Spreadsheet Woes – Limited Features For Easy Adoption of a Control Framework

Like it or not, regulations are here to stay and for a company to comply with them, its IT and financial systems will have to be equipped with a suitable control framework. One common stumbling block to such an implementation is a company?s over-reliance on spreadsheets.

Why is it so difficult to adopt controls for a system that’s reliant on spreadsheets? To understand this, let’s pinpoint some of the strongest, most powerful attributes of these User Developed Applications (UDA).

By nature, spreadsheets are the epitome of simplicity: easy to develop, easily accessible and easily altered. All computers in your workplace will most likely have them and everyone in your organization may be sharing them, making their own versions, and storing them in personal folders.

Sad to say though, these strengths are also control weaknesses and constitute the very reasons why spreadsheets require effective risk management.

Easy to develop. Being easy to develop, most spreadsheet systems are created by non-IT users who have limited knowledge on best control practices. Being constantly under time pressure, these ?developers? may also relegate documentation, security, and data verification to the back burner in favour of coming up with a timely report.

Easy to access. Information in a spreadsheet can be opened by practically anyone within the organization?s network. Who accessed what? And when? If anything goes wrong, it would be difficult to identify the culprit, and the failure to pinpoint responsibility for erroneous data could lead to bigger, more costly mistakes.

Easy to alter. Lastly, if the information is easy to access, then it can also be easily altered, consequently making reports more prone to both accidental errors and fraudulent modifications.

The rise of multimillion dollar scandals due to accidental and intentional spreadsheet errors have prompted regulatory bodies to publish guidelines for mitigating spreadsheet-associated risks. These controls include:

  • Change control
  • Version control
  • Access control
  • Input
  • Security and data integrity
  • Documentation
  • Development life cycle
  • Backup and archiving
  • Logic inspection/Testing
  • Segregation of duties/roles, and procedures
  • Analytics

In theory, these controls should be able to bring down risks considerably. However, because of the inherent nature of spreadsheets, such controls are rarely implemented effectively in the real world.

Take for example Security and Data Integrity. One of the most common causes of spreadsheet error is due to ?hardwiring?. This happens when values are inadvertently entered into a formula cell, naturally changing the logic of the spreadsheet.

As a way of control, cell locking can be applied on the formula cells to prevent users without the proper authority from making any changes. However, when reporting deadlines approach drawing spreadsheets to the forefront of data processing, more people are given access rights to the locked cells. Ironically, it is during these crunch times, when errors are most likely to happen.

Because the built-in features of a spreadsheet support none of the controls mentioned above, some companies are tempted to purchase control-enabling programs for spreadsheets just to continue using them for financial reporting. But although these programs can integrate the required controls, you?d still be interacting with the same complex and outdated interface: the spreadsheets.

Thus, these band-aid solutions may not suffice because the root cause of these problems are the spreadsheets themselves.

Learn more about our server application solutions and discover a better way to implement controls.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

Advert-Book-UK

amazon.co.uk

Advert-Book-USA

amazon.com

Check our similar posts

Uncover hidden opportunities with energy data analytics

What springs to mind when you hear the words energy data analytics? To me, I feel like energy data analytics is not my thing. Energy data analytics, however, is of great importance to any organisation or business that wants to run more efficiently, reduce costs, and increase productivity. Energy efficiency is one of the best ways to accomplish these goals.

Energy efficiency is not about investment in expensive equipment and internal reorganization. Enormous energy saving opportunities is hidden in already existing energy data. Given that nowadays, energy data can be recorded from almost any device, a lot of data is captured regularly and therefore a lot of data is readily available.

Organisations can use this data to convert their buildings’ operations from being a cost centre to a revenue centre through reduction of energy-related spending which has a significant impact on the profitability of many businesses. All this is possible through analysis and interpretation of data to predict future events with greater accuracy. Energy data analytics therefore is about using very detailed data for further analysis, and is as a consequence, a crucial aspect of any data-driven energy management plan.

The application of Data and IT could drive significant cost savings in company-owned buildings and vehicle fleets. Virtual energy audits can be performed by combining energy meter data with other basic data about a building e.g. location, to analyse and identify potential energy savings opportunities. Investment in energy dashboards can further enable companies to have an ongoing look at where energy is being consumed in their buildings, and thus predict ways to reduce usage, not to mention that energy data analytics unlock savings opportunities and help companies to understand their everyday practices and operating requirements in a much more comprehensive manner.

Using energy data analytics can enable an organisation to: determine discrepancies between baseline and actual energy data; benchmark and compare previous performance with actual energy usage. Energy data analytics also help businesses and organisations determine whether or not their Building Management System (BMS) is operating efficiently and hitting the targeted energy usage goals. They can then use this data to investigate areas for improvement or energy efficient upgrades. When energy data analytics are closely monitored, companies tend to operate more efficiently and with better control over relevant BMS data.

IT Risk and Control Solutions Specialists – Why you need them more than ever

Over the years, the capabilities of IT systems have certainly grown by leaps and bounds. But so have the risks that accompany them. Countless threats to IT systems now exist that are capable of seriously disrupting business operations. That’s why companies have to conduct assessments aimed at making sure their systems are still capable of functioning effectively, efficiently, and securely all the time.

If you think you’ve been lucky enough to be spared from these threats, then maybe it’s because you haven’t conducted a risk assessment on your IT system recently. All too often, we hear of CIOs who believed their IT system was in tip-top condition, only to be later caught off-guard by a critical system breakdown that would eventually cripple their business for days or weeks.

More information assets to look after

If, before, you only had to worry about regular office applications, workstations, a LAN and a server, today’s varied and more sophisticated information assets are more challenging to maintain.

In addition to network operating systems, database management systems, content management systems, email systems, virtualization platforms, document management systems, business intelligence applications, and accounting software, a typical enterprise may also have to look after firewalls, intrusion detection systems, storage and backup systems, and data loss prevention systems, to mention a few.

These understandably require the services of experts spanning a wide range of skill sets.

Rising threats to corporate identity and privacy

Individuals are no longer just the ones being preyed upon by identity thieves. Businesses can now be subject to corporate identity theft as well. You could wake up one day finding your business already accused of carrying out illegal activities, a big chunk of your money gone, and your directors? seats already occupied by complete strangers.

To make things worse, corporate threats aren’t just coming from the outside.

Threats to corporate privacy, for instance, can come from within the organisation itself. Sensitive information like trade secrets and financial data are often leaked out (purposely or inadvertently) by employees. This is largely caused by the ever growing number of options for communications and transferring data (e.g. emails, instant messaging, blogs, social networking sites, ftp, P2P, etc.).

Greater challenges in designing, developing, and implementing policies and programs

Laws and regulations like SOX and Solvency II, which have direct impacts on IT, are on the rise. That is why corporate policies and programs now require sweeping changes. You now have to be more deliberate in integrating IT when establishing governance, internal controls, change management, incident management, and performance management.

A solid understanding on widely accepted frameworks and good practices like COBIT, COSO, and CMMI will help you considerably in such undertakings. Using these frameworks as guidelines will not only help you keep your policies and programs attuned to the times, they will also keep you in compliance with regulations.

Increasing demand for disaster recovery and business continuity capabilities

Every time you have a down time, you increase the probability of losing your customers to competitors. The longer the down time, the greater that probability becomes. Therefore, when a major disruption strikes, you should be able to recover at the soonest. If possible, you should be able to deliver products and services as usual.

This of course requires spending to increase your disaster recovery (DR) and business continuity (BC) capabilities. Are you ready for it? Migrating your IT infrastructure from traditional systems to the latest technologies that are better equipped for BC/DR requires careful planning and implementation to ensure an optimal return on investment.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
Using Pull Systems to Optimise Work Flows in Call Centres

When call centres emerged towards the end of the 20th century, they deserved their name ?the sweatshops of the nineties?. A new brand of low-paid workers crammed into tiny cubicles to interact with consumers who were still trying to understand the system. Supervisors followed ?scientific management? principles aimed at maximising call-agent activity. When there was sudden surge in incoming calls, systems and customer care fell over.

The flow is nowadays in the opposite direction. Systems borrowed from manufacturing like Kanban, Pull, and Levelling are in place enabling a more customer-oriented approach. In this short article, our focus is on Pull Systems. We discuss what are they, and how they can make modern call centres even better for both sets of stakeholders.

Pull Systems from a Manufacturing Perspective

Manufacturing has traditionally been push-based. Sums are done, demand predicted, raw materials ordered and the machines turned on. Manufacturers send out representatives to obtain orders and push out stock. If the sums turn out wrong inventories rise, and stock holding costs increase. The consumer is on the receiving end again and the accountant is irritable all day long.

Just-in-time thinking has evolved a pull-based approach to manufacturing. This limits inventories to anticipated demand in the time it takes to manufacture more, plus a cushion as a trigger. When the cushion is gone, demand-pull spurs the factory into action. This approach brings us closer to only making what we can sell. The consumer benefits from a lower price and the accountant smiles again.

Are Pull Systems Possible in Dual Call Centres

There are many comments in the public domain regarding the practicality of using lean pull systems to regulate call centre workflow. Critics point to the practical impossibility of limiting the number of incoming callers. They believe a call centre must answer all inbound calls within a target period, or lose its clients to the competition.

In this world-view customers are often the losers. At peak times, operators can seem keen to shrug them off with canned answers. When things are quiet, they languidly explain things to keep their occupancy levels high. But this is not the end of the discussion, because modern call centres do more than just take inbound calls.

Using the Pull System Approach in Dual Call Centres

Most call centre support-desks originally focused are handling technical queries on behalf of a number of clients. When these clients? customers called in, their staff used operator?s guides to help them answer specific queries. Financial models?determined staffing levels and the number of ?man-hours? available daily. Using a manufacturing analogy, they used a push-approach to decide the amount of effort they were going to put out, and that is where they planted their standard.

Since these early 1990 days, advanced telephony on the internet has empowered call centres to provide additional remote services in any country with these networks. They have added sales and marketing to their business models, and increased their revenue through commissions. They have control over activity levels in this part of their business. They have the power to decide how many calls they are going to make, and within reason when they are going to make them.

This dichotomy of being passive regarding incoming traffic on the one hand, and having active control over outgoing calls on the other, opens up the possibility of a partly pull-based lean approach to call centre operation. In this model, a switching mechanism moves dual trained operators between call centre duties and marketing activities, as required by the volume of call centre traffic, thus making a pull system viable in dual call centres.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Ready to work with Denizon?

Contact Us Today