How Internal Auditors can win The War against Spreadsheet Fraud

To prevent another round of million dollar scandals due to fraudulent manipulations on spreadsheets, regulatory bodies have launched major offensives against these well-loved User Developed Applications (UDAs). Naturally, internal auditors are front and center in carrying out these offensives.

While regulations like the Sarbanes-Oxley Act, Dodd-Frank Act, and Solvency II can only be effective if end users are able to carry out the activities and practices required of them, auditors need to ascertain that they have. Sad to say, when it comes to spreadsheets, that is easier said than done.

Because spreadsheets are loosely distributed by nature, internal auditors always find it hard to: locate them, identify ownership, and trace their relationships with other spreadsheets. Now, we’re still talking about naturally occurring spreadsheets. How much more with files that have been deliberately tampered?

Spreadsheets can be altered in a variety of ways, especially if the purpose is to conceal fraudulent activities. Fraudsters can, for instance:

  • hide columns or rows,
  • perform conditional formatting, which changes the appearance of cells depending on certain values
  • replace cell entries with false values either through direct input or by linking to other spreadsheet sources
  • apply small, incremental changes in multiple cells or even spreadsheets to avoid detection
  • design macros and user defined functions to carry out fraudulent manipulations automatically

Recognising the seemingly insurmountable task ahead, the Institute of Internal Auditors released a guide designed specifically for the task of auditing user-developed applications, which of course includes spreadsheets.

But is this really the weapon internal auditors should be wielding in their quest to bring down spreadsheet fraud? Our answer is no. In fact, we believe no such weapon has to be wielded at all?because the only way to get rid of spreadsheet fraud is to eliminate spreadsheets once and for all.

Imagine how easy it would be for internal auditors to conduct their audits if data were kept in a centralised server instead of being scattered throughout the organisation in end-user hard drives.

And that’s not all. Because a server-based solution can be configured to have its own built-in controls, all your data will be under lock and key; unlike spreadsheet-based systems wherein storing a spreadsheet file inside a password-protected workstation does not guarantee equal security for all the other spreadsheets scattered throughout your company.

Learn more about Denizon’s server application solutions and discover a more efficient way for your internal auditors to carry out their jobs.

More Spreadsheet Blogs

 

Spreadsheet Risks in Banks

 

Top 10 Disadvantages of Spreadsheets

 

Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry

 

How Internal Auditors can win the War against Spreadsheet Fraud

 

Spreadsheet Reporting – No Room in your company in an age of Business Intelligence

 

Still looking for a Way to Consolidate Excel Spreadsheets?

 

Disadvantages of Spreadsheets

 

Spreadsheet woes – ill equipped for an Agile Business Environment

 

Spreadsheet Fraud

 

Spreadsheet Woes – Limited features for easy adoption of a control framework

 

Spreadsheet woes – Burden in SOX Compliance and other Regulations

 

Spreadsheet Risk Issues

 

Server Application Solutions – Don’t let Spreadsheets hold your Business back

 

Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

 

Check our similar posts

Disadvantages of Spreadsheets

Spreadsheets are flexible, inexpensive and easy to use. They are especially handy when it comes to beating report submission deadlines or making impromptu data computations. That’s why office workers, managers and even executives have made spreadsheets their go-to solution for such undertakings and more.

Spreadsheets have become so ubiquitous, that they’ve found their way into a wide range of applications including complex modelling, accounting reconciliations, market data analysis, work flow tracking and monitoring, analytical review and financial reporting.

Unfortunately, organisations heavy reliance on spreadsheets have made these User Developed Applications (UDA) into high-risk office tools. Simple spreadsheet errors like leaving out a negative sign or a cut-and-paste mistake have already caused million-dollar discrepancies. Also, when a fraudulent employee enters into the picture, the risks become unimaginable.

Think TransAlta?s spreadsheet cut-and-paste glitch (the company later called this a ?simple clerical error?) which caused the energy firm a whopping $24 million loss or Fidelity?s overstatement of its earnings owing to the omission of the minus sign on the spreadsheet of a $1.3 billion net capital loss.

In both cases and in many other similar spreadsheet fiasco, the errors played a major role in the organisation’s decision-making, leading to disastrous results including, but not limited to financial loss, shattered investor confidence and public embarrassment.

If these are scenarios your organisation can ill afford, then it’s time to ask yourself: Do the disadvantages of spreadsheets far outweigh their benefits to merit a call for total liberation from them?

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
Eck Industries Sheds Fresh Light

William Eck began his business in 1948 in a 650m2 garage building. The aluminium foundry prospered, and now has an 18,500m2 factory in Manitowoc, Wisconsin employing 250 people casting a variety of casings. Like high-tech industries around the globe it needs effective illumination. After it measured its carbon footprint, it realised it needed energy efficient lighting too.

When Eck Industries began its review it had around 360 high-pressure sodium lights throughout the plant. Their operating cost was substantial. After taking independent advice from an independent agency they realised they needed to replace these with more energy-efficient fluorescent lights that consume half as much energy.

The feasibility team conducted performance tests to determine the optimum solution. After selecting enclosed, gasketed and waterproof T8 fluorescents (available in G13 bipin, single pin and recessed double contacts) they collaborated with the supplier to calculate the best combination of 4 and 6 bulb fixtures.

The fittings they chose cost $60,000 plus $10,000 installation. However a $33,000 energy rebate wrote down 47% of this immediately. They achieved further energy savings by attaching motion sensors to lights over low-traffic walkways.

The retrofit was a huge success, with an 8 month payback via a direct operating saving of $55,000 a year. Over and above enhanced illumination Eck Industries slashed 674,000 kilowatt hours off its annual lighting bill. During the 20 year design life, this equates to a total 13.5 million kilowatt hours. Other quantifiable benefits include 443 tons less carbon, 2 tons less sulphur dioxide, and 1 ton less nitrogen oxide per year.

Many companies face similar opportunities but fail to capitalise on them for a number of reasons. These may include not being aware of what is available, lacking technical insight, being short of working capital and simply being too busy to focus on them.

Eck Industries got several things right. Firstly, they consulted an independent specialist; secondly they trusted their supplier to provide honest advice, and thirdly they accepted that any significant saving is worth chasing down. Other spin-offs were safer, more attractive working conditions and an opportunity to take their foot off the carbon pedal. This is an excellent example of what is possible when you try.

If you have measured your illumination cost and are concerned about it (but are unsure what the metric means within the bigger picture) then Ecovaro offers online reports comparing it with your industry average, and highlights the cost-benefits of alternative lighting. 

Disaster Recovery

Because information technology is now integrated in most businesses, a business continuity plan (BCP) cannot be complete without a corresponding disaster recovery plan (DRP). While a BCP encompasses everything needed – personnel, facilities, communications, processes and IT infrastructure – for a continuous delivery of products and services, a DRP is more focused on the IT aspects of the plan.

If you’re still not sure how big an impact loss of data can have, it’s time you pondered on the survival statistics of companies that incurred data losses after getting hit by a major disaster: 46% never recovered and 51% eventually folded after only two years.

Realising how damaging data loss can be to their entire business, most large enterprises allocate no less than 2% of their IT budget to disaster recovery planning. Those with more sensitive data apportion twice more than that.

A sound disaster recovery plan is hinged on the principles of business continuity. As such, our DRP (Disaster Recovery Plan) blueprints are aimed at getting your IT system up and running in no time. Here’s what we can do for you:

  • Since the number one turn-off against BCPs and DRPs are their price tags, we’ll make a thorough and realistic assessment of possible risks to determine what specific methods need to be applied to your organisation and make sure you don’t spend more than you should.
  • Provide an option for virtualisation to enjoy substantial savings on disaster recovery costs.
  • Provide various backup options and suggest schedules and practices most suitable for your daily transactions.
  • Offer data replication to help you achieve business continuity with the shortest allowable downtime.
  • Refer to your overall BCP to determine your organisation’s critical functions, services, and products as well as their respective priority rankings to know what corresponding IT processes need to be in place first.
  • Implement IT Security to your system to reduce the risks associated with malware and hackers.
  • Introduce best practices to make future disaster recovery efforts as seamless as possible.

We can also assist you with the following:

Ready to work with Denizon?

Contact Us Today