First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Cyberlaw, Internet Law

Not-for-profits should leverage information technology, safely

Not-for-profits have numerous opportunities to leverage information technology (IT), from social media to cloud computing and beyond.

 

, , , , , , , ,

Amazing insights on cyber

A couple of recent pieces shed some light, some amazing light, on how cyber-related risk is perceived by executives and the board.

 

, , , , , ,

Failure to [Coin]Launch – Caution for crypto-asset consultants, advisers and service providers

CoinLaunch carried on business as a cryptoasset consultant, offering marketing and promotional services to prospective token issuers.

 

, , ,

FATF issues guidance on virtual assets

FATF issues guidance on virtual assets

 

, , , , ,

The Québec Private Sector Privacy Act: When does it apply to organizations outside of Québec?

While Québec Courts have delineated the scope of province’s Private Sector Privacy Act through the notion of “enterprise,” they have yet to delineate the scope of the Act’s territorial application. Determining the territorial application of Québec privacy legislation thus remains unsettled and unclear.

 

, , , , ,

OECD principles on artificial intelligence released

On May 22, 2019, the Organization for Economic Cooperation and Development (OECD) approved the OECD Recommendation on Artificial Intelligence.

 

, , ,

Canadian government announces new Digital Charter

On May 21, 2019, the Honourable Navdeep Bains, Minister of Innovation, Science and Economic Development, announced the introduction of Canada’s new Digital Charter. This blog post summarizes the highlights of Minister Bains’ announcement and the principles of the Digital Charter.

 

, , , , , , ,

CSA and IIROC propose regulatory framework for cryptoasset trading platforms

On March 14, 2019, the Canadian Securities Administrators and the Investment Industry Regulatory Organization of Canada published Consultation Paper 21-402 Proposed Framework for Crypto-Asset Trading Platforms proposing a regulatory framework for platforms that trade cryptoassets.

 

, , , ,

Osler submission to OECD on public consultation document addressing the tax challenges of the digitalisation of the economy

Osler made a submission [PDF] to the OECD in response to its February 13, 2019 public consultation document on the possible solutions to the tax challenges of digitalization (the 2019 Public Consultation Document).

 

, ,

SWIFT publishes cybersecurity counterparty risk guidelines

On February 15, 2019, the Society for Worldwide Interbank Financial Telecommunication (“SWIFT”) published guidelines for assessing cybersecurity counterparty risk for financial institutions (the “Guidelines”).

 

, , , , , ,

Hyperventilating about cyber – Part I

It’s hard to see a survey these days that doesn’t include cyber as one of the top risks faced by organizations around the world. But should it be?

 

, , ,

People still don’t know how to assess cyber risk!

Why do the consultants keep advising management and the boards to consider cyber risk as if it is separate from all other business risks?

 

, , , , , ,

Top 10 most-read Inside Internal Controls posts for 2018

This year on the Inside Internal Controls blog we’ve been covering some of the hot topics in internal controls, governance, information technology, not-for-profit, and business management.

 

, , , , ,

Bill introducing changes to IP legislation receives swift approval from parliament

Bill C-86, the Budget Implementation Act, 2018, No. 2, (the “Bill”) which makes a number of changes to the Trademarks Act, the Patent Act and the Copyright Act as well as introducing the College of Patent Agents and Trademark Agents Act became law in Canada after receiving Royal Assent on Dec. 13, 2018.

 

, , , ,

Who takes cyber risk?

Who is taking cyber risk? Is it the board and top management who are deciding how much scarce resource to invest in breach prevention, detection and response? Or is it the business leaders whose initiatives are damaged or worse should there be a security incident?

 

, ,

Previous Posts