Spreadsheet Fraud

To any company executive or business owner, the mere possibility of fraud can be enough to send alarm bells ringing – for good reason. In a prolonged recession, the last thing investors would want to discover is a huge, gaping hole where supposedly a neat profit should have been. Also to find out that such loss was brought about by deliberately falsified accounting and poor spreadsheet controls only makes the situation even more regrettable.

Why?

Because these losses would not have occurred had there been a stronger risk management program in place and more stringent quality control on critical data to begin with.

But given the nature of a spreadsheet system i.e. its sheer flexibility and easy accessibility, plus the fact that they were never intended to be enterprise-level tools, there are no hard and fast rules for auditing spreadsheets. Also because of the lack of internal controls for end user computing (EUC) applications, in this case spreadsheets, you can’t expect these systems to yield consistently accurate results.

In fact, most managers assume that major spreadsheet errors should result in figures that are blatantly out of touch with how things stand in the real world, making these errors easily detectable.

Well they assumed wrong. You’ll find cases where the losses ran to millions of dollars without anyone being the wiser.

In instances of fraud, the problem becomes more complicated as these errors are deliberately hidden and cleverly disguised, perhaps one erroneous cell at a time. Even if these cover-ups started out with smaller figures that may have had negligible impact on a company?s operation, the cumulative costs of these ?insignificant? errors multiply exponentially as the spreadsheets are reused and utilised as bases for other related reports.

While there is no generally accepted definition of the term ?spreadsheet fraud?, its quite easy to identify one when a case crops up. Fraud arising from spreadsheets are typically characterised by:

Fallacious inputs – correct figures are deliberately replaced with false values.

Erroneous outputs owing to data alteration – hyperlinks are linking to the wrong spreadsheets or cells; use of macros or special lines of code which are understandable only to the person who developed the code.

Concealment of critical information – can be done with easy ?tweaks? such as hidden rows and columns, using the same colour for both the font and the background, or hard coding additional values into a cell.

There is nothing really highly-sophisticated or technical in any of these methodologies. But without internal spreadsheet controls in place, it would take a discerning eye and a thorough review to catch the inconsistencies contained in a spreadsheet fraught with errors. Also, if these errors are knowingly placed there, the chances of finding them are close to nil.

Learn more about our server application solutions and discover a better way to protect your company from spreadsheet fraud.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

Check our similar posts

The Types of Industries That Can Benefit from Field Service Software

Initially, field service software was designed with field techs and their managers in mind. However, in the recent past, other industries have taken this path to better the performance of their businesses. Any industry that deploys skilled laborers and assets to off-site locations benefits from field service software. It’s all about resource allocation and data centralization for efficient management and running of the business? activities. With field service software, you got all your business? functions logged in one place.

So, who needs field service management software? Professionals like electricians, plumbers, IT technicians, construction workers, and carpenters all find it useful. Moreover, there?s a wide range of application in many different types of industries.

Here are some industries that benefit from field service management software.

  • Fire and Life Safety

In a fire and life safety industry, equipment and safety systems should be kept running at peak efficiency. Therefore, it’s necessary to provide appropriate services that will ensure the smooth running of processes. On top of complying with government codes, fire and security systems installed should offer reliable services. Since service is at the core of this industry?s operation, most people in fire and security industries are turning to field service software to automate operations of their service delivery. With the field service software tools, the industry can easily monitor security technologies, quickly respond to customers, and manage compliance, inspections, and procedures effectively.

  • Medical Device Enterprises

For medical device companies seeking to improve their services, sales, and compliance, field service software becomes very essential for the smooth running and operations of their functions. The medical device enterprises that greatly benefit from this software include those offering installations, repair, and maintenance of medical equipment. With the comprehensive field service tools, service delivery and performance is greatly improved.

Moreover, with the field service software, these industries find better ways of tracking critical records needed for regulatory compliance since the medical industry is one of the most regulated industries in the globe. For the companies doing the manufacturing of medical equipment, they can integrate field service software in their accounting systems to streamline their invoice processes and shorten their billing cycles.

  • IT and Communications Services Companies

With the remarkable technological advancements in the recent past, Internet service providers, cable companies, and communications organizations are looking for better ways of service delivery to keep up with the pace of the growing technology. Connections are becoming more complex day by day propelled by an explosion in new data sources, and the use of the devices. To keep up with the increased demand for instant services by customers, the IT and communication service companies, are turning to field service software to make their service delivery more effective.

A combination of the robust, advanced scheduling system and rich functionality makes this software very useful to the communication service companies. They can use the software to design and install complex internet infrastructure. Moreover, field service software can be used by these companies to set up recurring maintenance plans to maintain the installed internet systems.

  • Oil and Gas Enterprises

Most oil and gas industries are faced by complexities which need special handling for better business performance. Since the running of projects is at the cornerstone of their businesses, they’re always looking for better ways to ensure a smooth running of their project activities. For this reason, most of the oil and gas enterprises that have discovered the benefits of field service software are integrating the main activities of their projects in this software.

With the project-based software tools, there?s an efficient flow of information and transparency throughout the enterprise ensuring excellent project management. With the checklist feature included in most field service software, inspections, compliance, site surveys, and maintenance of procedures is made easier in oil and gas companies.

  • Facilities Management Industry

Given that this is a service industry, high-level of efficiency is paramount. To meet customer expectations and battle against cost, most facility management industries are turning to field service software. With the comprehensive tools included in the field service software, supervisors can assign tasks to their reports, monitor their progress, and receive alerts on critical issues while in a remote place or at the comfort of their office.

Maintenance and emergency repairs in the facility management industry are greatly supported by this software ensuring increased productivity and efficiency. Additionally, with field service software the industries benefit from a streamlined workflow and improved communication that greatly reduces administration time and cost.

  • Industrial Equipment Enterprises

Industrial equipment companies aim at maximizing their overall productivity and preventing equipment downtime. There?s a wide range of activities that take place in industrial equipment companies which require field service software for higher levels of efficiency.

From load testing, installation projects, and load testing to emergency repairs, this software, enables the managers to design work orders, and get them ready for scheduling, and distribute them in a moment. With the equipment and asset tracking software, the supervisors can gain instant visibility into the equipment and assets in the field to ensure their regular maintenance. The scheduling and resourcing tools ensure the supervisors are in full control over the dispatching of their workforce, their schedules, and the route taken by each for maximum work output. Additionally, with the field service software, industrial equipment companies can meet their customer expectations.

  • Construction Industry

Since construction work involve both site work and office work, building industries find field service software very useful in integrating their field and office activities. Field service software is designed to establish effective communication between the office staff and the field operators. With inclusive software tools, the supervisors can easily manage daily inspections and receive feedback from the field workers without leaving the office. Moreover, documentation is simplified, and everything is documented in a central place so that it’s easier to retrieve important information at any time. With field service software, building industries can manage their construction efficiently while minimizing cost, and saving on time.

Filed service software is gaining popularity in the industrial world as most enterprises seek to improve their business? performance, and keep up with the competition. Moreover, more companies are expected to come on board as the field service software companies work extra hard to add more tools to suit a wide range of functions.

Authentication and Access Control

Threats to your data can come from external or internal sources.

  1. There are individuals who don’t have the authorisation but are driven by malicious intentions to gain access to certain information. This may refer to individuals who already belong to your organisation (but don’t have the necessary access rights) as well as those who don’t.
  2. There are individuals who have both the authorisation and, unfortunately, the malicious intentions over certain information.
  3. Finally, there are individuals who have the authorisation, no malicious intentions, but have accidentally exposed the information in question to those without the proper authority.

While curbing threats 2 and 3 would require other methods, threat #1 can be countered if the right authentication and access control systems are in place.

Here’s what we can do for you:

  • Work with your key personnel to determine who gets access to what.
  • Help you decide whether a single factor or a two-factor authentication (2FA) is appropriate for your organisation and recommend which factors are most suitable. Login methods may include but are not limited to the following:
    • biometric devices
    • Kerberos tickets
    • mobile phones
    • passwords
    • PKI certificates
    • proximity cards
    • smart cards
    • tokens
  • Install the necessary infrastructure needed for the factors chosen. For instance, if you opt to use biometrics, then biometric scanners will be installed. We’ll make sure that the authentication terminals are situated in places where achieving optimal traffic and work flow has been taken into consideration.

Other defences we’re capable of putting up include:

How Small Irish Businesses Avoid the GDPR Sting

Accountants providing chartered accounting services and tax advice are alerting smaller Irish companies to the consequences of the pending General Data Protection Regulation (GDPR). They believe these are going to feel the most pain come 25 May 2018, if they do not implement GDPR by then. We are trying our best to help avoid this situation by providing advice.

How to Kick the GDPR Ball into Play

The Irish Information Commissioner?s Office has produced a toolkit regarding where?s best to start. They suggest beginning with an information security assessment to determine the gaps companies need to close. Once quantified, this leads naturally to a plan of action, and resources needed to fulfil it. Here?s how to go about it:

1. Start by assessing your current ability to identify, assess, and manage threats to customer data security. Have you done anything at all to date? You must be holding some customer information surely, and it is highly likely the GDPR applies to you.

2. Next, review your company?s current customer data security policies. Are they documented and approved, or do new employees discover them sitting next to Nellie? Rate yourself on a scale where ten is successful implementation.

3. Now consider how well you have pinned responsibilities on individuals to implement policies and take the lead on GDPR. The latter should be the business owner, or a board member with clout to make things happen.

4. By now, you should have a grasp of the scale of work ahead of you, remembering the EU deadline is 25 May 2018. If this sounds overwhelming, consider outsourcing to your accountant or a specialist provider.

5. Under the General Data Protection Regulation you have only 72 hours to report a breach of customer data security to the Information Commissioner?s Office. Do you have a quality assurance mechanism to oversee this?

Tangible Things to Bring Your Own People on Board

With all the changes going on, there is a risk of your employees regarding GDPR as ?another management idea going nowhere.? Thus, it is important to incorporate the new EU regulations in staff training, particularly with regard to data security generally. They may fully come on board only once they see tangible signs of progress. You should in any case put the following measures in place unless you already have them:

1. A secure area for your servers and for any paperwork your customers provided. This implies access control on a need-to-know basis to protect the information against loss, damage, and theft.

2. A protocol for storage media and record disposal when you no longer require them or something supersedes them. You are the custodian of other people?s information and they deserve nothing less.

3. Procedures to secure customer data on employee mobile devices and computers: This must extend to work done at home, at consultant sites, and by remote workers.

4. Secure configuration of all existing and new hardware to minimise vulnerability and storage media crashes. These quality assurance measures should extend to removable media and remote backups.

So Is This the Worst of the Pain?

We are at the heart of the matter, although there is more to tell in future articles. You may be almost there, if you already protect your proprietary information. If not, you may have key company information already open to malware.We should welcome the EU General Data Protection Regulation as a notice that it is time to face up to the challenges of data protection and security generally. The age of hacking and malware is upon us. The offender could be a disgruntled employee, or your competition just down the street. It is time to take precautions.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Ready to work with Denizon?

Contact Us Today