First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Network, Systems and Data Security

Working from home: Cybersecurity checklist

Cyber attacks were a serious risk even before the COVID-19 pandemic. As many organizations have instituted work-from-home procedures, the risk is elevated. The increase of non-standard communications, the use of new and untested remote working arrangements and a heightened level of stress and anxiety all create new vulnerabilities for threat actors to take advantage of. Incorrectly addressed emails, theft of company devices and a massive increase in remote connections all increase the risk of a successful cyber attack.

 

, , , ,

Impact of digitized environments & modern workplaces on internal investigations

One of the hallmarks of a successful investigation is rooted in the expression “knowing what you don’t know.” An experienced investigator knows a lot about a lot of things – different types of fraud, corruption, theft, misconduct, and the psychology underlying what motivates people to violate the trust that has been placed in them.

 

, , , , , , , ,

Considerations for directors during the COVID-19 pandemic

boardroom-meeting

The COVID-19 pandemic has affected, and continues to affect, Canadian businesses in a significant manner. As this situation continues to evolve, directors should remain cognizant of their duties and responsibilities as corporations face a range of challenges, including liquidity issues.

 

, , , , ,

COVID-19 and electronic contracting

For years, organizations have moved their businesses digital. To consummate transactions and to otherwise engage in contractual activities, organizations have increasingly relied on electronic means of contracting using everything from webwraps and clickwraps (and hybrid variations of these forms of agreements) and electronic documents executed using electronic signatures.

 

, , , , , ,

Cyber insurance in the COVID-19 landscape

Cyber insurance provides protection and coverage for the security and privacy of digital information and losses resulting from data breaches.

 

, , , , ,

Fiscal year ends, business continuity, and COVID-19

At the best of times, fiscal year ends are challenging. Organizations with upcoming or recent fiscal year ends will undoubtedly find them particularly challenging. Organizations with robust policies and procedures will likely fare better than those without. Consequently, it will be helpful to start your year end planning as early as you can.

 

, , , , , , , , , , , , , , , , , , , ,

COVID-19: key issues every organization should consider

Competition law

The COVID-19 pandemic raises critical and unprecedented issues for all organizations. How an enterprise responds to these challenges will influence how it fares through the crisis and its positioning for recovery afterwards. We believe that the issues below warrant special attention by senior management and directors.

 

, , , , , , , , ,

COVID-19 – Managing privacy and cyber issues

Privacy laws require that personal information is at all times protected by appropriate security safeguards, and this requirement will continue to apply in connection with COVID-19 work-from-home arrangements

 

, , , , , ,

Liability for artificial intelligence — Why Canadian businesses should pay attention to recent developments in Europe

Late last year, the European Commission’s Expert Group on Liability and New Technologies – New Technologies Formation (NTF) released a report on Liability for Artificial Intelligence. The report focuses on liability regimes across European Union (EU) member states and offers high-level recommendations on how those liability regimes can be adapted to meet challenges posed by artificial intelligence (AI) and other digital technologies.

 

, , , ,

Advisory committee on open banking releases report on consumer-directed finance

On January 31, 2020, the Advisory Committee on Open Banking (the “Committee”) issued its first report (the “Report”) in connection with the Department of Finance Canada’s (“Finance Canada”) consultation process on open banking.

 

, , , ,

Mandatory cybersecurity incident reporting for IIROC investment firms

In November 2019, the Investment Industry Regulatory Organization of Canada released new mandatory reporting requirements for cybersecurity incidents, per IIROC Notice 19-0194. What are the new requirements?

 

, , , , , ,

New report on the cost of a cyber breach

You may be surprised to hear that the average cost of a data breach is just $3.9 million. That sounds far different than indicated by the alarm bells screaming at you from all sides.

 

, , , ,

How effective is risk management today?

If you want to know how effective risk management is, you should ask the customer and not the provider.

 

, , , ,

2019 brings guidance on cyber in Canada

This year has seen a number of interesting developments in Canadian cyber security. While the first wave of data breach cases slowly work their way through the court system, guidance for Canadian businesses has come from many other sources, including the federal government and regulators.

 

, , , , ,

Not-for-profits should leverage information technology, safely

Not-for-profits have numerous opportunities to leverage information technology (IT), from social media to cloud computing and beyond.

 

, , , , , , , ,

Previous Posts