First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Backup and Disaster Planning

Everybody should be familiar with this

Scenario analysis is a method for creating responses to various future events with the aim of reducing uncertainty and maximizing the chances of achieving a desired outcome.

 

, , , , ,

Cyber insurance in the COVID-19 landscape

Cyber insurance provides protection and coverage for the security and privacy of digital information and losses resulting from data breaches.

 

, , , , ,

Fiscal year ends, business continuity, and COVID-19

At the best of times, fiscal year ends are challenging. Organizations with upcoming or recent fiscal year ends will undoubtedly find them particularly challenging. Organizations with robust policies and procedures will likely fare better than those without. Consequently, it will be helpful to start your year end planning as early as you can.

 

, , , , , , , , , , , , , , , , , , , ,

Risk-based cyber risk reporting

I encourage you to subscribe (free) to McKinsey’s frequent reports. Their latest, Enhanced cyberrisk reporting: Opening doors to risk-based cybersecurity has some good observations. Unfortunately, their ideas for addressing the problem don’t work for me.

 

, , ,

COVID-19: key issues every organization should consider

Competition law

The COVID-19 pandemic raises critical and unprecedented issues for all organizations. How an enterprise responds to these challenges will influence how it fares through the crisis and its positioning for recovery afterwards. We believe that the issues below warrant special attention by senior management and directors.

 

, , , , , , , , ,

New ERM Guidance from COSO

Creating and Protecting Value: Understanding and Implementing Enterprise Risk Management is based on COSO’s 2017 update of its 2004 ERM Framework. Their intent is to explain how effective ERM can add value to an organization, and to give some guidance on how to implement or upgrade it.

 

, , ,

COVID-19 Considerations from our bankruptcy & restructuring experts

Because of the speed with which the recent adverse circumstances have developed, businesses that may have otherwise been able to adapt may not have had an opportunity to do any meaningful contingency planning.

 

, , , , , ,

COVID-19 – Managing privacy and cyber issues

Privacy laws require that personal information is at all times protected by appropriate security safeguards, and this requirement will continue to apply in connection with COVID-19 work-from-home arrangements

 

, , , , , ,

COVID-19: Insurance considerations for business disruptions in Canada

One key consideration for businesses when facing potential losses as a result of COVID-19 is the availability of insurance coverage for business interruption and related losses.

 

, , , , , ,

Let’s meet – just not in person: Taking your annual shareholder meeting online (in a coronavirus world)

Increased concerns regarding the spread of the coronavirus are prompting companies to look at alternatives to their in-person annual meeting of shareholders, including holding the meeting partly or even wholly online with streamed audio and/or video content. This could potentially accelerate a recent trend in Canada towards considering alternatives to the traditional in-person shareholder meeting, […]

 

, , , , , ,

Which comes first, risk or control?

Can you assess the overall system of internal controls without considering risk management? I don’t think so, and neither does COSO. That is why there is a risk component in their internal control framework.

 

, , ,

Entering the era of operational resilience

Operational resilience is the ability of a business to tolerate shocks and maintain normal operations. Those shocks can be all sorts of things — IT failures, natural disasters, terrorism, cyberattacks — but they’re typically sudden shocks, happening within hours or even minutes, that threaten your company’s ability to provide whatever it is you provide to customers.

 

, , , ,

A risk case study

I returned this week from a vacation in Mexico, including a day at the Copper Canyon. Our tour guide took about 20 of us down the mountain side to see some Tarahumara Indian homes. I decided that I wanted to come back ahead of the group, finding my way back up the path and steps to our hotel at the top. What might happen along the way? In other words, what would a risk manager put on a list or heat map?

 

, , , ,

Silos are thriving even in ERM programs

You are the captain of a ship that is sailing from Singapore to Auckland with a cargo that needs to be kept cold and will lose its freshness if you don’t arrive within a few days of your schedule.

 

, , , , , , ,

New report on the cost of a cyber breach

You may be surprised to hear that the average cost of a data breach is just $3.9 million. That sounds far different than indicated by the alarm bells screaming at you from all sides.

 

, , , ,

Previous Posts