Spreadsheet Risk Issues

It is interesting to note that the riskiness of operational spreadsheets are overlooked even by companies with high standards of risk management. Only when errors amount to actual losses do they realize that these risks have been staring them in the face all along.

Common spreadsheet risk issues

Susceptibility to trivial manual errors

Due to the fundamental structure of spreadsheets, a slight change in the formula or value in any of their inhabited cells may already affect their overall output. An

  • accidental copy-paste,
  • omission of a negative sign,
  • erroneous range selection,
  • incorrect data input or
  • unintentional deletion of a character,cell, range, column, or row

are just some of the simple errors spreadsheet users frequently encounter. Rarely are there any counter-checking controls in place in a spreadsheet-based activity and manual errors therefore easily go undetected.

Possibility of the user working on the wrong version

How do you store spreadsheet files?

Since the most common reports are usually generated on a monthly basis, users tend to store them using variations of these two configurations:

spreadsheet storage

If you notice, a user can accidentally work on the wrong version with any of these structures.

Prone to inconsistent company-wide reporting

This happens when a summary or ?final? spreadsheet is fed information by different departments coming from their own spreadsheets. Even if most of the data in their spreadsheets come from one source (the company-wide database), erroneous copy-pasting and linking, or even different interpretations of the same data can result to contradicting information in the end.

Often defenceless against unauthorised access

Some spreadsheets contain information needed by various individuals or department units in an organisation. Hence, they are often shared via email or through shared folders in a network. Now, because spreadsheets don’t normally use any access control, any user can easily open a spreadsheet file and view or modify the contents as he wishes.

Highly vulnerable to fraud

A complex spreadsheet system with zero or very minimal controls provides the perfect setting for would-be fraudsters. Hidden cells with malicious formulas and links to bogus information can go unnoticed for a long time especially if the final figures don’t deviate much from expected values.

Spreadsheet risk mitigation solutions may not suffice

Inherent complexity makes testing and logic inspection very time consuming

Deep testing can uncover possible errors hidden in spreadsheet cells and consequently mitigate risks. But spreadsheets used to support financial reporting are normally large, complex, highly-personalised and, without ample supporting documentation, understandably hard to follow.

No clear ownership of risk management responsibilities

There?s always a dilemma when an organisation starts assigning risk management responsibilities for spreadsheets. IT personnel believe users in the business side of the organisation should be responsible since they are the ones who create, edit, store, duplicate, and share the spreadsheet files. On the other hand, users believe IT should be responsible since they have always been in-charge of managing IT infrastructure, applications, and files.

To get rid of spreadsheet risks, you’ll have to get rid of spreadsheets altogether

One remedy is to have a risk management activity that involves both IT personnel and spreadsheet users. But wouldn’t you want to get rid of the complexity of having to distribute the responsibilities between the two parties instead of just one?

Learn more about Denizon’s server application solutions and how you can get rid of spreadsheet risk issues.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Check our similar posts

Firewalls

There are two main reasons why some companies are hesitant to plug into the Internet.

  1. They know they’ll be exposing their company data to outside attacks from malicious individuals and malware.
  2. They fear their employees might get too many distractions: games, porn, chats, videos, and even social networking sites.

One vital component for your overall security strategy against such concerns? A firewall.

A firewall can block unauthorised access to certain Internet services from inside your organisation as well as prevent unauthenticated access from the outside. It is also used to monitor users’ activities while they were online.

In an enterprise setting, one may expect a collection of firewalls either for providing layered protection or segmenting off different units in the organisation. Some areas only need a standard line of defence while others require more restrictions. As such, certain firewalls may have different configurations compared to others.

Naturally, the more intricate an organisation’s defence requirements get, the more complex the task of monitoring, testing and configuring the firewalls becomes. That’s why we’re here to help.

  • We’ll evaluate your network as well as the security requirements of each department under your organisation to determine which firewall architecture is most suitable.
  • To achieve maximum efficiency, we’ll point out where each firewall should be positioned.
  • We’ll work with your key personnel to make sure all firewall configurations are set and optimised with your business rules in mind.
  • If a large number of firewalls are required, we’ll help you set up a firewall configuration management system.
  • Firewalls should be regularly tested and assessed to ensure they are in line with the organisation’s security policies. We’ll perform these routine tasks as well.

Firewalls aren’t very good at defending against sophisticated viruses. There are much better solutions for malware-related vulnerabilities, and we can help you in that regard too.

Other defences we’re capable of putting up include:

Job & Staff Scheduling with FieldElite Mobile Service Management Software

Field Service Management (FSM) software systems are designed to enable you to manage your mobile workforce from a central point- and do away with the paperwork involved with the process. They connect your technicians on the ground (via app on their phones), to the staff at the head office- who have an interactive dashboard accessed through their browsers. The office team will have access to all the jobs that are to be handled by the company, simplifying the management process and taking away the risks that come with manual data entry. Here, we will walk you through a quick process of scheduling a job for your personnel with FieldElite.

Say you are a HVAC contractor, licensed, bonded and insured. You’ve made quite a name for yourself in the industry, and have a wide range of clients- in both residential and commercial establishments. Consequently, you also have a large workforce to attend to the different situations- from installing to repair and maintenance. One of your clients- let’s call them ABC Computer Supplies, has an issue with their HVAC unit- perhaps a pipe is leaking. It needs to be fixed, and ABC have booked an appointment.? Your goal here is to get one of your personnel to handle the task as soon as possible, and this field service scheduling software comes in handy.

There are two approaches that you can take:

1. Job Scheduling

From your Dashboard, on the left-hand side you will see the menu option. Clicking on Jobs, will take you to all jobs carried out by your company.

FieldElite

The filters will allow you to view different categories of jobs:

  • Complaint– This means that there was an issue with on ground during the task delivery, and the client lodged a complaint.
  • On hold– Here, different aspects can cause a job to be paused- like when spare parts or equipment required for repair jobs have been ordered, and one needs to wait for them to be shipped in from a different location.
  • Pending– This is basically your in-tray, a list of jobs that are to be carried out.
  • In Progress– The technicians are on the ground, attending to the client’s needs, and you’re getting routine updates from them.
  • Incomplete– Though the job had been assigned to the required technician, it was not completed in the set amount of time, thus requiring an additional visit to the site. Given that the FSM solution increases the first-time fix rate, cases of ?incomplete tasks? are reduced.
  • Complete– The task is successfully done and the customer has appended their e-signature, and now it can be invoiced.
  • Cancelled Invoice– The head office determines that a particular invoice shouldn’t be paid, and thus cancels it.

Our focus here is the pending tasks, so use this filter. ABC’s HVAC job will be among these. Clicking on its Job ID will open up the details of the task, with such an Update Job window:

FieldElite Job

This section contains all the information of the job- both past and present, which you can update in real-time. Any changes will be recorded by the system and can be viewed on the “Audit” tab.

As you can see here, the HVAC repair job is both “pending” and “urgent”. No one really likes sitting in an office that feels like an oven. Being the headquarters, it’s likely handles lots of foot traffic, and the damaged HVAC unit will make the working conditions really difficult. It’s best not to keep the client waiting, right?

So, head on over to the Supervisor and Workers section (on the same “Details” tab), and select the personnel suited for the task.

FieldElite Job Details

Set the time that the task will take for your technician, and once satisfied with the details of the job, click on Update. Voila! You’re done.

FieldElite Job Update

Immediately this happens, the worker received a notification on their app, telling them that they have been assigned the job.

From the app, the technician will be able to view the specifics of the HVAC job, including notes and attachments that you can add directly from your own dashboard, such as schematics of the building and reports from other technicians who installed the air conditioning system for the facility. You also get to add products that will be required for the task- like the pipe and panel mounted socket shown here. As the system also includes an inventory of the products used, their quantity and costs, you will be able to keep an accurate record of the supplies as they as are used.

As such, the field workers will not have to keep coming back to the central office to get documents and reports of new tasks, or walk around with bulky files. When they are carrying out the job, they will also be able to keep the staff at the office updated about its progress, through the chat feature on the mobile app, taking photos and adding notes as required.

2. Staff Scheduling

With this approach, the perspective is basically: ?So I have a couple of jobs- which of my employees has time to handle them?? The FSM allows you to optimise your productivity- by ensuring that you get the most out of the staff work hours, and avoid cases of jobs going into overtime.

Follow these steps:

  1. Select ?Scheduler? from the left-hand side of the window. You will have a view of the workers of your company and how their day is planned out, and a summary of the unassigned jobs.

Here, you can tell whose busy, and who can have a new task assigned to them at the click of a button- which is far more effective than keeping on jotting down points in your diary or going through files of documents.

If the job has yet to be added to the system- like for the cases of new clients, simply click on the ?Add Job? button and key in its details.

2. Scroll down, you will see a list of unassigned jobs.

unassigned jobs

3. Next, click on the edit button under ?Actions?. This will take you to the same ?Update Job? window described in the first approach, in order to assign the preferred worker to the role.

This real-time dispatching avoids cases of your desk getting cluttered with paper sheets, and prevents duplicate entries as each job has its own ID and task details- from the scheduling to the invoicing. In this case, your HVAC technician will have access to the information needed right at the palm of their hand, to ensure that the task at ABC?s head office goes seamlessly. The optimised schedule will enable the task to be carried out faster- restoring normalcy to your client’s facility.? In case the client’s location is on the route that one of your technicians takes while heading home, you can take advantage of this by giving them the task towards the end of their working day- thus clearing more of your backlog, sorting out your client, and easing your technician?s worries about getting home late.

As you can see, the field service scheduling software enables you to easily and efficiently handle your workflow, avoid the mess that is associated with manual documentation and cases of your employees getting conflicting schedules and overlaps- which would strain them and dampen their morale. Streamlining your workflow and standardising operations ultimately results in increased customer satisfaction.

Maturing Into CMMI

 

In all likelihood, the reason why you landed on this page was because you were seeking CMMI experts to help you meet the demands of a growing number of potential clients who require CMMI compliance.

Whether or not you’re here for that reason, you might want to know why CMMI or Capability Maturity Model Integration is steadily becoming a common denominator among highly successful software and engineering development companies. If you stay for a while, we can show you how CMMI can substantially increase your organisation’s chances of:

  • reducing development costs;
  • acquiring new customers and retaining old ones;
  • beating deadlines;
  • bringing down development time;
  • increasing the overall quality of your products and services; and
  • improving the level of satisfaction of customers, employees, and all other stakeholders.

Surely, no organisation can be too small or too big to aspire for such benefits of attaining high levels of maturity and capability.

If you want to look beyond Maturity Level ratings, then you’ve come to the right place. We focus on introducing CMMI principles and blending them into your organisation’s culture to achieve a truly superior and sustainable business advantage. Compliance will then be an inevitable offshoot of the actions you make.

Likewise, if you simply want to obtain a deeper understanding of CMMI and learn how it can be applied either to your entire organisation or to specific projects, we’d be happy to assist you in that regard as well.

Finally, when you’re ready, we can also conduct CMMI appraisals either for benchmarking purposes or simply for determining how well your process improvement initiatives are going.

CMMI Consulting

Are you worried that implementing CMMI might entail an overhaul of your current processes? Don’t be.

CMMI is all about improving current processes, not replacing them. Ideally, the final result of all process improvement activities should be hinged on your own business objectives and context, so we’ll make sure it remains that way when we work with you.

We rely on our extensive knowledge and experience in CMMI, engineering, software development, and technologies as well as in change and project management in providing model-based process improvement services. Whether you’re gearing up for an appraisal or simply want to employ CMMI-based practices, these are the things we can do for you.

  • Help you interpret how CMMI can be implemented in relation to your business.
  • Assist in convincing sponsors and stakeholders to support your CMMI implementation initiatives.
  • Introduce the necessary training to all individuals who need to undertake them.
  • Conduct a Gap Analysis to find out where your company’s current processes stand relative to their CMMI specifications.
  • Assemble a process group that will champion your process improvement initiatives. We’ll facilitate effective collaboration among its team members, transforming them into a cohesive force designed to carry out plans and motivate everyone else down the line.
  • Introduce tools and practices that will improve the efficiency of our process improvement initiatives.
  • Carry out periodic evaluations and produce reports to provide sponsors and stakeholders a clear picture of our progress.

CMMI Training

Still not convinced CMMI is right for you? There’s only one way to fully grasp the benefits of implementing CMMI – take the Introduction to CMMI course. Although what happens next is entirely up to you, we’re pretty sure you’ll make the right decision after passing it.

Do you need to include people from your organisation in a SCAMPI (Standard CMMI Appraisal Method for Process Improvement) team? They’ll have to undergo this course too. The Introduction to CMMI is for systems and software engineering managers and practitioners, appraisal team members, process group members, and basically anyone who want to grasp CMMI fundamentals.

This is what you’ll be able to do after going through 3 days of lectures and exercises:

  • Gain a deeper understanding of the various components of CMMI-DEV models and their relationships.
  • Discuss the process areas in CMMI-DEV models.
  • Extract and interpret aspects in the model relevant to your own organisation’s processes.

We also offer highly specialised training and workshops such as those for:

  • Achieving High Maturity Levels
  • Top Executives
  • Team Building in Preparation for Appraisals

CMMI Appraisal

An organisation new to CMMI will want to know first how far their current processes are relative to the implementation of model-based improvements in order to determine the resources and time that have to be spent to get there.

Similarly, an organisation already well acquainted with CMMI and has begun taking steps in improving processes, will eventually want to know how close it has come to the Maturity Level it has aimed for.

In both cases, these organisations will have to be assessed by a qualified CMMI appraiser to obtain an accurate picture of their current status. We can perform appraisals on either your entire organisation or on specific projects/practices within a process area. Our appraisers can conduct the following SCAMPI (Standard CMMI Appraisal Method for Process Improvement) appraisals:

  • SCAMPI Class A – This is what you’ll need if you’re aiming for a level rating.
  • SCAMPI Class B – You may want to use this for process reviews or for preparing for a SCAMPI Class A.
  • SCAMPI Class C or Gap Analysis – We typically conduct this for organisations who have yet to implement CMMI-based initiatives so that they can design the most cost-effective road map for the implementation proper.

Ready to work with Denizon?

Contact Us Today