First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

IT, Privacy and Security

What will 2020 risk & compliance benchmarks look like?

It’s that time of year again when risk and compliance professionals from around the world contribute to an industry-defining resource – the annual Definitive Risk & Compliance Benchmark Report.

 

, , ,

2019 brings guidance on cyber in Canada

This year has seen a number of interesting developments in Canadian cyber security. While the first wave of data breach cases slowly work their way through the court system, guidance for Canadian businesses has come from many other sources, including the federal government and regulators.

 

, , , , ,

Competition Tribunal confirms business justification is the paramount consideration in an abuse of dominance case

Competition law

On October 17, 2019, the Competition Tribunal (Tribunal) rendered its decision in CT-2016-015 Commissioner of Competition v. Vancouver Airport Authority (Decision) [PDF], dismissing the Commissioner of Competition’s (Commissioner) application.

 

, , , ,

Not-for-profits should leverage information technology, safely

Not-for-profits have numerous opportunities to leverage information technology (IT), from social media to cloud computing and beyond.

 

, , , , , , , ,

Amazing insights on cyber

A couple of recent pieces shed some light, some amazing light, on how cyber-related risk is perceived by executives and the board.

 

, , , , , ,

Cryptocurrency taxation update

On May 17, 2019, the Department of Finance released proposals to amend the Excise Tax Act (Canada) to treat certain virtual currency as a financial instrument for GST/HST purposes.

 

, , , ,

Common sense talk about risk heat maps and more

Only when the business impact is understood does it make sense to get into the details of which risks to which information assets should be mitigated and how.

 

, , , , , ,

When copyright in a work transfers to the Crown: Keatley v. Teranet

When does copyright transfer to the Crown under the Copyright Act? The Supreme Court clarified this in a landmark ruling released earlier today in Keatley Surveying Ltd. v. Teranet Inc., 2019 SCC 43, authoritatively interpreting Section 12 of the Act.

 

, , , , , , , , , ,

The rising tide of global whistleblower regulations

The whistleblowing landscape has changed substantially over the past few years. High profile cases have spurred new whistleblower protection regulations across the globe.

 

, , , , , ,

Allegations and investigations

What we should all note from the news is that a failure to perform an appropriate investigation is a serious source of risk to any organization.

 

, , , , , ,

Compliance with the Quebec language requirements for display of trademarks to be ‎mandatory on November 24, 2019‎

This information bulletin addresses the language requirements pertaining to display, in a language other than French, of trademarks on real estate in Quebec.

 

, , ,

KPMG studies ERM and gets some things right but misses the key point

There’s some good material in KPMG’s Enterprise Risk Management Benchmarking Study, subtitled Evolving to an active, integrated and agile approach amidst change and disruption.

 

, , , , ,

The board and cyber security

There’s another useful article on Forbes. How to talk to the board about cybersecurity is written by an experienced CIO, John Matthews. Here are some useful excerpts with my highlights:

 

, , , , , , , ,

Do risk appetite statements add value?

Whilst the majority of firms had risk appetite statements that were set by the Board and which were supported by relevant metrics, 50% of respondents noted that their risk appetite statements did not link to the firm’s strategy or to the actual underlying risk the firm faced, and did not provide a forward looking view of risk.

 

, , ,

We need to preserve and protect whistleblowing in this time of challenge

Now more than ever, compliance officers, executive teams and boards of directors must think more about how to support an internal reporter, even at the “mechanical” level of protecting their identity.

 

, , , , ,

Previous Posts Next posts