Spreadsheet Woes – Limited Features For Easy Adoption of a Control Framework

Like it or not, regulations are here to stay and for a company to comply with them, its IT and financial systems will have to be equipped with a suitable control framework. One common stumbling block to such an implementation is a company?s over-reliance on spreadsheets.

Why is it so difficult to adopt controls for a system that’s reliant on spreadsheets? To understand this, let’s pinpoint some of the strongest, most powerful attributes of these User Developed Applications (UDA).

By nature, spreadsheets are the epitome of simplicity: easy to develop, easily accessible and easily altered. All computers in your workplace will most likely have them and everyone in your organization may be sharing them, making their own versions, and storing them in personal folders.

Sad to say though, these strengths are also control weaknesses and constitute the very reasons why spreadsheets require effective risk management.

Easy to develop. Being easy to develop, most spreadsheet systems are created by non-IT users who have limited knowledge on best control practices. Being constantly under time pressure, these ?developers? may also relegate documentation, security, and data verification to the back burner in favour of coming up with a timely report.

Easy to access. Information in a spreadsheet can be opened by practically anyone within the organization?s network. Who accessed what? And when? If anything goes wrong, it would be difficult to identify the culprit, and the failure to pinpoint responsibility for erroneous data could lead to bigger, more costly mistakes.

Easy to alter. Lastly, if the information is easy to access, then it can also be easily altered, consequently making reports more prone to both accidental errors and fraudulent modifications.

The rise of multimillion dollar scandals due to accidental and intentional spreadsheet errors have prompted regulatory bodies to publish guidelines for mitigating spreadsheet-associated risks. These controls include:

  • Change control
  • Version control
  • Access control
  • Input
  • Security and data integrity
  • Documentation
  • Development life cycle
  • Backup and archiving
  • Logic inspection/Testing
  • Segregation of duties/roles, and procedures
  • Analytics

In theory, these controls should be able to bring down risks considerably. However, because of the inherent nature of spreadsheets, such controls are rarely implemented effectively in the real world.

Take for example Security and Data Integrity. One of the most common causes of spreadsheet error is due to ?hardwiring?. This happens when values are inadvertently entered into a formula cell, naturally changing the logic of the spreadsheet.

As a way of control, cell locking can be applied on the formula cells to prevent users without the proper authority from making any changes. However, when reporting deadlines approach drawing spreadsheets to the forefront of data processing, more people are given access rights to the locked cells. Ironically, it is during these crunch times, when errors are most likely to happen.

Because the built-in features of a spreadsheet support none of the controls mentioned above, some companies are tempted to purchase control-enabling programs for spreadsheets just to continue using them for financial reporting. But although these programs can integrate the required controls, you?d still be interacting with the same complex and outdated interface: the spreadsheets.

Thus, these band-aid solutions may not suffice because the root cause of these problems are the spreadsheets themselves.

Learn more about our server application solutions and discover a better way to implement controls.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

Advert-Book-UK

amazon.co.uk

Advert-Book-USA

amazon.com

Check our similar posts

Systems Integration as a means to cost reduction

System integration in an organisation refers to a process whereby two or more separate systems are brought together for the purpose of pooling the value in the separate systems into one main system. A key component of process consolidation within any organisation is the utilisation of IT as a means to achieve this end. As such, system integration as a means to cost reduction offers organisations the opportunity to adopt and implement lean principles with the attendant benefits. The implementation of lean techniques requires an adherence to stated methods to facilitate the elimination of wastage in the production of goods and services. In summary, the lean philosophy seeks to optimise the speed of good and service production, through the elimination of waste.

While analysing some of the traditional sources of waste in organisational activities, things like overproduction, inventory, underutilised ideas, transmission of information and ideas, transportation of people and material, time wastage and over-processing stand out. The fact is that companies can eliminate a significant portion of waste through the utilisation of IT to consolidate processes within their organisation.

Adopting lean principles calls for the identification of all of the steps in the company value stream for each product family for the purpose of the eliminating the steps that do not create any value. In other words, this step calls for the elimination of redundant steps in the process flow. This is exactly what the utilisation of IT to consolidate processes offers a company. For instance, the adoption of a central cloud system across a large organisation with several facilities could increase efficiencies in that company. Such a company would drastically reduce the redundancies that used to exist in the different facilities, eliminate the instances of hardware and software purchase, maintenance and upgrade, modernise quality assurances processes and identify further opportunities for improvement.

Perhaps, from the company’s point of view, and from the perspective of lean process implementation, the most important factor is?the effect it has?on the bottom line.’reducing the number of hardware, eliminating the need for maintaining and upgrading hardware, removing the necessity for software purchase and upgrade across facilities also contributes to a significant reduction in operational costs.?This reduction in the cost of operations leads to a corresponding increase in the profit margin of the company.

Applying system integration as a means to cost reduction can also lead to the reduction in the number of people needed to operate the previous systems that have been integrated into one primary unit. Usually, companies must hire people with specialised knowledge to operate and maintain the various systems. Such employees must also receive special training and frequent ongoing education to constantly stay informed of the latest trends in process management. With the integration of the system, the number of people needed to maintain the central system will be significantly reduced, also improving the security of information and other company trade secrets.

Based on an analysis of the specific needs that exist in a particular company environment, a system integration method that is peculiar to the needs of that organisation will be worked out. Some companies may find it more cost-effective to use the services of independent cloud service providers. Others with more resources and facilities may decide to set up their own cloud service systems. Often, private cloud service system capabilities far exceed the requirements of the initiating company, meaning that they could decide to “sell” the extra “space” on their cloud network to other interested parties.

A company that fully applies the lean principles towards the integration of its systems will be able to take on additional tasks as a result of the system consolidation. This leads to an increase in performance, and more efficiency due to the seamless syncing of information in a timely and uniform manner.

Companies have to combine a top-down and a bottom-up approach towards their system integration methods. A top-down approach simply utilises the overall system structure that is already in place as a starting point, or as a foundation. The bottom-up approach seeks to design new systems for integration into the system. Other methods of system integration include the vertical, star and horizontal integration methods. In the horizontal method, a specified subsystem is used as an interface for communication between other subsystems. For the star system integration method, the subsystems are connected to the system in a manner that resembles the depiction of a star; hence, the name. Vertical integration refers to the method of the integration of subsystems based on an analysis of their functionality.

The key to successful system integration for the purpose of cost reduction is to take a manual approach towards identifying the various applicable lean principles, with respect to the system integration process. For instance, when value has been specified, it becomes easier to identify value streams. The other process of removing unnecessary or redundant steps will be easier to follow when the whole project is viewed from the whole, rather than’the part. Creating an integrated system needs some?patience?in order to work out kinks and achieve the desired perfect value that creates no waste.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
How to Improve Corporate Efficiency through IT

When revenues are low, what do you do to improve your profit? Obviously, those same revenues should at least remain the same. So, the objective would be to deliver the same products and services for less cost. More for less. Such is the essence of corporate efficiency.

There are many things that can make a company inefficient. There are outdated procedures, poor coordination between departments, managers? lack of business visibility, and prolonged down times, to mention a few. As a company grows, these issues get more severe.

You can overcome all these by deploying the right IT solutions. But don’t IT solutions increase spending instead? Au contraire. The last couple of decades have seen the rise of IT solutions that help companies’realise obvious cost savings in no time.

Streamline processes and keep departments in-sync

Company inefficiencies are largely due to outdated systems and procedures. These systems and procedures were not built for the dynamic and complex business environments of today that are being shaped by increasingly onerous regulations, fierce and growing competition, significant economic upswings and downturns, new battlefronts (like the Web) and logistical strategies (like outsourcing), and IT-savvy crooks.

So when your employees force outdated systems to meet today?s business demands, they’re just not able to deliver. At least not efficiently.

Another major cause of inefficiency is the discordance among departments, business units, and even individual staff members themselves. There are those who still use highly personalised spreadsheets and other disparate applications, which make data consolidation take forever and the financial close a perennial headache.

Costly devices like mobile phones, netbooks, and tablet PCs, which are supposedly designed to provide better communication, are not fully maximised. If these are subsidised by the company, then they also contribute to company inefficiency.

One way to deal with these issues is to deploy server based solutions. By centralising your IT system, you can easily implement various improvements that can pave the way for better communication and collaboration, stronger security, faster processes and transactions, and shorter down times for troubleshooting and maintenance. All these clearly translate to cost savings.

Gain better visibility

Corporate efficiency can be improved if your decision makers can make wise and well-informed decisions, faster. But they can only do this if reports they receive from people down the line are timely, accurate, and reliable. Basically, data should be presented in a way for managers to gain quick insights from.

If your people take too much time scrutinising, interpreting, and reconciling data, you can’t hope to gain a significant competitive advantage. Equally important to managing an ongoing project is the speed at which you make a go/no go decision to start or stop a project. A wise, quick decision will help you avoid wastage.

The same holds true when making purchases and investment decisions. It’s all about quickly eliminating waste and investing only on those that will give you fast, positive returns.

Clear business visibility will allow managers to allocate resources where they are most effective, to pinpoint what products and services being offered are more profitable, and to identify which customers are giving better business from an overall perspective.

These are all possible with business intelligence. We know, we know. You’ll say BI solutions will force you to break the bank. Not anymore. At least, not all. There are already two main types of BI solutions: on-premise and SaaS. The latter will generally cost you less.

Of course, each type has its own advantages, and you’ll really have to look into the size of your organisation, the number of source systems your decision-making platform is connected to, integration requirements, budget, etc. to make sure you get the most out of your investment.

But IT solutions cost an arm and a leg

Again, not anymore. These days, you can find IT products that are faster, more functional, and more powerful than their predecessors at a fraction of the cost. When it comes to getting more affordable IT products and services, you now have many options.

For example, you can turn to open source solutions to save on license costs. These solutions are typically backed by vibrant and helpful communities where you can find an extensive source of technical support – many of which are for free. With popular open source products, you can easily tap from a large pool of developers with affordable rates any time you want to make system enhancements or customisation.

On another front, virtualization solutions allow you to save on CAPEX and OPEX by eliminating certain expenses normally used for setting up infrastructure or buying hardware and maintaining them. Server virtualisation, for instance, will allow you to consolidate servers and put them together into just one machine, while desktop virtualisation will enable you to eliminate unproductive hours associated with desktop down times by allowing you to redeploy a malfunctioning desktop very quickly.

Closely related to those are cloud-based solutions like SaaS (Software as a Service), IaaS (Infrastructure as a Service), and DCoD (Data Center on Demand). SaaS and IaaS will help you realize savings in acquisition and maintenance costs for software and hardware, while DCoD?s scalable services allow you to request for additional capacity, power and storage only as you need them, thus making you spend only according to your current infrastructure requirements.

Like we said, there are many, many options out there just waiting to be tapped.

Mobile Security

Today’s advanced enterprises make extensive use of mobile devices in order for team members to exchange information, collaborate, and carry out business whenever and wherever they need to. BlackBerries, iPhones, Google Phones, and other smartphones as well as PocketPCs and PDAs are now allowed wireless remote access to the enterprise network.

As a result, they introduce additional vulnerabilities into the system.

  • Bluetooth exploits and unencrypted passwords can allow malicious individuals to gain access to private information.
  • Various wireless technologies that have substantially simplified the task of transferring data have provided openings for malicious code. In addition, the diversity of these wireless technologies combined with the constrained environments of these devices have made it difficult to come up with an all-in-one solution.
  • All PocketPCs, PDAs and smartphones can be synchronised with PCs and laptops, giving malware an entry point into computers and networks. Memory cards are guilty of this too.
  • VoIP, which are usually unencrypted, allow other people to perform unauthorised capture and recording of private conversations.

Mobile security is still an emerging discipline. Because of this, many organisations that allow members’ mobile phone access into the network don’t actually have a specific security policy for such devices.

That’s why we’re here to help. We’ll conduct a thorough evaluation of your security policies and systems in relation to mobile devices and seal gaps we spot along the way. If you don’t have the needed policies or if what you have needs an overhaul, we’ll set everything up (including the needed applications and infrastructure) for you.

Once we’ve got everything in place, you won’t have to worry about the vulnerabilities mentioned earlier. In addition to that, your organisation will already be capable of preventing the following:

  • Access to company information when the phone ends up in the hands of anyone other than the authorised user.
  • Being billed for phone usage due to virus activity
  • Unauthorised phone activity monitoring through spyware
  • Other disruptions caused by mobile-based malware

Other defences we’re capable of putting up include:

Ready to work with Denizon?

Contact Us Today