Spreadsheet Woes – Limited Features For Easy Adoption of a Control Framework

Like it or not, regulations are here to stay and for a company to comply with them, its IT and financial systems will have to be equipped with a suitable control framework. One common stumbling block to such an implementation is a company?s over-reliance on spreadsheets.

Why is it so difficult to adopt controls for a system that’s reliant on spreadsheets? To understand this, let’s pinpoint some of the strongest, most powerful attributes of these User Developed Applications (UDA).

By nature, spreadsheets are the epitome of simplicity: easy to develop, easily accessible and easily altered. All computers in your workplace will most likely have them and everyone in your organization may be sharing them, making their own versions, and storing them in personal folders.

Sad to say though, these strengths are also control weaknesses and constitute the very reasons why spreadsheets require effective risk management.

Easy to develop. Being easy to develop, most spreadsheet systems are created by non-IT users who have limited knowledge on best control practices. Being constantly under time pressure, these ?developers? may also relegate documentation, security, and data verification to the back burner in favour of coming up with a timely report.

Easy to access. Information in a spreadsheet can be opened by practically anyone within the organization?s network. Who accessed what? And when? If anything goes wrong, it would be difficult to identify the culprit, and the failure to pinpoint responsibility for erroneous data could lead to bigger, more costly mistakes.

Easy to alter. Lastly, if the information is easy to access, then it can also be easily altered, consequently making reports more prone to both accidental errors and fraudulent modifications.

The rise of multimillion dollar scandals due to accidental and intentional spreadsheet errors have prompted regulatory bodies to publish guidelines for mitigating spreadsheet-associated risks. These controls include:

  • Change control
  • Version control
  • Access control
  • Input
  • Security and data integrity
  • Documentation
  • Development life cycle
  • Backup and archiving
  • Logic inspection/Testing
  • Segregation of duties/roles, and procedures
  • Analytics

In theory, these controls should be able to bring down risks considerably. However, because of the inherent nature of spreadsheets, such controls are rarely implemented effectively in the real world.

Take for example Security and Data Integrity. One of the most common causes of spreadsheet error is due to ?hardwiring?. This happens when values are inadvertently entered into a formula cell, naturally changing the logic of the spreadsheet.

As a way of control, cell locking can be applied on the formula cells to prevent users without the proper authority from making any changes. However, when reporting deadlines approach drawing spreadsheets to the forefront of data processing, more people are given access rights to the locked cells. Ironically, it is during these crunch times, when errors are most likely to happen.

Because the built-in features of a spreadsheet support none of the controls mentioned above, some companies are tempted to purchase control-enabling programs for spreadsheets just to continue using them for financial reporting. But although these programs can integrate the required controls, you?d still be interacting with the same complex and outdated interface: the spreadsheets.

Thus, these band-aid solutions may not suffice because the root cause of these problems are the spreadsheets themselves.

Learn more about our server application solutions and discover a better way to implement controls.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

Advert-Book-UK

amazon.co.uk

Advert-Book-USA

amazon.com

Check our similar posts

Why Spreadsheets can send the Pillars of Solvency II Crashing Down


Solvency II is now fast approaching and while it may provide added protection to policy holders, its impact on the insurance industry is not all a bed of roses. Expect insurance companies to restructure, increase manpower, and raise spending on actuarial operations and risk management initiatives. Those that cannot, will have to go. But what have spreadsheets got to do with all these?

Well, spreadsheets aren’t really the main casts in this blockbuster of a regulatory exercise but they certainly have a significant supporting role to play. Pillar I of Solvency II, which calls for improved supervision on internal control, risk management, and corporate governance, and Pillar II, which tackles supervisory reporting and public disclosure of financial and other relevant information, both affect systems that have high-reliance on spreadsheets.

A little background about spreadsheets might help.

Who needs an IT solution when you can have spreadsheets?

Everyone in any organisation just love spreadsheets; from the office clerk to the CEO. Because they’re so easy to use (not to mention they’re a staple in office computers), people employ them for processing numbers and as an all-around tool for planning, forecasting, reporting, complex modelling, market data analysis, and so on. They make such tasks faster and easier. Really?

You probably haven’t heard of spreadsheet hell

Unfortunately, spreadsheets do have certain shortcomings. Due to their inherent structure and lack of controls, it is so easy to commit simple errors like an accidental copy paste, an omission of a negative sign, an incorrect data input, or an unintentional deletion. Such shortcomings may seem harmless until your shareholders discover a multi-million discrepancy in your financial report.

And because spreadsheet errors can go undetected for a long time, they are constant targets of fraudsters. In other words, spreadsheets are high risk applications.

Solvency II Impact on Spreadsheet-based Financial and IT Systems

Regulations like Solvency II, are aimed at reducing risks to manageable levels. Basically, Solvency II is a risk-based system wherein a company?s capital requirements will depend on its measured riskiness. If companies want to avoid facing onerous capital requirements, they have to comply.

The three pillars of Solvency II have to be in place. Now, since spreadsheets (also known as User Developed Applications or UDAs) are high-risk applications with weak control features and prone to produce inaccurate reports, companies will have a lot of work to do to establish Pillars II and III.

There are at least 8 articles that impact spreadsheets in the directive. Article 82, for example, which requires firms to ensure a high level of data quality and accuracy, strikes at the very core of spreadsheets? weakness.

A whitepaper by Raymond Panko entitled ?Spreadsheets and Sarbanes-Oxley: Regulations, Risks, and Control Frameworks? mentioned that 94% of audited real world operational spreadsheets that were included in his study were found to have errors and that an average of 5.2% of all cells in the audited spreadsheets had errors.

Furthermore, many articles in the directive call for the enforcement of better documentation. This is one thing that’s very tedious and almost unrealistic to do with spreadsheets because just about anyone uses them. Besides, with different ‘versions? of the same data existing in different workstations throughout the organisation, it would be extremely difficult to keep track of them all.

Because of spreadsheets you now need an IT solution

It is clear that, with the growing number of regulations and the mounting complexity of tasks needed for compliance, spreadsheets no longer belong in this era. What you need is a server-based solution that allows for seamless collaboration, data reliability, data consistency, increased security, automatic consolidation, and all the other features that make regulation compliance more doable.

One important ingredient for achieving Solvency II compliance is sound data risk management. Sad to say, the ubiquitous spreadsheet will only expose your data to more risks.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

Advert-Book-UK

amazon.co.uk

Advert-Book-USA

amazon.com

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
Energy Savings Opportunity Scheme (ESOS): An Overview

Energy management is crucial to most businesses in the UK. This is primarily because energy usage substantially affects all organizations, whether large or small. The good news is that, energy costs can be controlled through improved energy efficiency. And this is exactly why Energy Savings Opportunity Scheme (ESOS) came into being ? to promote competitiveness among businesses.

Energy Savings Opportunity Scheme is the realisation of the UK Government’s ambition towards achieving the maximum potential of cost-effective energy in the economy. ESOS aims to stimulate innovation and growth, cut emissions and support a sustainable energy system.

ESOS at a Glance – Legal Perspective

The EU Energy Efficiency Directive took a major step forward on November 14, 2012 and headed towards establishing a framework to promote energy efficiency across various economic sectors. To interpret Article 8 of the Directive, the government has given birth to ESOS; requiring large enterprises to undergo mandatory energy audits and energy management systems by December 5, 2015 and at least every 4 years thereafter.

Large enterprises include UK companies that have more than 250 employees or those businesses whose annual turnover exceeds ?50 million and whose statement of financial position totals more than ?43 million. With this, over 7000 of the biggest companies in Britain will need to comply with ESOS as an approach to review their total energy use in buildings, business operations, transport and industrial processes.

Generally, ESOS is both an obligation and an opportunity. It is an obligation for the indicated target companies since they need to submit to additional regimes; focus on audit evidences; act in accordance to group structures and compliance; and observe limited penalties and note retention periods. Moreover, it is also an opportunity for companies to strive for more savings on energy projects; attempt to standardise their potential market; and effectively lower debt and legal costs.

ESOS Audits ? Looking Beyond

According to the Department of Energy and Climate Change (DECC), average first audit costs would be estimated at about ?17,000 and subsequent ones at around ?10,000. As expected, these audits will result in energy saving recommendations, of which companies need not proceed for a follow up; and substantially improve businesses in their energy management issues. DECC further states that every business that complies with ESOS could save an average of ?56,400 each year from an initial investment of ?17,000 only.

Currently, up to 6,000 UK businesses are already subject to existing CRC Carbon Reduction Scheme, Mandatory Carbon Reporting, Climate Change Levy and other compliance. This signifies that ESOS may overlap with prevailing energy efficiency legislation and may put additional pressure on energy administration. While this is true, however, ESOS holds extensive benefits. Although the scheme can be viewed as another costly compliance to environmental standards, ESOS goes straight to the bottom line and provides the organisation with competitive advantage. If large businesses act now and comply with it, they will be able to enjoy maximised payback in the long run.

Indeed, Energy Savings Opportunity Scheme is already here. It is mandatory with minimal investment. And all you have to do is act quickly, implement new improvements and earn more.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
IT Transformation Defined

Businesses depend on IT to effectively manage business processes and to provide products and services to clients. As IT technologies advance, it is crucial that businesses update their hardware to remain competitive. But businesses should do more than simply upgrade their servers and should really strive to effect IT transformation.

What is IT Transformation?

IT transformation is the ongoing process of changing the way that a company uses IT to better align it with current business goals. Through the IT transformation process, businesses try to determine whether they are meeting mission-critical benchmarks through the incorporation of new IT technologies for corporate transformation.

For example, if one of the current business concerns is whether the company can improve customer service, the IT system will need to evolve in such a way that improves customer service in a measurable way.

Successfully Aligning the Technology to Business Goals

In order to successfully align the IT system with business goals, it is important to understand the newly integrated technologies to understand how they can change business processes. If a new feature is intended to make the server more secure, the management should know exactly how the feature will improve the security of the server and whether the new implementation is redundant.

Once the business objectives have been identified, IT transformation is carried out by changing both the software and hardware used by the company. An example would be the growing trend of server migration to the cloud. Cloud computing is the growing trend of making files and data accessible from anywhere. If an organisation believes that it can improve productivity through a server cloud migration, it will need a way to test this.

The IT Transformation Process

Given that IT transformation is directly related to the core business, the IT transformation process must begin by identifying which aspects of the company must be changed. Then, the company must determine?IT services that could potentially be integrated into the business in a way that will help the company achieve benchmarks. After the key decision-makers understand the IT network well enough to effectively implement it, the company must efficiently manage the transformation process. Then, after the IT has been integrated, the company must have a system in place to measure business transformation in a numerical way.

For example, when assessing customer satisfaction, one effective strategy would be to distribute customer satisfaction surveys that ask customers to rate their experiences on a scale of one to ten. The company can then measure the results of the customer satisfaction survey to determine whether the new IT implementations are accomplishing their intended goals.

If the expected benchmarks are not being met, the next step in the IT transformation process is to determine if there is a specific reason for that. Is there a way that the feature can be better integrated to achieve desired business objectives? Are there other features that can help the company better achieve its goals?

Upgrading a network can be an expensive process and it is important to identify early on which options are the most likely to benefit the company’s bottom line.

Ready to work with Denizon?

Contact Us Today