|
Internal Controls 101
When even venerable institutions like Bear Stearns face failure, it´s obvious that no business - regardless of sector, country or past success - is immune from bad decisions, bad luck and bad timing.
Since the credit crunch of last summer, the business world is a much colder, tougher place. Investors, insurers, suppliers and major customers are starting to ask pointed questions. How well do you understand the risks that your business faces? How tight are your controls on spending? How closely do you control the revenue cycle? How efficient are your operations? Are your IT systems secure?
Of course all these questions are about your organization´s internal controls. Have you performed a risk analysis? Have you mitigated the greatest risks with adequate internal controls? Do you have clearly formulated policies to ensure that your employees know the right things to do, and do you have procedures in place to ensure that they do them?
As this article from KnowledgeLeader points out, credit rating analysts at Standard & Poor´s are rating non-financial companies´ enterprise risk management (ERM), in essence mandating that risk analysis and risk management become important factors in all companies´ decision-making.
<< Top of Page
Using voice biometrics for biometric encryption
We discussed Biometric Encryption in Volume 2, Issue 4 of the PolicyPro Bulletin. In short, biometric encryption employs algorithms that use biometric information to encrypt other information, such as a PIN or an account number. It´s this encrypted information that becomes the unique ID, not the biometric information itself.
Now Ontario´s Privacy Commissioner Ann Cavoukian has announced the development of privacy-enhancing technology that combines biometric encryption with voice biometrics. The advance was made by PerSay (www.persay.com) and Philips priv-ID (www.priv-id.com).
For the news release click here.
<< Top of Page
Big changes coming for Information Technology PolicyPro
The March update (2008, Rel. 1) of Information Technology PolicyPro (ITPP) includes both a new chapter - chapter 12, Training and Support - and a new binder - Volume II. We´ve also upped our publishing schedule from 4 to 6 updates per year.
All this activity is evidence of ITPP´s rapid growth since it was first published in 2006. And there´s more to come! We will publish the final chapter - User Responsibilities - later in 2008.
For more information about ITPP, click here.
<< Top of Page
New and revised do-not-call rules
The CRTC has released a fact sheet with new and revised unsolicited telecommunication rules that will come into effect when the National Do Not Call List is launched in September 2008.
For a link to the fact sheet, click here.
<< Top of Page
Do you publish a company newsletter?
If so, be wary about publishing your employees´ names and work locations. An Alberta judge recently found against the Alberta Teachers´ Association for publishing the names of several members and their places of work in the Association´s magazine ATA News.
The judge found that this was personal information protected by the Alberta Personal Information Protection Act and its collection could not be justified as being for "journalistic purposes".
For the full text of the judge´s reasons, click here.
<< Top of Page
Social networking: threat or opportunity?
Is the proliferation of social networking in the workplace a threat to productivity and network security or an opportunity to network with customers and prospects?
There´s no question that the use of social networking sites like Facebook, MySpace, Bebo, Orkut, Perfspot, and Friendster has exploded in the workplace. In a recent survey, 8% of employees admitted spending between 1-5 hours a week on these sites, and 2% owned up to spending between 5-10 hours.
But business is still trying to figure out whether "networking" equates to "not working" or if it has a legitimate role in building and facilitating business relationships.
For a MessageLabs whitepaper on this phenomenon Social Networking: Brave New World or Revolution from Hell? click here. And next issue we´ll feature recent Canadian poll results and an article from HRinfodesk, First Reference´s online source of news and informed opinion on human resources, payroll and employment law issues, and so much more.
<< Top of Page
About Inside Internal Control
Editor: Colin Braithwaite, Managing Editor, PolicyPro.
Please do not reply to this Email.
Inside Internal Control is a complimentary service published by First
Reference Inc. and is sent to you monthly. Each issue provides headlines and summaries of news that affects internal controls and policies in Canada.
Please forward Inside Internal Control to your colleagues.
Please send any comments or suggestions about Inside Internal Control to the editor. For information about the Internal Control Library, click here. For more information about First Reference, including our terms of use, disclaimer, privacy policy and other legal matters, visit www.firstreference.com.
This
publication is written for informational purposes only and should NOT
be relied upon as legal advice or opinions. The reader should always
obtain legal advice from a qualified lawyer or other qualified
professional, which will be responsive to the case or circumstance of
the individual. Please note that the content provided in this Bulletin
or any content contained in or made available through any third party
website linked to from this newsletter, is provided "as is" without representations or warranties of any kind. All
representations and warranties in respect of Content or Third Party
Content, express or implied, including, without limitation any
representations to warranties or conditions regarding accuracy,
timeliness, completeness, non-infringement, merchantability or fitness
for any particular purpose are hereby disclaimed.
Copyright ©2008, First Reference Inc. All Rights Reserved.
|
