Spreadsheet Woes – Limited Features For Easy Adoption of a Control Framework

Like it or not, regulations are here to stay and for a company to comply with them, its IT and financial systems will have to be equipped with a suitable control framework. One common stumbling block to such an implementation is a company?s over-reliance on spreadsheets.

Why is it so difficult to adopt controls for a system that’s reliant on spreadsheets? To understand this, let’s pinpoint some of the strongest, most powerful attributes of these User Developed Applications (UDA).

By nature, spreadsheets are the epitome of simplicity: easy to develop, easily accessible and easily altered. All computers in your workplace will most likely have them and everyone in your organization may be sharing them, making their own versions, and storing them in personal folders.

Sad to say though, these strengths are also control weaknesses and constitute the very reasons why spreadsheets require effective risk management.

Easy to develop. Being easy to develop, most spreadsheet systems are created by non-IT users who have limited knowledge on best control practices. Being constantly under time pressure, these ?developers? may also relegate documentation, security, and data verification to the back burner in favour of coming up with a timely report.

Easy to access. Information in a spreadsheet can be opened by practically anyone within the organization?s network. Who accessed what? And when? If anything goes wrong, it would be difficult to identify the culprit, and the failure to pinpoint responsibility for erroneous data could lead to bigger, more costly mistakes.

Easy to alter. Lastly, if the information is easy to access, then it can also be easily altered, consequently making reports more prone to both accidental errors and fraudulent modifications.

The rise of multimillion dollar scandals due to accidental and intentional spreadsheet errors have prompted regulatory bodies to publish guidelines for mitigating spreadsheet-associated risks. These controls include:

  • Change control
  • Version control
  • Access control
  • Input
  • Security and data integrity
  • Documentation
  • Development life cycle
  • Backup and archiving
  • Logic inspection/Testing
  • Segregation of duties/roles, and procedures
  • Analytics

In theory, these controls should be able to bring down risks considerably. However, because of the inherent nature of spreadsheets, such controls are rarely implemented effectively in the real world.

Take for example Security and Data Integrity. One of the most common causes of spreadsheet error is due to ?hardwiring?. This happens when values are inadvertently entered into a formula cell, naturally changing the logic of the spreadsheet.

As a way of control, cell locking can be applied on the formula cells to prevent users without the proper authority from making any changes. However, when reporting deadlines approach drawing spreadsheets to the forefront of data processing, more people are given access rights to the locked cells. Ironically, it is during these crunch times, when errors are most likely to happen.

Because the built-in features of a spreadsheet support none of the controls mentioned above, some companies are tempted to purchase control-enabling programs for spreadsheets just to continue using them for financial reporting. But although these programs can integrate the required controls, you?d still be interacting with the same complex and outdated interface: the spreadsheets.

Thus, these band-aid solutions may not suffice because the root cause of these problems are the spreadsheets themselves.

Learn more about our server application solutions and discover a better way to implement controls.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

Advert-Book-UK

amazon.co.uk

Advert-Book-USA

amazon.com

Check our similar posts

Saving Energy Step 4 – Breathing Life into the Project

Today we consider the fourth step on the road to energy saving, when we introduce key contributors who will pull it all together. We have been on quite a journey. We started by developing a management system and then followed up with practical improvements, while challenging the assumptions behind the energy bills we may have paid unchallenged in the past.

After we knock off the big-ticket savings, managing energy becomes a process of improvement characterised by smaller increments. Kaizen is the classic model and it includes everybody in the organization from the janitor to the CEO. I inverted the pyramid deliberately, because ideas deserve considering no matter where the originator parks in the company yard.

People ? our people ?are truly central to the process. Energy adds extra leverage to their efforts, keeps them warm in winter, cool in summer and powers up the ovens in the company canteen. They are brimming over with ideas because that is the nature of being human. The best managers are those who release this potential and participate in its flowering,

It is important not to threaten job security. So many savings-driven initiatives have ended in job losses that people on the shop floor automatically suspect another round. Shrinking carbon footprints is about making the world a better place for everyone. We become more effective when we turn ?increasing profit? into making the enterprise sustainable in itself.

Engaging employees is more than office circulars and speeches at the Christmas Party. Organizations are organic places where trust grows slowly but conflict can flare in a moment. Before involving your people in your energy ?kaizan? make sure your words and intentions overlap perfectly. You will be amazed at the power you unlock in your people.

The best way I know of doing this is through your health and safety structure, which then becomes your environment, health and safety structure EHS. As you explore this idea at safety committees you find these things overlap, in the sense of creating people-centric environments at work and home.

That said, there is no magic formula for achieving employee engagement. The fact that people universally want a cleaner planet is the power to tap into. One way to form a team is to create one artificially and give it a task. The other is to work together towards a shared objective. Which one do you prefer?

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
How Accenture Keeps Rolling Out Sustainability

Multinational management-consulting and technology-services company Accenture has a good eye for sniffing out new business, with 305,000 employees advancing its interests in more than 200 cities in 56 countries evidence. Last year, it netted US$30 billion profit that is a tidy sum of money in anybody?s books.

Accenture also practices what it preaches. This is maximum business efficiency within moral standards. It tracks its carbon emissions from its offices around the world. Being a technology services company it is unsurprising that it automated the process. Being management consultants it can drill down to finest detail in its search for continuous improvement.

As a forward-thinking company Accenture is committed to transplanting its business skills into other organizations, in order to drive higher performance and sustain greater profits in the long term. It works with clients across borders and industries to integrate sustainability into their business models, and find effective ways to lighten carbon footprints.

The City of Seattle in Washington is a case in point. Following a proud history of nature and energy conservation, it engaged Accenture in 2013 to help it reduce downtown power consumption by 25%. Other project members were Microsoft supplying software, the local power utility for technical advice, and a non-profit to set up a smart building program. The initiative uses cloud services to process the big data generated by a host of building management services, plus a multitude of sensors, controls and meters.

The project is vital for the City. It wants to continue expanding but needs to avoid another power plant polluting its skyline. At the time of writing, the pilot sites had proved successful and the program was rolling out. Seattle?s next challenge is to acquire 15% of its energy from renewable sources by 2020.

The smart building solutions Seattle trialled in five downtown buildings, had a further welcome spinoff; by reducing operating times, facility managers can look forward to extended equipment life and fewer maintenance downtimes. The green building philosophy is alive and well in the City of Seattle, driven both by necessity and vision.

It is a no longer as question of if – but when – other urban communities follow suit. EcoVaro believes it is time long due for individual companies to start enjoying lower energy costs plus the prospect of profitably trading carbon credits. The process begins with measuring what you have and identifying cost-effective savings.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
2015 ESOS Guidelines Chapter 7, 8 & 9 – Sign-Off, Compliance & Appeals

This is the final chapter in our series of short posts summarising the quite complex ESOS guidelines (click on ?Comply with ESOS? to see the details). This one addresses the legalities to follow to complete your report – and how to appeal if you are not happy with any of the Environment Agency?s decisions.

  1. Director Sign-Off

This is by no means an easy ride. Confirmation of the work at individual or lead assessor level locks the company into the penalty cycle in the event there are significant irregularities. By signing off the assessment, the board level director(s) # agree that they have

  • Reviewed the enterprise?s ESOS recommendations
  • Believe the enterprise is within the scope of the scheme
  • Believe the enterprise is compliant with the scheme
  • Believe the information provided is correct

Having an internal assessor requires a second board-level signature.

  1. Compliance

You report compliance on the internet. This is free and you can do it at any time within the deadline. You can dip in and out of the process as many times as you wish, but must use the link in the receipting email. While this is something a board member must do, there is no reason why the lead assessor should not complete the basics. The online compliance notification addresses the following topics:

  • The ESOS contact person in the enterprise
  • Any aggregation / dis-aggregation during the period
  • The names and contact details of the lead assessor
  • The proportion of energy consumption per compliance route

The Environment Agency will acknowledge receipt. This does not constitute acceptance. You should keep the ESOS evidence pack in a safe place with at least one backup elsewhere.

  1. Compliance & Enforcement Issues

In the event the Environment Agency decides your enterprise has not met ESOS requirements, it may either (a) issue a compliance notice with instructions, or (b) apply one of the following civil penalties:

  • A fine of up to ?5,000 for failure to maintain records
  • A fine of up to ?50,000 for failure to undertake an energy audit
  • A fine of up to ?50,000 for a false or misleading statement

Any enterprise has the right of appeal against government decisions. In the case of ESOS, this is via:

  • The First-Tier Tribunal if your enterprise is England, Wales or off-shore based
  • The Scottish Minister if your enterprise is based in Scotland
  • The Planning Commission if your enterprise is Northern Ireland-based

The notice you appeal against will supply details of the appeal steps to take.

This blog and its companion chapters concerning the ESOS Guidelines as amended 2015 are with compliments of ecoVaro. We are the people who break ESOS data into manageable chunks of information, so that board-level directors have greater confidence in what they sign.

Ready to work with Denizon?

Contact Us Today