Spreadsheet Woes – Limited Features For Easy Adoption of a Control Framework

Like it or not, regulations are here to stay and for a company to comply with them, its IT and financial systems will have to be equipped with a suitable control framework. One common stumbling block to such an implementation is a company?s over-reliance on spreadsheets.

Why is it so difficult to adopt controls for a system that’s reliant on spreadsheets? To understand this, let’s pinpoint some of the strongest, most powerful attributes of these User Developed Applications (UDA).

By nature, spreadsheets are the epitome of simplicity: easy to develop, easily accessible and easily altered. All computers in your workplace will most likely have them and everyone in your organization may be sharing them, making their own versions, and storing them in personal folders.

Sad to say though, these strengths are also control weaknesses and constitute the very reasons why spreadsheets require effective risk management.

Easy to develop. Being easy to develop, most spreadsheet systems are created by non-IT users who have limited knowledge on best control practices. Being constantly under time pressure, these ?developers? may also relegate documentation, security, and data verification to the back burner in favour of coming up with a timely report.

Easy to access. Information in a spreadsheet can be opened by practically anyone within the organization?s network. Who accessed what? And when? If anything goes wrong, it would be difficult to identify the culprit, and the failure to pinpoint responsibility for erroneous data could lead to bigger, more costly mistakes.

Easy to alter. Lastly, if the information is easy to access, then it can also be easily altered, consequently making reports more prone to both accidental errors and fraudulent modifications.

The rise of multimillion dollar scandals due to accidental and intentional spreadsheet errors have prompted regulatory bodies to publish guidelines for mitigating spreadsheet-associated risks. These controls include:

  • Change control
  • Version control
  • Access control
  • Input
  • Security and data integrity
  • Documentation
  • Development life cycle
  • Backup and archiving
  • Logic inspection/Testing
  • Segregation of duties/roles, and procedures
  • Analytics

In theory, these controls should be able to bring down risks considerably. However, because of the inherent nature of spreadsheets, such controls are rarely implemented effectively in the real world.

Take for example Security and Data Integrity. One of the most common causes of spreadsheet error is due to ?hardwiring?. This happens when values are inadvertently entered into a formula cell, naturally changing the logic of the spreadsheet.

As a way of control, cell locking can be applied on the formula cells to prevent users without the proper authority from making any changes. However, when reporting deadlines approach drawing spreadsheets to the forefront of data processing, more people are given access rights to the locked cells. Ironically, it is during these crunch times, when errors are most likely to happen.

Because the built-in features of a spreadsheet support none of the controls mentioned above, some companies are tempted to purchase control-enabling programs for spreadsheets just to continue using them for financial reporting. But although these programs can integrate the required controls, you?d still be interacting with the same complex and outdated interface: the spreadsheets.

Thus, these band-aid solutions may not suffice because the root cause of these problems are the spreadsheets themselves.

Learn more about our server application solutions and discover a better way to implement controls.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

Advert-Book-UK

amazon.co.uk

Advert-Book-USA

amazon.com

Check our similar posts

What Kanban can do for Call Centre Response Times

When a Toyota industrial engineer named Taiichi Ohno was investigating ways to optimise production material stocks in 1953, it struck him that supermarkets already had the key. Their customers purchased food and groceries on a just-in-time basis, because they trusted continuity of supply. This enabled stores to predict demand, and ensure their suppliers kept the shelves full.

The Kanban system that Taiichi Ohno implemented included a labelling system. His Kanban tickets recorded details of the factory order, the delivery destination, and the process intended for the materials. Since then, Ohno?s system has helped in many other applications, especially where customer demand may be unpredictable.

Optimising Workflow in Call Centres
Optimising workflow in call centres involves aiming to have an agent pick up an incoming call within a few rings and deal with it effectively. Were this to be the case we would truly have a just-in-time business, in which operators arrived and left their stations according to customer demand. For this to be possible, we would need to standardise performance across the call centre team. Moving optimistically in that direction we would should do these three things:

  • Make our call centre operation nimble
  • Reduce the average time to handle calls
  • Decide an average time to answer callers

When we have done that, we are in a position to apply these norms to fluctuating call frequencies, and introduce ?kanbanned? call centre operators.

Making Call Centre Operations Nimble
The best place to start is to ask the operators and support staff what they think. Back in the 1960?s Robert Townsend of Avis Cars famously said, ?ask the people ? they know where the wheels are squeaking? and that is as true as ever.

  1. Begin by asking technical support about downtime frequencies, duration, and causes. Given the cost of labour and frustrated callers, we should have the fastest and most reliable telecoms and computer equipment we can find.
  1. Then invest in training and retraining operators, and making sure the pop-up screens are valuable, valid, and useful. They cannot do their job without this information, and it must be at least as tech-savvy as their average callers are.
  1. Finally, spruce up the call centre with more than a lick of paint to awaken a sense of enthusiasm and pride. Find time for occasional team builds and fun during breaks. Tele-operators have a difficult job. Make theirs fun!

Reducing Average Time to Handle Calls
Average length of contact is probably our most important metric. We should beware of shortening this at the cost of quality of interaction. To calculate it, use this formula:

Total Work Time + Total Hold Time + Total Post Call Time

Divided By

Total Calls Handled in that Period

Share recordings of great calls that highlight how your best operators work. Encourage role-play during training sessions so people learn by doing. Publish your average call-handling time statistics. Encourage individual operators to track how they are doing against these numbers. Make sure your customer information is up to date. While they must confirm core data, limit this so your operators can get down to their job sooner.

Decide a Target Time to Answer Calls
You should know what is possible in a matter of a few weeks. Do not attempt to go too tight on this one. It is better to build in say 10% slack that you can always trim in future. Once you have decided this, you can implement your Kanban system.

Introducing Kanban in Your Call Centre Operation
Monitor your rate of incoming calls through your contact centre, and adjust your operator-demand metric on an ongoing basis. Use this to calculate your over / under demand factor. Every operator should know the value on this Kanban ticket. It will tell them whether to speed up a little, or slow down a bit so they deliver the effort the call rate demands. It will also advise the supervisor when to call up reserves.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
Spreadsheet Risk Issues

It is interesting to note that the riskiness of operational spreadsheets are overlooked even by companies with high standards of risk management. Only when errors amount to actual losses do they realize that these risks have been staring them in the face all along.

Common spreadsheet risk issues

Susceptibility to trivial manual errors

Due to the fundamental structure of spreadsheets, a slight change in the formula or value in any of their inhabited cells may already affect their overall output. An

  • accidental copy-paste,
  • omission of a negative sign,
  • erroneous range selection,
  • incorrect data input or
  • unintentional deletion of a character,cell, range, column, or row

are just some of the simple errors spreadsheet users frequently encounter. Rarely are there any counter-checking controls in place in a spreadsheet-based activity and manual errors therefore easily go undetected.

Possibility of the user working on the wrong version

How do you store spreadsheet files?

Since the most common reports are usually generated on a monthly basis, users tend to store them using variations of these two configurations:

spreadsheet storage

If you notice, a user can accidentally work on the wrong version with any of these structures.

Prone to inconsistent company-wide reporting

This happens when a summary or ?final? spreadsheet is fed information by different departments coming from their own spreadsheets. Even if most of the data in their spreadsheets come from one source (the company-wide database), erroneous copy-pasting and linking, or even different interpretations of the same data can result to contradicting information in the end.

Often defenceless against unauthorised access

Some spreadsheets contain information needed by various individuals or department units in an organisation. Hence, they are often shared via email or through shared folders in a network. Now, because spreadsheets don’t normally use any access control, any user can easily open a spreadsheet file and view or modify the contents as he wishes.

Highly vulnerable to fraud

A complex spreadsheet system with zero or very minimal controls provides the perfect setting for would-be fraudsters. Hidden cells with malicious formulas and links to bogus information can go unnoticed for a long time especially if the final figures don’t deviate much from expected values.

Spreadsheet risk mitigation solutions may not suffice

Inherent complexity makes testing and logic inspection very time consuming

Deep testing can uncover possible errors hidden in spreadsheet cells and consequently mitigate risks. But spreadsheets used to support financial reporting are normally large, complex, highly-personalised and, without ample supporting documentation, understandably hard to follow.

No clear ownership of risk management responsibilities

There?s always a dilemma when an organisation starts assigning risk management responsibilities for spreadsheets. IT personnel believe users in the business side of the organisation should be responsible since they are the ones who create, edit, store, duplicate, and share the spreadsheet files. On the other hand, users believe IT should be responsible since they have always been in-charge of managing IT infrastructure, applications, and files.

To get rid of spreadsheet risks, you’ll have to get rid of spreadsheets altogether

One remedy is to have a risk management activity that involves both IT personnel and spreadsheet users. But wouldn’t you want to get rid of the complexity of having to distribute the responsibilities between the two parties instead of just one?

Learn more about Denizon’s server application solutions and how you can get rid of spreadsheet risk issues.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
ISO in Energy management

Every industry has its own set levels of quality that are considered acceptable or desirable. Energy performance like any other field is governed by some set standards. These differ across regions but international standards do exist.

ISO 50001 is the international energy standard applicable to both large and small organisations irrespective of geographical, cultural or social conditions. It outlines the best energy management practices that are considered to be the best by specifying that an organisation must integrate an energy management system and institute an energy policy, objectives, targets, and action plans taking into account legal requirements and information related to significant energy use. The energy standard is applicable to organisations.

What’s the importance of attaining energy certification?

ISO certification in any industry is a demonstration of quality or that a service or product meets the expected service standards. In energy management, ISO certification is a demonstration that an organisation or company has implemented sustainable energy management systems, completed a baseline of energy use and, is committed to continuously improve its energy performance. In addition, ISO certification assists organisations in the following ways:

? Organisations are able to optimise the existing energy-consuming assets

? Offers guidance on bench-marking, measuring, documenting, and reporting energy intensity improvements and their projected impact on reducing GHG emissions

? Creates transparency and facilitates communication on the management of energy resources

? Promotes energy management best practices and reinforces good energy management behaviours

? Assists facilities in evaluating and prioritising the implementation of new energy-efficient technologies

? Provides a framework for promoting energy efficiency throughout the supply chain

? Facilitates energy management improvements in the context of GHG emission reduction projects: The reduction of carbon emissions means therefore an organisation is able to meet government carbon reduction targets by demonstrating environmental credentials. The accruing benefits are many, ranging from increased investor confidence to more tender opportunities

Energy management software plays a vital role in helping organisations comply with energy standards through improved performance across the various functions in an organisation.

Ready to work with Denizon?

Contact Us Today