act (AODA). If approved, the changes will be enacted on July 1, 2016, and take immediate effect.

 

, , , , , , , , , , ,

Manitoba customer service accessibility standard in force and other accessibility news

The Manitoba Customer Service Accessibility Standard (CSAS) under the Accessibility for Manitobans Act (AMA) came into effect November 1, 2015. The CSAS requires all of Manitoba’s public, private and non-profit organizations with one or more employees that provide goods or services directly to the public or to another organization in Manitoba, to establish and implement measures, policies and practices to remove barriers for access to the goods or services it provides.

 

, , , , , , , , ,

Previous Posts Next posts