• Letter from the CEO
  • Compliance News
  • Upcoming Events
  • Getting It: Compliance Case Study
  • Compass Q&A
  • Cautionary Tales
  • Success Stories

Integrity officer rips whistle-blower bill

CFOs Feel Their Companies are Most Susceptible to Disasters and Information Security Threats, Survey Finds
March 2004

Dear Compass Subscriber,

On March 30, 2004, new corporate governance rules are expected to have the force of law in Canada. The CEO and CFO of any public company or reporting issuer will personally be required to certify six representations regarding the financial statements and corporate governance of the company.

LegalNet has put together an overview of what these changes mean to directors and officers. Know your liabilities!

In this issue, we’ll look at how some organizations are – or aren’t – communicating their corporate governance practices, a case study on how to disseminate best practices across a user, customer and partner community. You can also find links to some of our recent presentations across the country, and articles of interest to the security, governance and compliance industries in Canada.

Finally, don’t forget to forward this newsletter to colleagues who would be interested, and please submit your compliance questions to compass@integrityincorporated.com – we’d love to hear where the information gaps are!

Best regards,

Carolyn Burke, CEO Integrity Incorporated

Integrity CEO Carolyn Burke will be presenting at InfoSecurity 2004, June 1-3 2004, Metro Toronto Convention Centre

Visit Microsoft’s new security portal at http://microsoft.ca/security/IT

Presentation Downloads:

E-content Institute presentation

Microsoft Canada Partner Briefing: Microsoft and Security Keynote

Essentials of Security Workshop

Disseminating Best Practices Across Communities

How does an organization communicate its best practices across its customer, partner and associates communities and encourage those communities to adopt them?

This software giant needed to address a lack of both technical and best practice knowledge for its security products and services across its user community in order to address both user awareness issues and public perception and business partner perceptions of the security of its products and services.

They also wanted to encourage their community to take these best practices into their own organizations.

Integrity Incorporated developed a comprehensive strategy to deploy training programs, product knowledge and security best practices knowledge across a wide variety of constituents, including:

  • IT professionals
  • Business partners
  • Customers
  • Prospects


The program included the following components:

  • Development of training and education program and bilingual materials, including email invitations to constituents across the country
  • Development of cross-Canada seminar series for both speaker sessions and training sessions
  • Development of best practices website
  • Management of localized programs to follow up on international advertising campaign
  • Development of webinar and webcasts for each training module (ie, secure code development, protecting the perimeter, etc)
  • Public relations campaign to promote and support the messaging

We invite you to submit questions on security, privacy and governance compliance to compass@integrityincorporated.com.

Dear Compass,

Is Sarbanes-Oxley going to become an international standard for corporate governance and compliance?

RV, Victoria, BC.

Compass responds:

Probably not. Although many companies in Canada and around the world need to comply with SOX, we’ll probably see a less U.S.-centric standard of good corporate governance emerge over the next decade. There are further lessons to learn before a complete, global corporate governance standard can be developed. And there is very little case law yet to provide a real interpretation of SOX.


As Europe and Asia and other parts of the world also start to draft legislative responses to growing governance problems (spurred largely by incidents like Parmalat), compliance for organizations doing business in multiple countries will become mired. Eventually, one or two international corporate governance standards will emerge.

Nonetheless, currently, at least 1 out of 3 Canadian companies is required to comply to SOX because of their cross-border business activity. Does your company need to comply with SOX? Visit this link to find out. And if so, do you have a plan to address the compliance moving target? There are some excellent resources via this link from Bitpipe - and please contact us if we can be of any further assistance!

Nortel Networks http://www.nortelnetworks.com/corporate/community/ethics/guide.html
Loblaws http://www.loblaw.com/en/inv_sharehold.html

These public companies are missing a golden opportunity to mention how they are implementing corporate compliance initiatives throughout their organizations.

TD Bank http://www.td.com/governance/practices.jsp
Conagra Foods http://www.conagrafoods.com/investors/corporate.jsp
Ballard Power http://www.ballard.com/tD.asp?pgid=11

Each of these organizations does an exceptional job of outlining their corporate governance initiatives and practices.


Integrity Incorporated
155 Dalhousie Street, Ste 701
Toronto, ON, M5B 2P7 Canada
T/ 416 369 0113     F/ 416 369 0148

Full Disclosure:
Microsoft is a consulting client of Integrity Incorporated.

Copyright 2004 Integrity Incorporated. All rights reserved. The Integrity Incorporated 'mark of integrity' is a registered trademark of Integrity Incorporated and is pending approval in the Canadian Trademark Office. Integrity Incorporated is a member of the family of values-focused River Street Bridge Inc. companies.