First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Privacy Compliance and Management

Not-for-profits should leverage information technology, safely

Not-for-profits have numerous opportunities to leverage information technology (IT), from social media to cloud computing and beyond.

 

, , , , , , , ,

Amazing insights on cyber

A couple of recent pieces shed some light, some amazing light, on how cyber-related risk is perceived by executives and the board.

 

, , , , , ,

When copyright in a work transfers to the Crown: Keatley v. Teranet

When does copyright transfer to the Crown under the Copyright Act? The Supreme Court clarified this in a landmark ruling released earlier today in Keatley Surveying Ltd. v. Teranet Inc., 2019 SCC 43, authoritatively interpreting Section 12 of the Act.

 

, , , , , , , , , ,

The rising tide of global whistleblower regulations

The whistleblowing landscape has changed substantially over the past few years. High profile cases have spurred new whistleblower protection regulations across the globe.

 

, , , , , ,

Allegations and investigations

What we should all note from the news is that a failure to perform an appropriate investigation is a serious source of risk to any organization.

 

, , , , , ,

The board and cyber security

There’s another useful article on Forbes. How to talk to the board about cybersecurity is written by an experienced CIO, John Matthews. Here are some useful excerpts with my highlights:

 

, , , , , , , ,

We need to preserve and protect whistleblowing in this time of challenge

Now more than ever, compliance officers, executive teams and boards of directors must think more about how to support an internal reporter, even at the “mechanical” level of protecting their identity.

 

, , , , ,

FATF issues guidance on virtual assets

FATF issues guidance on virtual assets

 

, , , , ,

Final amending regulations issued under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act

anti-money laundering

On July 10, 2019, final amending regulations were issued amending each of the existing regulations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act.

 

, , , , , ,

Ontario Court of Appeal confirms nude selfies are not offensive

In Zigomanis v. 2156775 Ontario Inc. (D’Angelo Brands), 2018 ONCA 116, the Ontario Court of Appeal upheld a lower court decision that a professional hockey player’s nude selfies did not offend public morals and decency and there was thus no basis to terminate a promotional contract.

 

, , ,

Ensure secure disposal of hardware

Organizations often make the mistake of considering the disposal of hardware only when they are ready to discard equipment, if at all. Instead, they should plan for hardware disposal throughout the entire systems development lifecycle, from acquisition and testing through to operations.

 

, , , , , , , , , , , , ,

The Québec Private Sector Privacy Act: When does it apply to organizations outside of Québec?

While Québec Courts have delineated the scope of province’s Private Sector Privacy Act through the notion of “enterprise,” they have yet to delineate the scope of the Act’s territorial application. Determining the territorial application of Québec privacy legislation thus remains unsettled and unclear.

 

, , , , ,

IIROC Releases its annual Enforcement Report for 2018

Earlier this month, the Investment Industry Regulatory Organization of Canada (“IIROC”) published its annual Enforcement Report for 2018 (the “Report”), highlighting its enforcement/discipline activities over the course of 2018.

 

, , , ,

Scratching the surface on Facebook and its problems

​Facebook Data Exposure Offers Critical Lesson for Internal Auditors makes some good points, including:

 

, , , , , , ,

Time (again and still) for the IIA Standards to be correct

Internal audit can assist management by facilitating a fraud risk assessment. Management should make the decision both on the level of risk and whether it is acceptable. Internal audit can provide their opinion and advice on both.

 

, , , , , , , , ,

Previous Posts