First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

ITPP

How does the new anti-spam legislation affect IT processes?

It should be clear that managing your anti-spam obligations will mean modifying your information technology processes. The CRTC has created comprehensive anti-spam guidelines that demonstrate some of the ways IT will be involved…

 

, , , , , , , , , , , , , , , , , , , ,

How do I ensure accountability for IT systems?

One of the key elements needed to ensure accountability is reporting the right statistics and metrics. Each user department is responsible for ensuring that its information technology needs are addressed, and the IT department is responsible for providing overall cost-effectiveness, quality and coordination. The IT department can play its role by ensuring that IT metrics are captured and disseminated. User departments and the IT department must both be involved; neither may be permitted to abdicate its responsibilities.

 

, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

BYOD: Bring your own device is a growing business trend

iphone-ipad-bring-your-own-device

Since well before Information Technology PolicyPro was first published and for good reasons considering the technologies available at the time, it made sense to restrict devices connected to the corporate network to those owned and controlled by the enterprise and configured by IT. This is no longer the case.

 

, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

COBIT evolves as technology does

CobiT 5 was released in 2012. It takes a higher-level governance approach, focusing on stakeholders and their needs. It incorporates the internal control focus of earlier versions of CobiT but goes beyond them.

 

, , , , , , , , , , , , , , , , , , , ,

Information technology and modern quality management

Ever wonder what policies you may be missing or which ones should be updated or how to make such improvements quickly?

 

, , , , ,

First Reference author and collaborator Jeffrey Sherman named Fellow of the Institute of Chartered Accountants

Jeffrey D. Sherman is the lead author of all four volumes of First Reference’s Internal Controls Library: Finance and Accounting PolicyPro (including Operations and Marketing PolicyPro), Information Technology PolicyPro and Not-for-Profit PolicyPro. While we knew our internal control publications were in good hands before, we don’t mind saying we’re especially proud to have Jeffrey’s name on them now.

 

, , , , , , , , , , , ,

A new age of records retention: good policy more than worth the effort

There are a number of potentially troublesome issues associated with retaining records. For example: there are storage and privacy concerns; organizations must ensure they keep records secure in accordance with relevant privacy laws. At the same time, organizations might not have considered the self-incriminating information that records might hold, and they will want to ensure they don’t keep potentially incriminating records any longer than the law requires.

 

, , , , , , , , , , , ,

Online security – not just for big business

Surely you’ve heard about the major security and data breaches that Sony has experienced this year. It’s bad. It’s a liability. Despite the popularity of their online services, they’ll have to work hard to regain customers’ loyalty. Other big names have experienced similar attacks.

 

, , , , , , , , , , , , , , , , , , ,

Canadian charity law checklist features compliance issues

Charity and non-profit lawyer Mark Blumberg offers a compliance checklist for Canadian charities via the GlobalPhilanthropy.ca charity assistance project.

 

, , , , , , , , , , , , , , , , , , , , , ,

What’s that you say? Bar association releases plain language guide

When a guide to using legal jargon in everyday life offers as its first tip, “Familiarize yourself with Latin”, I’m pretty sure there’s a problem.

 

, , , , , , , , , , , , , , , , , , , ,

Sure you know EFTs, but do you know EFTs?

No doubt you’ve heard that a chain is only as strong as its weakest link. In the world of electronic funds transfers, this maxim holds doubly true. It applies to security systems and the networks they run on (including the Internet) as well as the users of those systems and networks. A security system can only defend a network if it offers sufficient coverage and controls. Absent such controls, users can, intentionally or accidentally, access, change or steal data that they are not authorized to see.

 

, , , , , , , , , , , , , , ,

The mobile workforce – it’s not coming; it’s here

Mobility is not just about technology anymore. However, chances are high that IT, specifically the CIO, will be responsible for any mobile initiatives within the company. So, CIOs need to take a broad view of mobility and understand the effect this technology will have on departments such as HR, sales, marketing, legal, security and facilities, as well as IT.

 

, , , , , , , , , , , , , ,

Securing your web

How often do you think about malware? Do you consider it a threat to your operations? Do you have a strategy to prevent malware attacks and deal with them if they do occur? Is your strategy up to date?

 

, , , , , , , , , ,

IT strategy – avoiding problems, getting the most from your investments

Information technology has infiltrated just about every aspect of business, to the point where it’s nearly impossible to avoid developing a dedicated IT strategy in order to support your main business goals. A new book describes how even minor software troubles can lead to big headaches for organizations, especially if they rely on the software to carry out their business.

 

, , , , , , , , , , , , , , , , ,