Top Ten Technology Issues for CAs

Every year, CA Magazine publishes the result of the CICA’s Information Technology Advisory Committee’s annual survey of the biggest technology concerns of Canadian chartered accountants. As you might expect, the issues in the list typically reflect the significant events of the past year.

In 2005, phishing was the number 1 concern. This year, though, it appears CAs are especially concerned with the regulatory requirements contained in the U.S. Sarbanes-Oxley Act and its Canadian counterpart (MI 52-109) issued by the Canadian Securities Administrators. In addition, they are worried about the new audit risk standards, as outlined in the CICA Professional Engagement Manual.

But what do these developments have to do with information technology? It’s simple: both focus on issues of sound corporate governance and internal controls, and require that organizations in general, and accountants in particular, have a clear understanding of the entity’s information system, of the IT processes that affect financial reporting, of the risks of material misstatement that exist in those processes, and of the IT controls that should be in place to mitigate those risks.

Are accountants ready for this challenge? The fact that the survey ranked the need for improved IT controls expertise, and the need for tools to help companies comply with the SOX and CSA rules indicates that accountants are moving into what is for many of them, uncharted and unknown territory.

For the full article in CA magazine, click here.

<< Top of Page

Marketing in Foreign Locales

As if marketing isn't difficult enough in Canada, how do you capture the attention of prospects in other countries, who have different cultural references and speak different languages?

In Promotional Strategies for Export Markets, Certified International Trade Professional Curtis Cook briefly discusses the elements that an exporter must consider when preparing promotional materials and messages for a foreign audience, including languages, images, colours and symbols, as well as religious and spiritual beliefs.

For a link to this article, click here.

In Chapter 6 – Sales and Marketing of Operations and Marketing PolicyPro there are nine model policies, including 6.01 – Plans, Research and Strategy and 6.02 – Advertising and Direct Marketing. For more information, click here.

<< Top of Page

Is your company considering a blog?

Maybe you see a blog as a clever, low-cost way to spread the word about your fabulous products and services. After all, because of the way that Web indexing works (at least for the time being), major search engines give blog content very high priority.

But the proliferation of blogs and employee blogging can have some serious implications for businesses. For example, it only takes one disgruntled employee and a few keystrokes to put your most confidential company information on the Internet for everyone to see.

Christine Mingie, an associate in the Business Law Group of Lang Michener’s Vancouver office, has written a very useful article guide for companies who already have or are considering setting up a company-sponsored blog. In it, she describes the risks associated with blogs and offers excellent suggestions for minimizing them.

For a link to this article, click here.

<< Top of Page

Did you know that 55% of U.S. employees reported that they lacked understanding of the standards of conduct that apply to their jobs? Or that 52% say that their company’s codes of conduct are not taken seriously?

These statistics, taken from a recent Forensic Integrity Survey by KPMG in the United States, are the background for a new white paper Fraud Risk Management: Developing a Strategy for Prevention, Detection and Response, published by KPMG's international Forensic practice.

This white paper targets both fraud and misconduct, and focuses on a business-driven fraud risk management approach, with controls that:

• Prevent fraud and misconduct
• Detect them when they occur
• Respond with corrective action that mitigates any harm that may have resulted

As the white paper makes clear, an effective fraud risk management process must always be consistent with new regulatory requirements and the changing dynamics of an organization. For this reason, it’s crucial that fraud risk management be an ongoing process, with four key components:

• Assessment of risks
• Design of controls
• Implementation of controls
• Evaluation

The whitepaper contains a very useful appendix of selected international governance and antifraud criteria, including legislation and leading practice standards.

For a link to this excellent publication from KPMG International, click here.

<< Top of Page

We’re very excited to announce the newest member of the First Reference PolicyPro Library: Information Technology PolicyPro (ITPP).

ITPP is written by Jeffrey Sherman, C.A, author of Finance and Accounting PolicyPro and Operations and Marketing PolicyPro, and Steve Goldwasser, an IT professional with more than 30 years experience.

As indicated in the lead article in this month’s Bulletin, there’s much more attention being paid to the role of IT controls within the worlds of corporate governance and internal control over financial reporting. Both the regulatory requirements of the U.S. Sarbanes-Oxley Act and its Canadian counterpart (MI 52-109), as well as new audit risk standards, require that organizations, and their auditors, have a more complete understanding of information systems, the risks to accurate financial reporting that exist within them, and the IT controls that should be in place to mitigate those risks.

In short, information systems are the foundation of internal control over financial reporting, and IT controls are an essential part of effective corporate governance and risk management. ITPP assists organizations to implement a IT control framework by providing a comprehensive collection of ready-to-use model policies and procedures, bundled with the PolicyPro software application that makes it easy to create, customize and distribute an IT policy manual.

Co-published with the Canadian Institute of Chartered Accountants, ITPP’s policies and procedures are based on authoritative IT control frameworks: the CICA’s Information Technology Control Guidelines (ITCG), and the CobiT framework.

ITPP will be available by the end of the month. Keep checking www.policypro.ca for more details!

<< Top of Page

About the PolicyPro Bulletin

Editor: Colin Braithwaite, Managing Editor – PolicyPro.

Please do not reply to this Email.

PolicyPro Bulletin is a complimentary service published by First Reference Inc. and is sent to you monthly. Each issue of the PolicyPro Bulletin provides headlines and summaries of news that affects internal controls and policies in Canada.

Please forward this Bulletin to your colleagues.

Please send any comments or suggestions about the PolicyPro Bulletin to editor@policypro.ca. For information about the PolicyPro Library, visit www.PolicyPro.ca. For information about First Reference and our HR-related products, visit www.firstreference.com. To read our Terms of Use, Disclaimer, Privacy Policy and other legal matters, visit PolicyPro.ca.

This publication is written for informational purposes only and should NOT be relied upon as legal advice or opinions. The reader should always obtain legal advice from a qualified lawyer or other qualified professional, which will be responsive to the case or circumstance of the individual. Please note that the content provided in this Bulletin or any content contained in or made available through any third party website linked to from this Bulletin, is provided "as is" without representations or warranties of any kind. All representations and warranties in respect of Content or Third Party Content, express or implied, including, without limitation any representations to warranties or conditions regarding accuracy, timeliness, completeness, non-infringement, merchantability or fitness for any particular purpose are hereby disclaimed.

PolicyPro Bulletin ISSN: 1718-5866 Copyright ©2006, First Reference Inc., All Rights Reserved.