First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

data security

Talking sense about technology risk and cyber

You have to have sponsorship from the CEO and throughout the company to really understand and diagnose IT risks, data security risks and business risks, and then prioritize them.

 

, , , ,

It’s official: Mandatory data breach notification coming on November 1, 2018

The coming into force of mandatory breach notification and record-keeping requirements on November 1, 2018 should be viewed by organizations as an effort to align Canadian legal and regulatory requirements with those in the United States and Europe (especially with the General Data Protection Regulations – or GDPR – coming into force in May 2018).

 

, , , , , ,

Data breaches: All’s not lost, even if your data is (and if you’ve taken precautions)

As anyone who’s ever left a USB key in a Kinko’s knows, it’s easy to lose a mobile device containing sensitive user information. As a recent statement from the Newfoundland and Labrador’s Office of the Information and Privacy Commissioner shows, taking preemptive steps to make the user information on a mobile device more secure could protect the information – and your organization – if the device ever falls into the wrong hands.

 

, , , , , , , , , ,

Regulations to enable government to expand electronic commerce

The federal government has proposed regulations to permit increased electronic interaction with certain government departments. In 2012, the government amended the Department of Human Resources and Skills Development Act to enable the department, and programs under the department’s auspices, to expand and coordinate their electronic commerce initiatives.

 

, , , , , , , , , , , , , , , , , ,