About the Bulletin
Become a Contributor
Terms of Use
Privacy Policy
About the PolicyPro Library
Take a 30-Day Trial
Help Desk
How to Subscribe
Change email Address
Unsubscribe to Bulletin
Contact Us
 
    
The Canadian Institute of Chartered Accountants First Reference
September 2006 - Volume 1, Issue 6

1. An Excellent Overview of Corporate Governance in Canada
2. Risk Management Immature in Canada, Ernst & Young Report Indicates
3. Certifying the Design of Internal Controls: Getting Started
4. The Perils of Portability
5. Corporate Social Responsibility (CSR): An Introduction
6. Let Me Know What You Think!



An Excellent Overview of Corporate Governance in Canada

Over the past couple of years, the PolicyPro Bulletin and its predecessor, the FAPP e-Newsletter, have been regularly reporting ongoing developments in the creation of a Canadian version of the U.S. Sarbanes-Oxley Act, a regulatory regime aimed at reforming corporate governance and restoring confidence in Canadian capital markets.

But unless you’ve been paying very close attention, it’s a struggle to put all these news items together and understand exactly where we stand. To address this, Deloitte has published The Corporate Governance Landscape in Canada, a very useful overview of the process to date. It provides a succinct history of the evolution of corporate governance reform in Canada, and links to other, more in-depth articles that Deloitte has published over the past couple of years.

Of particular interest is a link to The CSA’s Revised Flight Plan, an easy-to-understand chart that illustrates the four phases of certification for Canadian public companies, together with the timeframes when these phases apply. Although the details of the final phases of this process are still not completely finalized by the Canadian Securities Administrators (CSA), this chart is an excellent way to see the “big picture” of the reporting requirements, to understand what is currently required and to anticipate what else will be required, and by when.

For a link to The Corporate Governance Landscape in Canada, click here.

For a link to The CSA’s Revised Flight Plan, click here.

<< Top of Page



Risk Management Immature in Canada, Ernst & Young Report Indicates

A recent report by Ernst & Young indicates that Canadian companies may know about effective risk management, but aren’t practising it. Ironically, this comes at a time when investors are more concerned than ever about companies’ risk management performance, and are basing their investment choices upon it.

Risk Management in Canada: Moving Beyond Assessment was drawn from the Canadian responses to a series of ongoing global risk management surveys conducted by E&Y.

Interestingly, most Canadian respondents give themselves a high score on their risk management initiatives—46% give themselves top marks. This contrasts with E&Y’s global results, where only 36% rate themselves so highly.

But when you scratch the surface, there are few reasons for the senior executives to be so pleased with themselves.

Here are just a few of the findings:

  • Most respondents (85%) identify clear ownership of risk as the most important factor in managing it. However, only a tiny percentage (2%) indicate that they are performing this vital step well
  • More than one-third of those surveyed indicate that there are key risks that are not being actively managed
  • Many companies have not adopted a structured risk management framework, but are relying on an ad hoc, informal approach
  • There is much less emphasis on risk management at the board level in Canada than exists elsewhere in the world. Senior management here do not see the board as the owner of risk management, responsible for setting overall strategy. This is in stark contrast with the views of investors, who look to the board for leadership in this area

The report indicates that Canadian senior executives may know how important risk management is, but are not building it into their corporate culture in a systematic fashion. As the report concludes “ The stark contrast between the factors that leaders of Canadian companies identify as important to effective risk management and their confidence in how well they are delivering on those factors describes a Canadian risk management framework that is underdeveloped and unable to provide the kind of control expected from well-managed companies.”

For a link to this very interesting report, click here.

<< Top of Page


Certifying the Design of Internal Controls: Getting Started

We’ve been talking all year in the PolicyPro Bulletin about the changes to reporting requirements for public companies concerning internal controls over financial reporting (ICOFR), as mandated by the Canadian Securities Administrators. Some of these reporting requirements are already in place, and others are anticipated (though detailed rules have yet to be issued).

The gist of these changes is that CEOs and CFOs of Canadian public companies must:

  • Certify that they have designed effective internal controls that provide reasonable assurance that their financial statements are accurate
  • Certify that that they have disclosed material changes in internal controls
  • Certify that they have evaluated the effectiveness and design of their internal controls

It’s this last point that poses the greatest challenge to Canadian public companies. To evaluate the effectiveness and design of internal controls requires an ongoing, systematic, credible process, based on a recognized internal control framework, that is capable of measuring the effectiveness of internal controls and identifying any significant changes or shortcomings that must be addressed or disclosed.

KPMG has recently published a very useful guide to this process, entitled Certification of Internal Control: Evaluating Design. The guide deals with six fundamental questions:

  1. What is the design of internal control?
  2. To what extent should you document internal controls?
  3. How should you evaluate the design of internal controls?
  4. How can you make the design evaluation process sustainable?
  5. How can your design evaluation support your future evaluation of effectiveness of internal control?
  6. How could your external auditors assist you with this evaluation?

For a link to this excellent article, click here.

<< Top of Page


The Perils of Portability

As technology evolves, and as employees work at home or on the road (or on the bus or sitting in a café), more and more of an organization’s confidential and proprietary information strays outside the protection of its structured, secure IT environment. And this, of course, increases the risk that it will be stolen, intercepted or inadvertently lost.

The consequences can be dire—for a company it can mean the loss of vital intellectual property; for employees, it can lead to identity theft.

The Information and Privacy Commissioner of Ontario and BMO Financial Group have responded with a brochure entitled Reduce Your Roaming Risks—A Portable Privacy Primer that offers common sense tips to:

  • Prevent identity theft
  • Develop a privacy and security mindset
  • Protect your clients, your organization and yourself
  • Secure information on laptops, PDAs and cell phones
  • Protect confidential and financial information

For a link to the Privacy Commissioner’s press release (which contains a link to the brochure), click here.

<< Top of Page


Corporate Social Responsibility (CSR): An Introduction

If you Google “corporate social responsibility”, you’ll learn that many of Canada’s largest companies, and most of the globe’s most successful corporations, have a CSR policy posted prominently on their websites.

So what is corporate social responsibility? It means different things to different people, but, as a new publication from Industry Canada says, “CSR is understood to be the way firms integrate social, environmental and economic concerns into their values, culture, decision making, strategy and operations in a transparent and accountable manner and thereby establish better practices with the firm, create wealth and improve society.”

Pretty “touchy-feely,” right? Think again. True, corporate social responsibility encompasses a much broader community of stakeholders than most other corporate policies —including consumers, citizens at large, non-governmental organizations, and communities in general—but these stakeholders can make or break a company’s reputation as a responsible corporate citizen.

Most important, the tenets of a corporate responsibility policy provide an important part of an organization’s “tone from the top,” the control environment (as named in the COSO internal control framework) so vital in establishing a culture of ethical behaviour in your organization.

Want to know more? The Industry Canada CSR home page is an excellent starting place. From there, you’ll be able to download their new publication “Corporate Social Responsibility: An Implementation Guide for Canadian Business.”

<< Top of Page


Let Me Know What You Think!

Alas, the lonely life of an editor. Each month I send the Bulletin off into the vast expanse of (cyber) space, trusting that you, the readers, find it useful and informative.

But I want feedback. Are there articles you find particularly useful? Are there others that are unhelpful or inaccurate? Do you want more information on a particular topic? Do you have story ideas, or news from the world of internal controls that you want to share?

Go ahead, make my day. Send me a message.

Thanks!

Colin Braithwaite

<< Top of Page

About the PolicyPro Bulletin

Editor: Colin Braithwaite, Managing Editor – PolicyPro.

Please do not reply to this Email.

PolicyPro Bulletin is a complimentary service published by First Reference Inc. and is sent to you monthly. Each issue of the PolicyPro Bulletin provides headlines and summaries of news that affects internal controls and policies in Canada.

Please forward this Bulletin to your colleagues.

Please send any comments or suggestions about the PolicyPro Bulletin to editor@policypro.ca. For information about the PolicyPro Library, visit www.PolicyPro.ca. For information about First Reference and our HR-related products, visit www.firstreference.com. To read our Terms of Use, Disclaimer, Privacy Policy and other legal matters, visit PolicyPro.ca.

This publication is written for informational purposes only and should NOT be relied upon as legal advice or opinions. The reader should always obtain legal advice from a qualified lawyer or other qualified professional, which will be responsive to the case or circumstance of the individual. Please note that the content provided in this Bulletin or any content contained in or made available through any third party website linked to from this Bulletin, is provided "as is" without representations or warranties of any kind. All representations and warranties in respect of Content or Third Party Content, express or implied, including, without limitation any representations to warranties or conditions regarding accuracy, timeliness, completeness, non-infringement, merchantability or fitness for any particular purpose are hereby disclaimed.

PolicyPro Bulletin ISSN: 1718-5866 Copyright ©2006, First Reference Inc., All Rights Reserved.
  Finance and Accounting PolicyPro
Vol I:  Finance
Vol II: Corporate           Governance
  Operations and Marketing PolicyPro
  Human Resources PolicyPro - Ontario
  Human Resources PolicyPro - BC