The seminar began by exploring risks faced by companies in an
era of technology dependence. Because of the multiple points of
intersection between modern business and technology, these risks
emanate from a number of sources. Threats could be posed by the
regulatory environment, such as non-compliance with IT control
provisions of financial reporting regulations (such as
Sarbanes-Oxley in the United States) or with data security
legislation. Threats can arise from service providers (for example,
unmanageable expenses arising from a poorly drafted outsourcing
contract) and competitors (for example, IP infringement claims).
Threats can also arise from catastrophic events such as 9/11,
following which some companies were unable to promptly access their
back-up data. In addition, the corporation itself could be a source
of technological risk if its IT infrastructure is not properly
managed. The rapid pace of technological advances and the inability
of the development cycle to keep up means that technological change
is also a major risk to IT systems.
The severity of these risks depends on how important technology
systems are to a company's revenues and its internal dependence
on those systems. All organizations which utilize technology bear
some risk. A food manufacturer, for example, might have significant
vulnerability if its enterprise resource planning software and
just-in-time communication channel were to become unavailable. Thus
the boards of all companies should evaluate technology-related
risks and implement IT governance policies tailored to the specific
risks faced by their companies.
Mr. Bhachech and Mr. Owens each concluded by outlining some best
practices that boards of directors can consider depending on the
severity of particular risks faced by companies. A fundamental
problem with the complexity of information technology and corporate
governance is that the board is often dependent on the very people
it is supposed to oversee. In other words, some boards rely on a
company's IT group to understand and to oversee their work. In
the same way that boards often include legal and financial experts,
technology experts can be added to a board's membership to
ensure that the board has some independent expertise. Boards can
also strike IT committees with a mandate to implement and oversee
an IT governance plan. A C-level executive office can be added or
modified to oversee the management of technology risks.
Importantly, however, all of these measures are more effective if a
culture of communication between the various departments of a
corporation is fostered. It is also important that managers be
willing to engage with risks and opportunities.
Software license agreements generally require the customer to pay fees for the software license and related services, which fees are usually based upon the duration of the license and the manner in which the customer is allowed to use the software, together with applicable taxes and withholdings.
In less than nine months, on July 1, 2017, persons affected by a contravention of Canada's anti-spam legislation will be able to invoke a private right of action to sue for compensation and potentially substantial statutory damages.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).