Spreadsheet Risk Issues

It is interesting to note that the riskiness of operational spreadsheets are overlooked even by companies with high standards of risk management. Only when errors amount to actual losses do they realize that these risks have been staring them in the face all along.

Common spreadsheet risk issues

Susceptibility to trivial manual errors

Due to the fundamental structure of spreadsheets, a slight change in the formula or value in any of their inhabited cells may already affect their overall output. An

  • accidental copy-paste,
  • omission of a negative sign,
  • erroneous range selection,
  • incorrect data input or
  • unintentional deletion of a character,cell, range, column, or row

are just some of the simple errors spreadsheet users frequently encounter. Rarely are there any counter-checking controls in place in a spreadsheet-based activity and manual errors therefore easily go undetected.

Possibility of the user working on the wrong version

How do you store spreadsheet files?

Since the most common reports are usually generated on a monthly basis, users tend to store them using variations of these two configurations:

spreadsheet storage

If you notice, a user can accidentally work on the wrong version with any of these structures.

Prone to inconsistent company-wide reporting

This happens when a summary or ?final? spreadsheet is fed information by different departments coming from their own spreadsheets. Even if most of the data in their spreadsheets come from one source (the company-wide database), erroneous copy-pasting and linking, or even different interpretations of the same data can result to contradicting information in the end.

Often defenceless against unauthorised access

Some spreadsheets contain information needed by various individuals or department units in an organisation. Hence, they are often shared via email or through shared folders in a network. Now, because spreadsheets don’t normally use any access control, any user can easily open a spreadsheet file and view or modify the contents as he wishes.

Highly vulnerable to fraud

A complex spreadsheet system with zero or very minimal controls provides the perfect setting for would-be fraudsters. Hidden cells with malicious formulas and links to bogus information can go unnoticed for a long time especially if the final figures don’t deviate much from expected values.

Spreadsheet risk mitigation solutions may not suffice

Inherent complexity makes testing and logic inspection very time consuming

Deep testing can uncover possible errors hidden in spreadsheet cells and consequently mitigate risks. But spreadsheets used to support financial reporting are normally large, complex, highly-personalised and, without ample supporting documentation, understandably hard to follow.

No clear ownership of risk management responsibilities

There?s always a dilemma when an organisation starts assigning risk management responsibilities for spreadsheets. IT personnel believe users in the business side of the organisation should be responsible since they are the ones who create, edit, store, duplicate, and share the spreadsheet files. On the other hand, users believe IT should be responsible since they have always been in-charge of managing IT infrastructure, applications, and files.

To get rid of spreadsheet risks, you’ll have to get rid of spreadsheets altogether

One remedy is to have a risk management activity that involves both IT personnel and spreadsheet users. But wouldn’t you want to get rid of the complexity of having to distribute the responsibilities between the two parties instead of just one?

Learn more about Denizon’s server application solutions and how you can get rid of spreadsheet risk issues.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Check our similar posts

Maturing Into CMMI

 

In all likelihood, the reason why you landed on this page was because you were seeking CMMI experts to help you meet the demands of a growing number of potential clients who require CMMI compliance.

Whether or not you’re here for that reason, you might want to know why CMMI or Capability Maturity Model Integration is steadily becoming a common denominator among highly successful software and engineering development companies. If you stay for a while, we can show you how CMMI can substantially increase your organisation’s chances of:

  • reducing development costs;
  • acquiring new customers and retaining old ones;
  • beating deadlines;
  • bringing down development time;
  • increasing the overall quality of your products and services; and
  • improving the level of satisfaction of customers, employees, and all other stakeholders.

Surely, no organisation can be too small or too big to aspire for such benefits of attaining high levels of maturity and capability.

If you want to look beyond Maturity Level ratings, then you’ve come to the right place. We focus on introducing CMMI principles and blending them into your organisation’s culture to achieve a truly superior and sustainable business advantage. Compliance will then be an inevitable offshoot of the actions you make.

Likewise, if you simply want to obtain a deeper understanding of CMMI and learn how it can be applied either to your entire organisation or to specific projects, we’d be happy to assist you in that regard as well.

Finally, when you’re ready, we can also conduct CMMI appraisals either for benchmarking purposes or simply for determining how well your process improvement initiatives are going.

CMMI Consulting

Are you worried that implementing CMMI might entail an overhaul of your current processes? Don’t be.

CMMI is all about improving current processes, not replacing them. Ideally, the final result of all process improvement activities should be hinged on your own business objectives and context, so we’ll make sure it remains that way when we work with you.

We rely on our extensive knowledge and experience in CMMI, engineering, software development, and technologies as well as in change and project management in providing model-based process improvement services. Whether you’re gearing up for an appraisal or simply want to employ CMMI-based practices, these are the things we can do for you.

  • Help you interpret how CMMI can be implemented in relation to your business.
  • Assist in convincing sponsors and stakeholders to support your CMMI implementation initiatives.
  • Introduce the necessary training to all individuals who need to undertake them.
  • Conduct a Gap Analysis to find out where your company’s current processes stand relative to their CMMI specifications.
  • Assemble a process group that will champion your process improvement initiatives. We’ll facilitate effective collaboration among its team members, transforming them into a cohesive force designed to carry out plans and motivate everyone else down the line.
  • Introduce tools and practices that will improve the efficiency of our process improvement initiatives.
  • Carry out periodic evaluations and produce reports to provide sponsors and stakeholders a clear picture of our progress.

CMMI Training

Still not convinced CMMI is right for you? There’s only one way to fully grasp the benefits of implementing CMMI – take the Introduction to CMMI course. Although what happens next is entirely up to you, we’re pretty sure you’ll make the right decision after passing it.

Do you need to include people from your organisation in a SCAMPI (Standard CMMI Appraisal Method for Process Improvement) team? They’ll have to undergo this course too. The Introduction to CMMI is for systems and software engineering managers and practitioners, appraisal team members, process group members, and basically anyone who want to grasp CMMI fundamentals.

This is what you’ll be able to do after going through 3 days of lectures and exercises:

  • Gain a deeper understanding of the various components of CMMI-DEV models and their relationships.
  • Discuss the process areas in CMMI-DEV models.
  • Extract and interpret aspects in the model relevant to your own organisation’s processes.

We also offer highly specialised training and workshops such as those for:

  • Achieving High Maturity Levels
  • Top Executives
  • Team Building in Preparation for Appraisals

CMMI Appraisal

An organisation new to CMMI will want to know first how far their current processes are relative to the implementation of model-based improvements in order to determine the resources and time that have to be spent to get there.

Similarly, an organisation already well acquainted with CMMI and has begun taking steps in improving processes, will eventually want to know how close it has come to the Maturity Level it has aimed for.

In both cases, these organisations will have to be assessed by a qualified CMMI appraiser to obtain an accurate picture of their current status. We can perform appraisals on either your entire organisation or on specific projects/practices within a process area. Our appraisers can conduct the following SCAMPI (Standard CMMI Appraisal Method for Process Improvement) appraisals:

  • SCAMPI Class A – This is what you’ll need if you’re aiming for a level rating.
  • SCAMPI Class B – You may want to use this for process reviews or for preparing for a SCAMPI Class A.
  • SCAMPI Class C or Gap Analysis – We typically conduct this for organisations who have yet to implement CMMI-based initiatives so that they can design the most cost-effective road map for the implementation proper.
How Bouygues manages an Empire-Sized Footprint

Bouygues is into telecoms / media, and building and road construction. It also knows it has to watch its energy footprint closely. Owning 47% of energy giant Alstom keeps it constantly in the media spotlight. Shall we find out more about its facility management policies?

The journal Premises and Facilities Management interviewed MD Martin Bouygues on his personal opinions concerning managing energy consumption in facilities. He began by commenting that this was hardly a subject for the C-Suite in years gone by. Low-level clerks simply paid the bills following which the actual amounts were lost in the general expenses account. That of course has changed.

Early pressure came from soaring energy bills, which were pursued by a whole host of electricity-saving gadgets. However, it was only after the carbon crisis caught business by surprise that the link was forged to aerial pollution, and the social responsibilities of big business to help with the solution. The duty to have an energy strategy became an obligation eagerly policed by organisations such as Greenpeace.

Unsurprisingly, Martin Bouygues? advice begins with keeping energy consumption and its carbon footprint as high up on the agenda as health and safety. ?It needs bravery and a lot of hard work to get it there,? he says, ?so perseverance is the key?. 

The company has developed proprietary software that enables it to pull data from remote sensors in more than 80 countries every fifteen minutes. A single large building can contribute 50 million data items annually making data big business in the system. Every building has an allocated energy performance contract against which results are reported monthly, as a basis for reviewing progress.

The system is intelligent and able to incorporate low-occupancy periods such as weekends and public holidays. What is measured gets managed. We all know that, but how many of us apply the principle to our energy bills. With assistance from ecoVaro, the possible becomes real.

We offer a similar service to the Bouygues model with one notable exception. You don’t buy the software and you only pay when you use it. Our systems are simply designed for busy financial managers.

Is Change Management a Myth or a Possibility

The theory that it is possible to manage organisational change (Change Management) in a particular direction has done the rounds for quite some time, but is it true about Change Management. Was Barrack Obama correct when he said, ?Change will not come if we wait for some other person or some other time. We are the ones we have been waiting for. We are the change that we seek.?
Or, was business coach Kelly A Morgan more on the button when she commented, ?Changes are inevitable and not always controllable. What can be controlled is how you manage, react to, and work through the change process.? Let us consult the evidence and see what statisticians say.

What the Melcrum Report Tells Us

Melcrum are ?internal communication specialists who work alongside leaders and teams around the globe to build skills and best practice in internal communication.? They published a report after researching over 1,000 companies that attempted change management and advised:

? More than 50% report improved customer satisfaction

? 33% report higher productivity

? 28% report improvements in employee advocacy

? 27% improved status as a great place to work

? 27% report increased profitability

? 25% report improved absenteeism

Sounds great until we flip the mirror around and consider what the majority apparently said:

? 50% had no improvement in customer service

? 67% did not report increased productivity

? 72% did not note improvements in employee advocacy

? 73% had no improved status among job seekers

? 73% did not report increased profitability

? 75% did not report any reduction of employee absenteeism

This shows it is still a great idea to hear what all parties have to say before reaching a conclusion. You may be interested to know the Melcrum report gave rise to the legend that 70% of organisation change initiatives fail. This finding has repeated numerous times. Let’s hear what the psychologists have to say next.

There is a certain amount of truth in the old adage that says, ?You can lead a horse to water but you cannot make him drink.? Which of us has not said, ?Another flavour of the week ? better keep heads down until it passes? during a spell in the corporate world. You cannot change an organisation, but you can change an individual.

At the height of the Nazi occupation of 1942, French philosopher-writer Antoine de Saint-Exup?ry said, ?A rock pile ceases to be a rock pile the moment a single man contemplates it, bearing within him the image of a cathedral?. Psychology Today suggests five false assumptions change management rests upon, THAT ARE SIMPLY NOT TRUE.

1. The external world is orderly, stable, predictable and can be managed

2. Change managers are objective, and do not import their personal bias

3. The world is static and orderly and can be changed in linear steps

4. There is a neutral starting point where we can gather all participants

5. Change is worthy in itself, because all change is an improvement

Leo Tolstoy wrote, ?Everyone thinks of changing the world, but no one thinks of changing himself.? A prophet can work no miracles unless the people believe. From the foregoing, it is evident that change management of an organisation is a 70% impossibility, but encouraging an individual to grow is another matter.

A McKinsey Report titled Change Leader, Change Thyself fingers unbelieving managers as the most effective stumbling stones to change management. To change as individuals ? and perhaps collectively change as organisations ? we need to ?come to our own full richness?, and as shepherds lead our flock to their ?promised land?, whatever that may be. Conversely, herding our flock with a pack of sheepdogs extinguishes that most precious thing of all, human inspiration.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Ready to work with Denizon?

Contact Us Today