Spreadsheet Woes – Burden in SOX Compliance and Other Regulations

End User Computing (EUC) or end User Developed Application (UDA) systems like spreadsheets used to be ideal ad-hoc solutions for data processing and financial reporting. But those days are long gone.

Today, due to regulations like the:

Sarbanes-Oxley (SOX) Act,
Dodd-Frank Act,
IFRS (International Financial Reporting Standards),
E.U. Data Protection Directive,
Basel II,
NAIC Model Audit Rules,
FAS 157,
yes, there?s more ? and counting

a company can be bogged down when it tries to comply with such regulations while maintaining spreadsheet-reliant financial and information systems.

In an age where regulatory compliance have become part of the norm, companies need to enforce more stringent control measures like version control, access control, testing, reconciliation, and many others, in order to pass audits and to ensure that their spreadsheets are giving them only accurate and reliable information.

Now, the problem is, these control measures aren’t exactly tailor-made for a spreadsheet environment. While yes, it is possible to set up a spreadsheet and EUC control environment that utilises best practices, this is a potentially expensive, laborious, and time-consuming exercise, and even then, the system will still not be as foolproof or efficient as the regulations call for.

Testing and reconciliation alone can cost a significant amount of time and money to be effective:

It requires multiple testers who need to test spreadsheets down to the cell level.
Testers will have to deal with terribly disorganized and complicated spreadsheet systems that typically involve single cells being fed information by other cells in other sheets, which in turn may be found in other workbooks, or in another folder.
Each month, an organisation may have new spreadsheets with new links, new macros, new formulas, new locations, and hence new objects to test.
Spreadsheets rarely come with any kind of supporting documentation and version control, further hampering the verification process.
Because Windows won’t allow you to open two Excel files with the same name simultaneously and because a succession of monthly-revised spreadsheets separated by mere folders but still bearing the same name is common in spreadsheet systems, it would be difficult to compare one spreadsheet with any of its older versions.

But testing and reconciliation are just two of the many activities that make regulatory compliance terribly tedious for a spreadsheet-reliant organisation. Therefore, the sheer intricacy of spreadsheet systems make examining and maintaining them next to impossible.

On the other hand, you can’t afford not to take these regulations seriously. Non-compliance with regulatory mandates can have dire consequences, not the least of which is the loss of investor confidence. And when investors start to doubt the management’s capability, customers will start to walk away too. Now that is a loss your competitors will only be too happy to gain.

Learn more about our server application solutions and discover a better way to comply with regulations.

More Spreadsheet Blogs

Spreadsheet Risks in Banks

Top 10 Disadvantages of Spreadsheets

Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry

How Internal Auditors can win the War against Spreadsheet Fraud

Spreadsheet Reporting – No Room in your company in an age of Business Intelligence

Still looking for a Way to Consolidate Excel Spreadsheets?

Disadvantages of Spreadsheets

Spreadsheet woes – ill equipped for an Agile Business Environment

Spreadsheet Fraud

Spreadsheet Woes – Limited features for easy adoption of a control framework

Spreadsheet woes – Burden in SOX Compliance and other Regulations

Spreadsheet Risk Issues

Server Application Solutions – Don’t let Spreadsheets hold your Business back

Why Spreadsheets can send the pillars of Solvency II crashing down

amazon.co.uk

amazon.com

Contact Us

(+353)(0)1-443-3807 – IRL
(+44)(0)20-7193-9751 – UK

Check our similar posts

Energy Cooperation Mechanisms in the EU

While the original mission of the European Union was to bring countries together to prevent future wars, this has spun out into a variety of other cooperative mechanisms its founders may never have dreamed of. Take energy for example, where the European Energy Directive puts energy cooperation mechanisms in place to help member states achieve the collective goal.

This inter-connectivity is essential because countries have different opportunities. For example, some may easily meet their renewable targets with an abundance of suitable rivers, while others may have a more regular supply of sunshine. To capitalise on these opportunities the EU created an internal energy market to make it easier for countries to work together and achieve their goals in cost-effective ways. The three major mechanisms are

Joint Projects
Statistical Transfers
Joint Support Schemes

Joint Projects

The simplest form is where two member states co-fund a power generation, heating or cooling scheme and share the benefits. This could be anything from a hydro project on their common border to co-developing bio-fuel technology. They do not necessarily share the benefits, but they do share the renewable energy credits that flow from it.

An EU country may also enter into a joint project with a non-EU nation, and claim a portion of the credit, provided the project generates electricity and this physically flows into the union.

Statistical Transfers

A statistical transfer occurs when one member state has an abundance of renewable energy opportunities such that it can readily meet its targets, and has surplus credits it wishes to exchange for cash. It ?sells? these through the EU accounting system to a country willing to pay for the assistance.

This aspect of the cooperative mechanism provides an incentive for member states to exceed their targets. It also controls costs, because the receiver has the opportunity to avoid more expensive capital outlays.

Joint Support Schemes

In the case of joint support schemes, two or more member countries combine efforts to encourage renewable energy / heating / cooling systems in their respective territories. This concept is not yet fully explored. It might for example include common feed-in tariffs / premiums or common certificate trading and quota systems.

Conclusion

A common thread runs through these three cooperative mechanisms and there are close interlinks. The question in ecoVaro?s mind is the extent to which the system will evolve from statistical support systems, towards full open engagement.

A Small External Enterprise Development Team is Cheaper than Your Own

Time is money in the application development business. We have to get to market sooner so someone else does not gazump us, and pip us at the post. We increase the likelihood of this with every delay. Moreover, the longer your in-house team takes to get you through the swamp, the higher the project cost to you.

Of course, in theory this should not be the case. Why bring in a team from outside, and pay more to support their corporate structure? Even going for a contract micro team ought not to make financial sense, because we have to fund their mark-up and their profit taking. Our common sense tells us that this is crazy. But, hold that thought for a minute. What would you say if a small external enterprise development team was actually cheaper? To achieve that, they would have to work faster too.

The costs of an Enterprise Internal Development Team

Even if you were able to keep your own team fully occupied ? which is unlikely in the long term ? having your own digital talent pool works out expensive when you factor in the total cost. Your difficulties begin with the hiring process, especially if you do not fully understand the project topic, and have to subcontract the hiring task.

If you decide to attempt this yourself, your learning curve could push out the project completion date. Whichever way you decide to go, you are up for paying advertising, orientation training, technical upskilling, travel expenses, and salaries all of which are going to rob your time. Moreover, a wrong recruitment decision would cost three times the new employee?s annual salary, and there is no sign of that changing.

But that is not all, not all by far. If want your in-house team to keep their work files in the office, then you are going to have to buy them laptops, plus extra screens so they can keep track of what they are doing. Those laptops are going to need desks, and those employees, chairs to sit in. Plus, you are going to need expensive workspace with good security for your team?s base.

If we really wanted to lay it on, we would add software / cloud costs, telephony, internet access, and ongoing technical training to the growing pile. We did a quick scan on PayScale. The median salary of a computer programmer in Ireland is ?38,000 per year and that is just the beginning. If you need a program manager for your computer software, their salary will be almost double that at ?65,000 annually.

Advantages of R&D outsourcing

The case for a small externally sourced enterprise development team revolves around the opportunity cost ? or loss to put in bluntly ? of hiring your own specialist staff for projects. If you own a smaller business with up to 100 people, you are going to have to find work for idle digital fingers, after you roll out your in-house enterprise project. If you do not, you head down the road towards owning a dysfunctional team lacking a core, shared objective to drive them forward.

Compared to this potential extravagance, hiring a small external enterprise development team on an as-needed basis makes far more sense. Using a good service provider as a ?convenience store? drives enterprise development costs down through the floor, relative to having your own permanent team. Moreover, the major savings that arise are in your hands and free to deploy as opportunities arise. A successful business is quick and nimble, with cash flow on tap for R & D.

Are Master Data Management and Hadoop a Good Match?

Master Data is the critical electronic information about the company we cannot afford to lose. Accordingly, we should sanitise it, look after it, and store it safely in several separate places that are independent of each other. The advent of Big Data introduced the current era of huge repositories ?in the clouds?. They are not, of course but at least they are remote. This short article includes a discussion about Hadoop, and whether this is a good platform to back up your Master Data.

About Hadoop

Hadoop is an open-source Apache software framework built on the assumption that hardware failure is so common that backups are unavoidable. It comprises a storage area and a management part that distributes the data to smaller nodes where it processes faster and more efficiently. Prominent users include Yahoo! and Facebook. In fact more than half Fortune 50 companies were using Hadoop in 2013.

Hadoop – initially launched in December 2011 ? has survived its baptism of fire and became a respected, reliable option. But is this something the average business owner can tackle on their own? Bear in mind that open source software generally comes with little implementation support from the vendor.

The Hadoop Strong Suite

Free to download, use and contribute to

Everything you need ?in the box? to get started

Distributed across multiple fire-walled computers

Fast processing of data held in efficient cluster nodes

Massive scaleable storage you are unlikely to run out of

Practical Constraints

There is more to Hadoop than writing to WordPress. The most straightforward solutions are uploading using Java commands, obtaining an interface mechanism, or using third party vendor connectors such as ACCESS or SAS. The system does not replace the need for IT support, although it is cheap and exceptionally powerful.

The Not-Free Safer Option

Smaller companies without in-depth in-house support are wise to engage with a technical intermediary. There are companies providing commercial implementations followed by support. Microsoft, Amazon and Google among others all have commercial versions in their catalogues, and support teams at the end of the line.