Spreadsheet Woes – Burden in SOX Compliance and Other Regulations

End User Computing (EUC) or end User Developed Application (UDA) systems like spreadsheets used to be ideal ad-hoc solutions for data processing and financial reporting. But those days are long gone.

Today, due to regulations like the:

  • Sarbanes-Oxley (SOX) Act,
  • Dodd-Frank Act,
  • IFRS (International Financial Reporting Standards),
  • E.U. Data Protection Directive,
  • Basel II,
  • NAIC Model Audit Rules,
  • FAS 157,
  • yes, there?s more ? and counting

a company can be bogged down when it tries to comply with such regulations while maintaining spreadsheet-reliant financial and information systems.

In an age where regulatory compliance have become part of the norm, companies need to enforce more stringent control measures like version control, access control, testing, reconciliation, and many others, in order to pass audits and to ensure that their spreadsheets are giving them only accurate and reliable information.

Now, the problem is, these control measures aren’t exactly tailor-made for a spreadsheet environment. While yes, it is possible to set up a spreadsheet and EUC control environment that utilises best practices, this is a potentially expensive, laborious, and time-consuming exercise, and even then, the system will still not be as foolproof or efficient as the regulations call for.

Testing and reconciliation alone can cost a significant amount of time and money to be effective:

  1. It requires multiple testers who need to test spreadsheets down to the cell level.
  2. Testers will have to deal with terribly disorganized and complicated spreadsheet systems that typically involve single cells being fed information by other cells in other sheets, which in turn may be found in other workbooks, or in another folder.
  3. Each month, an organisation may have new spreadsheets with new links, new macros, new formulas, new locations, and hence new objects to test.
  4. Spreadsheets rarely come with any kind of supporting documentation and version control, further hampering the verification process.
  5. Because Windows won’t allow you to open two Excel files with the same name simultaneously and because a succession of monthly-revised spreadsheets separated by mere folders but still bearing the same name is common in spreadsheet systems, it would be difficult to compare one spreadsheet with any of its older versions.

But testing and reconciliation are just two of the many activities that make regulatory compliance terribly tedious for a spreadsheet-reliant organisation. Therefore, the sheer intricacy of spreadsheet systems make examining and maintaining them next to impossible.

On the other hand, you can’t afford not to take these regulations seriously. Non-compliance with regulatory mandates can have dire consequences, not the least of which is the loss of investor confidence. And when investors start to doubt the management’s capability, customers will start to walk away too. Now that is a loss your competitors will only be too happy to gain.

Learn more about our server application solutions and discover a better way to comply with regulations.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Check our similar posts

Mobile Security

Today’s advanced enterprises make extensive use of mobile devices in order for team members to exchange information, collaborate, and carry out business whenever and wherever they need to. BlackBerries, iPhones, Google Phones, and other smartphones as well as PocketPCs and PDAs are now allowed wireless remote access to the enterprise network.

As a result, they introduce additional vulnerabilities into the system.

  • Bluetooth exploits and unencrypted passwords can allow malicious individuals to gain access to private information.
  • Various wireless technologies that have substantially simplified the task of transferring data have provided openings for malicious code. In addition, the diversity of these wireless technologies combined with the constrained environments of these devices have made it difficult to come up with an all-in-one solution.
  • All PocketPCs, PDAs and smartphones can be synchronised with PCs and laptops, giving malware an entry point into computers and networks. Memory cards are guilty of this too.
  • VoIP, which are usually unencrypted, allow other people to perform unauthorised capture and recording of private conversations.

Mobile security is still an emerging discipline. Because of this, many organisations that allow members’ mobile phone access into the network don’t actually have a specific security policy for such devices.

That’s why we’re here to help. We’ll conduct a thorough evaluation of your security policies and systems in relation to mobile devices and seal gaps we spot along the way. If you don’t have the needed policies or if what you have needs an overhaul, we’ll set everything up (including the needed applications and infrastructure) for you.

Once we’ve got everything in place, you won’t have to worry about the vulnerabilities mentioned earlier. In addition to that, your organisation will already be capable of preventing the following:

  • Access to company information when the phone ends up in the hands of anyone other than the authorised user.
  • Being billed for phone usage due to virus activity
  • Unauthorised phone activity monitoring through spyware
  • Other disruptions caused by mobile-based malware

Other defences we’re capable of putting up include:

The Matrix Management Structure

Organizations exploit matrix management in various ways. A company, for instance, that operates globally uses it at larger scale by giving consistent products to various countries internationally. A business entity, having many products, does not assign its people to each product full-time but assign those to different ones on a part time basis, instead. And when it comes to delivering high quality and low cost products, companies overcome industry pressures with the help of many overseeing managers. In a rapidly changing environment, organizations respond quickly by sharing information through a matrix model.

Understanding the Matrix Management Structure

A basic understanding of matrix management starts with the three key roles and responsibilities that applies in the structure.

  • Matrix Leader ? The common person above all the matrix bosses is the matrix leader. He ensures that the balance of power is maintained in the entire organization by delegating decisions and promoting collaboration among the people.
  • Matrix Managers ? The managers cooperate with each other by defining the respective activities that they are responsible for.
  • Matrix Employees – The employees have lesser direct authority but has more responsibilities. They resolve differing demands from more than one matrix managers while they work things out upwards. Their loyalty must be dual and their relationships with managers must be maintained.

Characteristics of a Matrix Structure

Here are some features that define the matrix management structure:

  • Hybrid Structure ?The matrix structure is a mix of functional and project organization. Since it is a combination of these two, matrix management is hybrid in nature.
  • Functional Manager ? When it comes to the technical phases of the project, the functional manager assumes responsibility. The manager decides on how to get the project done, delegates the tasks to the subordinates and oversees the operational parts of the organization.
  • Project Manager ? The project manager has full authority in the administrative phases, including the physical and financial resources needed to complete the project. The responsibilities of a project manager comprise deciding on what to do, scheduling the work, coordinating the activities to diverse functions and evaluating over-all project performance.
  • Specialization ?As the functional managers concentrate on the technical factors, the project managers focus on administrative ones. Thus, in matrix management, there is specialization.
  • Challenge in Unity of Command ? Companies that employs matrix management usually experience a problem when it comes to the unity of command. This is largely due to the conflicting orders from the functional and project managers.

Types of Matrix Structure

The matrix management structure can be classified according to the level of power of the project manager. Here are three distinct types of matrix structures that are widely used by organizations.

  • Weak Matrix ? The project manager has limited authority and power as the functional manager controls the budget of the project. His role is only part-time and more like a coordinator.
  • Strong Matrix ? Here, the project manager has almost all the authority and power. He controls the budget, holds the full time administrative project management and has a full time role.
  • Balanced Matrix ? In this structure type, both the project and functional managers control the budget of the project. The authority and power is shared by the two as well. Although the project manager has a full time role, he only has a part time authority for the administrative staff to report under his leadership.

Successful companies of today venture more on enhancing the abilities, skills, behavior and performances of their managers than the pursuit of finding the best physical structure. Indeed, learning the fundamentals of the matrix structure is essential to maximize its efficiency. A senior executive pointed out that one of the challenges in matrix management is not more of building a structure but in creating the matrix to the mind of the managers. This comes to say that matrix management is not just about the structure, it is a frame in the mind.

How Energy Conservation saved Fambeau River Paper

Rising energy costs caught this Wisconsin paper mill napping, and it soon shut down because it was unable to innovate. Someone else bought it and turned it around by measuring, modifying, monitoring and listening to people.

The Fambeau River Paper Mill in Prince County, Wisconsin USA employed 13% of the city?s residents until rising energy costs shut it down in 2006. Critics wrote it off as an energy dinosaur unable to adapt. But that was before another company bought it out and resuscitated it as a fleet-footed winner.

Its collapse was a long time coming and almost inevitable. Wisconsin electricity prices had grown a third since 1997, the machinery was antiquated and the dependence on fossil power absolute. So what did the new owners change, and is there anything we can learn from this?

The key to understanding what suddenly went right was the new owners? ability to listen. They requested a government Energy Assessment that suggested a number of small step changes that took them where they needed to go in terms of energy saving. These included enhancements in steam systems and fuel switch modifications. However they needed more than that.

The second game changer was tracking down key members of the old workforce and listening to them too. This combination enabled them to finally hire back 92% of the original labour force under the same terms and conditions – and still make a profit (the other 8% had moved on elsewhere or retired). The combined energy savings produced a payback plan of 5.25 years. Three years into the project their capital investment of $15 million had already clawed back the following electricity savings.

  • Evaporator Temperature Control $2,245,000
  • Hot Water Heat Recovery $2,105,000
  • Paper Machine Devronisers $1,400,000
  • Increased Boiler Output $1,134,000
  • Paper Machine Modifications; $761,000
  • Motive Air Dryer $610,000
  • Accumulator Savings $448,000
  • Densified Fuels Plant $356,000

In terms of carbon dioxide produced, the Fambeau River Paper Mill?s contribution dropped from 1 ton to 600 pounds.

How well do you know where your company?s energy spend is concentrated, and how this compares with your industry average; could you be doing better if you innovated, and by how much? Get these questions answered by asking ecoVaro how easy it could be to get on top of your carbon metrics. This could cost you a phone call and a payback on it so rapid it’s not worth stopping to calculate.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Ready to work with Denizon?

Contact Us Today