Spreadsheet Woes – Burden in SOX Compliance and Other Regulations

End User Computing (EUC) or end User Developed Application (UDA) systems like spreadsheets used to be ideal ad-hoc solutions for data processing and financial reporting. But those days are long gone.

Today, due to regulations like the:

Sarbanes-Oxley (SOX) Act,
Dodd-Frank Act,
IFRS (International Financial Reporting Standards),
E.U. Data Protection Directive,
Basel II,
NAIC Model Audit Rules,
FAS 157,
yes, there?s more ? and counting

a company can be bogged down when it tries to comply with such regulations while maintaining spreadsheet-reliant financial and information systems.

In an age where regulatory compliance have become part of the norm, companies need to enforce more stringent control measures like version control, access control, testing, reconciliation, and many others, in order to pass audits and to ensure that their spreadsheets are giving them only accurate and reliable information.

Now, the problem is, these control measures aren’t exactly tailor-made for a spreadsheet environment. While yes, it is possible to set up a spreadsheet and EUC control environment that utilises best practices, this is a potentially expensive, laborious, and time-consuming exercise, and even then, the system will still not be as foolproof or efficient as the regulations call for.

Testing and reconciliation alone can cost a significant amount of time and money to be effective:

It requires multiple testers who need to test spreadsheets down to the cell level.
Testers will have to deal with terribly disorganized and complicated spreadsheet systems that typically involve single cells being fed information by other cells in other sheets, which in turn may be found in other workbooks, or in another folder.
Each month, an organisation may have new spreadsheets with new links, new macros, new formulas, new locations, and hence new objects to test.
Spreadsheets rarely come with any kind of supporting documentation and version control, further hampering the verification process.
Because Windows won’t allow you to open two Excel files with the same name simultaneously and because a succession of monthly-revised spreadsheets separated by mere folders but still bearing the same name is common in spreadsheet systems, it would be difficult to compare one spreadsheet with any of its older versions.

But testing and reconciliation are just two of the many activities that make regulatory compliance terribly tedious for a spreadsheet-reliant organisation. Therefore, the sheer intricacy of spreadsheet systems make examining and maintaining them next to impossible.

On the other hand, you can’t afford not to take these regulations seriously. Non-compliance with regulatory mandates can have dire consequences, not the least of which is the loss of investor confidence. And when investors start to doubt the management’s capability, customers will start to walk away too. Now that is a loss your competitors will only be too happy to gain.

Learn more about our server application solutions and discover a better way to comply with regulations.

More Spreadsheet Blogs

Spreadsheet Risks in Banks

Top 10 Disadvantages of Spreadsheets

Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry

How Internal Auditors can win the War against Spreadsheet Fraud

Spreadsheet Reporting – No Room in your company in an age of Business Intelligence

Still looking for a Way to Consolidate Excel Spreadsheets?

Disadvantages of Spreadsheets

Spreadsheet woes – ill equipped for an Agile Business Environment

Spreadsheet Fraud

Spreadsheet Woes – Limited features for easy adoption of a control framework

Spreadsheet woes – Burden in SOX Compliance and other Regulations

Spreadsheet Risk Issues

Server Application Solutions – Don’t let Spreadsheets hold your Business back

Why Spreadsheets can send the pillars of Solvency II crashing down

amazon.co.uk

amazon.com

Contact Us

(+353)(0)1-443-3807 – IRL
(+44)(0)20-7193-9751 – UK

Check our similar posts

ISO in Energy management

Every industry has its own set levels of quality that are considered acceptable or desirable. Energy performance like any other field is governed by some set standards. These differ across regions but international standards do exist.

ISO 50001 is the international energy standard applicable to both large and small organisations irrespective of geographical, cultural or social conditions. It outlines the best energy management practices that are considered to be the best by specifying that an organisation must integrate an energy management system and institute an energy policy, objectives, targets, and action plans taking into account legal requirements and information related to significant energy use. The energy standard is applicable to organisations.

What’s the importance of attaining energy certification?

ISO certification in any industry is a demonstration of quality or that a service or product meets the expected service standards. In energy management, ISO certification is a demonstration that an organisation or company has implemented sustainable energy management systems, completed a baseline of energy use and, is committed to continuously improve its energy performance. In addition, ISO certification assists organisations in the following ways:

? Organisations are able to optimise the existing energy-consuming assets

? Offers guidance on bench-marking, measuring, documenting, and reporting energy intensity improvements and their projected impact on reducing GHG emissions

? Creates transparency and facilitates communication on the management of energy resources

? Promotes energy management best practices and reinforces good energy management behaviours

? Assists facilities in evaluating and prioritising the implementation of new energy-efficient technologies

? Provides a framework for promoting energy efficiency throughout the supply chain

? Facilitates energy management improvements in the context of GHG emission reduction projects: The reduction of carbon emissions means therefore an organisation is able to meet government carbon reduction targets by demonstrating environmental credentials. The accruing benefits are many, ranging from increased investor confidence to more tender opportunities

Energy management software plays a vital role in helping organisations comply with energy standards through improved performance across the various functions in an organisation.

Which Services to Share?

It often makes sense to pool resources. Farmers have been doing so for decades by collectively owning expensive combine harvesters. France, Germany, the United Kingdom and Spain have successfully pooled their manufacturing power to take on Boeing with their Airbus. But does this mean that shared services are right in every situation?

The Main Reasons for Sharing

The primary argument is economies of scale. If the Airbus partners each made 25% of the engines their production lines would be shorter and they would collectively need more technicians and tools. The second line of reasoning is that shared processes are more efficient, because there are greater opportunities for standardisation.

Is This the Same as Outsourcing?

Definitely not! If France, Germany, the United Kingdom and Spain has decided to form a collective airline and asked Boeing to build their fleet of aircraft, then they would have outsourced airplane manufacture and lost a strategic industry. This is where the bigger picture comes into play.

The Downside of Sharing

Centralising activities can cause havoc with workflow, and implode decentralised structures that have evolved over time. The Airbus technology called for creative ways to move aircraft fuselages around. In the case of farmers, they had to learn to be patient and accept that they would not always harvest at the optimum time.

Things Best Not Shared

Core business is what brings in the money, and this should be tailor-made to its market. It is also what keeps the company afloat and therefore best kept on board. The core business of the French, German, United Kingdom and Spanish civilian aircraft industry is transporting passengers. This is why they are able to share an aircraft supply chain that spun off into a commercial success story.

Things Best Shared

It follows that activities that are neither core nor place bound – and can therefore happen anywhere ? are the best targets for sharing. Anything processed on a computer can be processed on a remote computer. This is why automated accounting, stock control and human resources are the perfect services to share.

So Case Closed Then?

No, not quite. ?Technology has yet to overtake our humanity, our desire to feel part of the process and our need to feel valued. When an employee, supplier or customer has a problem with our administration it’s just not good enough to abdicate and say ?Oh, you have to speak to Dublin, they do it there?.

Call centres are a good example of abdication from stakeholder care. To an extent, these have ?confiscated? the right of customers to speak to speak directly to their providers. This has cost businesses more customers that they may wish to measure. Sharing services is not about relinquishing the duty to remain in touch. It is simply a more efficient way of managing routine matters.

New Focus on Monitoring Soil

There is nothing new about monitoring soil in arid conditions. South Africa and Israel have been doing it for decades. However climate change has increased its urgency as the world comes to terms with pressure on the food chain. Denizon decided to explore trends at the macro first world level and the micro third world one.

In America, the Coordinated National Soil Moisture Network is going ahead with plans to create a database of federal and state monitoring networks and numerical modelling techniques, with an eye on soil-moisture database integration. This is a component of the National Drought Resilience Partnership that slots into Barrack Obama?s Climate Action Plan.

This far-reaching program reaches into every corner of American life to address the twin scourges of droughts and inundation, and the agency director has called it ?probably ?… one of the most innovative inter-agency tools on the planet?. The pilot project involving remote moisture sensing and satellite observation targets Oklahoma, North Texas and surrounding areas.

Africa has similar needs but lacks America?s financial muscle. Princeton University ecohydrologist Kelly Caylor is bridging the gap in Kenya and Zambia by using cell phone technology to transmit ecodata collected by low-cost ?pulsepods?.

He deploys the pods about the size of smoke alarms to measure plants and their environment.?Aspects include soil moisture to estimate how much water they are using, and sunlight to approximate the rate of photosynthesis. Each pod holds seven to eight sensors, can operate on or above the ground, and transmits the data via sms.

While the system is working well at academic level, there is more to do before the information is useful to subsistence rural farmers living from hand to mouth. The raw data stream requires interpretation and the analysis must come through trusted channels most likely to be the government and tribal chiefs. Kelly Caylor cites the example of a sick child. The temperature reading has no use until a trusted source interprets it.

He has a vision of climate-smart agriculture where tradition gives way to global warming. He involves local farmers in his research by enrolling them when he places pods, and asking them to sms weekly weather reports to him that he correlates with the sensor data. As trust builds, he hopes to help them choose more climate-friendly crops and learn how to reallocate labour as seasons change.