The Grant Thornton International IFRS team has published Insights into IFRS 3 – The acquisition method at a glance.

Mergers and acquisitions (business combinations) can have a fundamental impact on the acquirer’s operations, resources and strategies. For most entities, such transactions are infrequent and each is unique. IFRS 3 Business Combinations contains the requirements for these transactions, which are challenging in practice. The standard itself has been in place for more than ten years now and has undergone a post-implementation review by the IASB. It is one of the most referred to standards currently issued.

The Insights into IFRS 3 series summarizes the key areas of the standard, highlighting aspects that are more difficult to interpret and revisiting the most relevant features that could impact your business.

The publication Insights into IFRS 3 –The acquisition method at a glance provides a high-level overview of IFRS 3 and explains the key steps in accounting for business combinations in accordance with this standard. It also highlights some practical application issues dealing with:

  • Deal terms and what effect they can have on accounting for business combinations;
  • How to avoid unintended accounting consequences when bringing two businesses together.

Next article

Marlène Fortin
Manager | Business Transformation

How do you plan for your business’s future in this unique environment? First and foremost, you need to undertake a strategic diagnosis to help you take stock, solidify your foundations and get pointed in the right direction.

The pandemic has shaken organizations. Entrepreneurs have had to be very flexible and creative in order to continue their activities.

While we can expect a return to normalcy in the coming months, a new reality is taking shape that requires adaptation. The first step to better respond to the changing market and sustain and even grow your business is to know where you stand.

Strategic Planning for a Well-Prepared Garden

Consider the example of a well-prepared garden, with enriched soil and appropriate plants—the crop will be all the more plentiful. Similarly, a richer and carefully crafted diagnosis will more clearly define the right course of action and show the next steps a business should take.

An objective and truly honest 360-degree diagnosis is designed to help you analyze your business’s various organizational functions and identify opportunities and threats that are specific to its field of activity. It synthesizes and interconnects strengths and weaknesses (internal environment) as well as opportunities and threats (external environment).

Here is a brief summary of some of the numerous tools and techniques that can be used to complete the diagnosis.

Set up a work plan

To maintain the focus on the main goal and avoid becoming overwhelmed by too much information, it is essential to set up a work plan that sets out the most important questions you may be asking:

  • What is your market share?
  • What markets are growing?
  • What products are the most in demand?
  • What are the latest consumption trends?
  • Who are the most innovative players on the market?
  • How does the market perceive my business?

The next step is to identify what sources of information are available. In some cases, these numerous sources require some resourcefulness. For instance, you may have to search for specific conference papers, or the particular findings of a specialized study on horticultural science. Other sources require a more complex analysis, like the reports published by Statistics Canada; Innovation, Science and Economic Development; or workforce sectorial committees.

However, these data can be highly beneficial to help you get clear insight into your organization and the issues it faces.

Secondary data

Secondary data are external, public or private, available data (whether free or not). They can consist of information gleaned from published studies or research, official statistics, scientific articles, reports, in short, existing literature.

These data are useful for various aspects of the diagnosis, to get a better idea, for example, of:

  • business trends in a specific sector,
  • growth expectations,
  • consumer spending,
  • competition factors.

Benchmarking is another tool that helps companies to compare their own situation to that of their main competitors in terms of criteria, such as:

  • the range of products and services,
  • rates,
  • distribution methods,
  • marketing.

If questions remain after consulting secondary data, you could consider collecting your own primary data.

Raymond Chabot Grant Thornton - image

Primary data

Primary data pertaining to your clients, suppliers, competitors and partners can be directly collected using various techniques, such as interviews, surveys, focus groups, mystery customers, etc. How primary data are collected depends on your business objectives, the level of precision sought, as well as time constraints to collect the information.

Assessing all information collected on the company’s external environment will enable it to capture market opportunities and understand potential threats.

As an example, let’s take a look at how the Lafleur Greenhouses could collect primary data to answer specific questions on the competitive environment (download the example).

Internal diagnosis

When conducting a diagnosis, it is also important to take the internal pulse of the organization by collecting useful information on its main strengths and weaknesses. To objectively assess the current situation, it is essential to have a global vision of the points of view of the employees and not just management.

This part of the investigation can be conducted as interviews or focus groups, but it is paramount to select the right method and ensure that participants can freely speak their mind in a constructive atmosphere to propel the organization forward. Here are a few examples of questions to ask in this context:

  • What are the company’s main strengths?
  • Which ones can be further developed to increase leverage?
  • What are the company’s main weaknesses?
  • What could potentially impede its growth?
  • Are all company products and services relevant?
  • Are you successful at fulfilling your mission?
  • What could you improve?
  • What do you know about your clients’ needs, satisfaction and expectations?
  • What should you improve?

A neutral and objective external party could be useful in facilitating the exchange of ideas and information during this process.

Consulting other stakeholders could enhance your internal profile of the company. This could include suppliers, financial or strategic business partners, your Board of Directors. They can provide different, impartial insight—as external players they may compare your situation to that of competitors they deal with.

The focus of an internal diagnosis is to address all your organization functions, including sales and marketing, finances, operations, human resources, etc. Thus, it’s important to ask questions to address all aspects, in order to draw the most exhaustive profile possible of the company.

Preparing the global diagnosis

Many tools are available to analyze the information collected, and guide you through an in-depth analysis of interrelations between your findings. The most famous is the SWOT method, which provides a global, internal and external, profile of the organization.

For strategic planning purposes, it is important to understand what strengths to leverage, what weaknesses to work on, what opportunities to capture and what threats to consider and to define a strategy that reflects all of these factors. It is also important to connect each aspect by answering certain questions, which can provide very important insight:

  • What strategies are based on your strengths to leverage opportunities?
  • What strategies help offset your weaknesses and leverage opportunities?
  • What strategies enhance your strengths to address threats?
  • What strategies minimize your weaknesses to avoid threats?

Lastly, the diagnosis helps outline your true ability to implement your growth vision . Organizations may sometimes have high ambitions, but a careful analysis can reveal specific obstacles to overcome before they can reach their objectives. This is the purpose of the diagnosis.

01 Mar 2021  |  Written by :

Marlène Fortin is an expert in Business Transformation Consulting at Raymond Chabot Grant Thornton....

See the profile

Next article

The Grant Thornton International IFRS team has published the 2021 edition of Navigating the changes to International Financial Reporting Standards: A briefing for preparers of IFRS financial statements.

The publication is designed to give preparers a high-level awareness of recent changes that will affect companies’ future financial reporting.

This publication covers both new standards and interpretations that have been issued and amendments made to existing ones, giving brief descriptions of each.

Next article

Guillaume Caron
Chief Executive Officer VARS - Cybersecurity | Digital and technology consulting

What role does the Chief Information Security Officer (CISO) play in an organization?

A business falls victim to a cyber attack approximately every 14 seconds. Depending on the type of cyber attack and the size of the business, the costs can be up to well into six or seven figures. Nearly 60% of small businesses that were victims of cyber attacks end up shutting their business down permanently within 6 months.

These statistics exhibit the extent to which a successful cyber attack can have on a business financially, but there are also many other layered consequences. This can include loss of customers, damage to the business’ brand reputation and breaching of compliance and regulatory requirements.

According to VMware, 99% of Canadian companies have reported an increase in cyber attacks over the past 12 months. This shows now more then ever the importance to develop a well executed cybersecurity plan for your organisation. A Chief Information Security Officer (CISO) is there to do that.

What is the role of a CISO?

A CISO is an executive responsible for a company’s security strategy and ensuring the data assets are protected. The position requires the individual to be well versed with security risks, compliance management and internal security policies. Some of the main roles that a CISO fulfills include:

Security strategy

The CISO is a leader when it comes to security strategy for a company. Depending on the size of a company, the CISO may share this responsibility with other senior IT or tech executives within the company. The CISO is responsible for dealing with immediate security concerns and planning proactively to prevent future security issues from occurring.

The security strategy should be tailored towards the needs of a company. For example, if a business is in hyper-growth mode, the security strategy should accommodate all the vulnerabilities that can arise from scaling quickly and hiring many team members.

Manage security operations

In addition to security strategy, the CISO oversees day to day security operations within a company. The CISO should be actively finding and addressing any security vulnerabilities within a company. The CISO takes initiative on how to deal with immediate vulnerabilities by doing real-time analysis of threats and following a plan of action to mitigate risks.
The security operations on a day to day basis may include setting security policies, hiring the right security team member, meeting with senior executives to discuss strategy, analyzing security infrastructure, making sure programs are running correctly and more. With the help of the security team, the CISO can delegate and ensure that all the security needs of the company are being met.

Security architecture

The CISO is in charge of ensuring the organization is running on the best infrastructure for both security and performance. A lot of vulnerabilities that organizations have can be countered with buying up to date hardware and software. It takes the expertise of a CISO to select the best possible solutions for the organization while mitigating any potential security risks that can arise.

The CISO also designs the security infrastructure by ensuring that all network and IT infrastructure is built with the thought of security in mind. This makes sure that all aspects of the architecture of the organization are secure while performing at the highest level possible.

Incidence response

The CISO is at the forefront of any security incident that occurs within a company. Prior to an incident occurring, the CISO has made a plan of action for several possible scenarios. After an incident is reported to management, the CISO takes leadership and instructs relevant employees on what they need to do.

After the incident has been responded to adequately, the CISO will ensure all that relevant action that needs to be taken afterwards like filling out paperwork, meeting with clients, etc. is done. The CISO is likely the best equipped person within the organization that can handle a security incident from beginning to end.


The CISO is also one of the leaders within the company when it comes to meeting compliance and regulatory requirements. Depending on the location and industry a company operates in, there might be a variety of complex compliance requirements needed to operate a company.

For example, a healthcare company in Quebec would have to adhere to both the Personal Information Protection and Electronic Documents Act (PIPEDA) and all of the of the regional data laws. Since the CISO is in charge of several aspects that deal with compliance, they are generally well-versed in these topics and can help meet with compliance demands from regulatory agencies. CISOs can help meet with compliance officers and ensure the company completes all regulatory assessments that are required by local and federal governments.

Where can you find a CISO?

Hiring a full-time CISO may not always be feasible for most companies looking to adhere to general compliance and security requirements to keep their business open. A full-time CISO will likely cost a business well over six figures annually, but there’s an alternative solution: the VARS CISO Office.

The VARS CISO Office gives your organization the power to leverage the expertise of reputable and industry-leading Chief Information Security Officers without having to search for a one or pay for a full-time resource.

To learn more about the VARS virtual CISO office and how you can increase your business’ security, talk to our experts.

22 Feb 2021  |  Written by :

Guillaume Caron is a cybersecurity expert at Raymond Chabot Grant Thornton. Contact him today!

See the profile