First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

insurance

Saskatchewan follows Manitoba’s lead in regulation of portable electronics

Residents of Saskatchewan: Can’t live without your smartphone? Never fear, the province follows Manitoba’s lead in regulation of portable electronics.   On June 22, 2017, new regulations (the “Insurance Regulations[1]“) under Saskatchewan’s Insurance Act[2] were filed with the Registrar of Regulations. The Insurance Regulations will broaden the availability of insurance covering smart phones in the province. Smartphones […]

 

, , , ,

Cyber risk insurance: Driving the risk management process

Insurers and other insurance professionals have traditionally been well positioned to drive improvements in risk management processes. Cyber-security risk is a modern phenomenon which has arisen in the electronic information and internet age, and the insurance industry is demonstrating that it can play a key role both in educating and equipping public and private sector organisations to manage this emerging risk, and in providing insurance protection.

 

, , , , , , , ,

Cybersecurity in the boardroom: The new reality for directors

Not long ago, cybersecurity was a term rarely, if ever, heard in the boardroom. Rather, information security was deemed to be a risk managed solely by the chief information or technology officer. Those days are gone. With the litany of high profile cybersecurity hacks—and the potential resulting drop in shareholder value, regulatory inquiries and litigations which inevitably follow—cybersecurity has become an increasingly challenging risk that boards must address.

 

, , , , , , , , , ,

What critical elements should appear in every third-party service provider contract?

Whenever data leaves the control perimeter of a company, there is a risk that the data will not be protected at the same level of security that is required by company policy. It is essential that data created, stored, manipulated or transmitted by a third party on the company’s behalf be accorded the level of protection that is defined by the company’s standards and policies.

 

, , , , , , , , , , , , , , , , ,

Keeping on top of legal requirements: How can I identify legal risks?

There are hundreds of thousands of federal, provincial and municipal statutes and regulations. Laws and regulations exist for virtually every aspect of an organization’s operations—incorporation, employment, safety, environmental, contracts, intellectual property, privacy and so forth. Organizations of all sizes need to be aware of their legal environment and regulations and laws that affect them…

 

, , , , , , , , , , , , , , , , , ,

What makes good risk management?

You have a risk management process, even if you don’t think about it. Maybe it’s an informal and verbal process, but the type of business you accept and how you deliver products and services is closely tied to your business strategy and the risk management process it requires.

 

, , , , , , , , ,