How Internal Auditors can win The War against Spreadsheet Fraud

To prevent another round of million dollar scandals due to fraudulent manipulations on spreadsheets, regulatory bodies have launched major offensives against these well-loved User Developed Applications (UDAs). Naturally, internal auditors are front and center in carrying out these offensives.

While regulations like the Sarbanes-Oxley Act, Dodd-Frank Act, and Solvency II can only be effective if end users are able to carry out the activities and practices required of them, auditors need to ascertain that they have. Sad to say, when it comes to spreadsheets, that is easier said than done.

Because spreadsheets are loosely distributed by nature, internal auditors always find it hard to: locate them, identify ownership, and trace their relationships with other spreadsheets. Now, we’re still talking about naturally occurring spreadsheets. How much more with files that have been deliberately tampered?

Spreadsheets can be altered in a variety of ways, especially if the purpose is to conceal fraudulent activities. Fraudsters can, for instance:

  • hide columns or rows,
  • perform conditional formatting, which changes the appearance of cells depending on certain values
  • replace cell entries with false values either through direct input or by linking to other spreadsheet sources
  • apply small, incremental changes in multiple cells or even spreadsheets to avoid detection
  • design macros and user defined functions to carry out fraudulent manipulations automatically

Recognising the seemingly insurmountable task ahead, the Institute of Internal Auditors released a guide designed specifically for the task of auditing user-developed applications, which of course includes spreadsheets.

But is this really the weapon internal auditors should be wielding in their quest to bring down spreadsheet fraud? Our answer is no. In fact, we believe no such weapon has to be wielded at all?because the only way to get rid of spreadsheet fraud is to eliminate spreadsheets once and for all.

Imagine how easy it would be for internal auditors to conduct their audits if data were kept in a centralised server instead of being scattered throughout the organisation in end-user hard drives.

And that’s not all. Because a server-based solution can be configured to have its own built-in controls, all your data will be under lock and key; unlike spreadsheet-based systems wherein storing a spreadsheet file inside a password-protected workstation does not guarantee equal security for all the other spreadsheets scattered throughout your company.

Learn more about Denizon’s server application solutions and discover a more efficient way for your internal auditors to carry out their jobs.

More Spreadsheet Blogs

 

Spreadsheet Risks in Banks

 

Top 10 Disadvantages of Spreadsheets

 

Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry

 

How Internal Auditors can win the War against Spreadsheet Fraud

 

Spreadsheet Reporting – No Room in your company in an age of Business Intelligence

 

Still looking for a Way to Consolidate Excel Spreadsheets?

 

Disadvantages of Spreadsheets

 

Spreadsheet woes – ill equipped for an Agile Business Environment

 

Spreadsheet Fraud

 

Spreadsheet Woes – Limited features for easy adoption of a control framework

 

Spreadsheet woes – Burden in SOX Compliance and other Regulations

 

Spreadsheet Risk Issues

 

Server Application Solutions – Don’t let Spreadsheets hold your Business back

 

Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

 

Check our similar posts

The Matrix Management Structure

Organizations exploit matrix management in various ways. A company, for instance, that operates globally uses it at larger scale by giving consistent products to various countries internationally. A business entity, having many products, does not assign its people to each product full-time but assign those to different ones on a part time basis, instead. And when it comes to delivering high quality and low cost products, companies overcome industry pressures with the help of many overseeing managers. In a rapidly changing environment, organizations respond quickly by sharing information through a matrix model.

Understanding the Matrix Management Structure

A basic understanding of matrix management starts with the three key roles and responsibilities that applies in the structure.

  • Matrix Leader ? The common person above all the matrix bosses is the matrix leader. He ensures that the balance of power is maintained in the entire organization by delegating decisions and promoting collaboration among the people.
  • Matrix Managers ? The managers cooperate with each other by defining the respective activities that they are responsible for.
  • Matrix Employees – The employees have lesser direct authority but has more responsibilities. They resolve differing demands from more than one matrix managers while they work things out upwards. Their loyalty must be dual and their relationships with managers must be maintained.

Characteristics of a Matrix Structure

Here are some features that define the matrix management structure:

  • Hybrid Structure ?The matrix structure is a mix of functional and project organization. Since it is a combination of these two, matrix management is hybrid in nature.
  • Functional Manager ? When it comes to the technical phases of the project, the functional manager assumes responsibility. The manager decides on how to get the project done, delegates the tasks to the subordinates and oversees the operational parts of the organization.
  • Project Manager ? The project manager has full authority in the administrative phases, including the physical and financial resources needed to complete the project. The responsibilities of a project manager comprise deciding on what to do, scheduling the work, coordinating the activities to diverse functions and evaluating over-all project performance.
  • Specialization ?As the functional managers concentrate on the technical factors, the project managers focus on administrative ones. Thus, in matrix management, there is specialization.
  • Challenge in Unity of Command ? Companies that employs matrix management usually experience a problem when it comes to the unity of command. This is largely due to the conflicting orders from the functional and project managers.

Types of Matrix Structure

The matrix management structure can be classified according to the level of power of the project manager. Here are three distinct types of matrix structures that are widely used by organizations.

  • Weak Matrix ? The project manager has limited authority and power as the functional manager controls the budget of the project. His role is only part-time and more like a coordinator.
  • Strong Matrix ? Here, the project manager has almost all the authority and power. He controls the budget, holds the full time administrative project management and has a full time role.
  • Balanced Matrix ? In this structure type, both the project and functional managers control the budget of the project. The authority and power is shared by the two as well. Although the project manager has a full time role, he only has a part time authority for the administrative staff to report under his leadership.

Successful companies of today venture more on enhancing the abilities, skills, behavior and performances of their managers than the pursuit of finding the best physical structure. Indeed, learning the fundamentals of the matrix structure is essential to maximize its efficiency. A senior executive pointed out that one of the challenges in matrix management is not more of building a structure but in creating the matrix to the mind of the managers. This comes to say that matrix management is not just about the structure, it is a frame in the mind.

Scrumming Down to Complete Projects

Everybody knows about rugby union scrums. For our purposes, perhaps it is best to view them as mini projects where the goal is to get the ball back to the fly-half no matter what the opposition does. Some scrums are set pieces where players follow planned manoeuvres. Loose / rolling scrums develop on the fly where the team responds as best according to the situation. If that sounds to you like software project management then read on, because there are more similarities?.

Isn’t Scrum Project Management the Same as Agile?

No it’s not, because Scrum is disinterested in customer liaison or project planning, although the team members may be happy to receive the accolades following success. In the same way that rugby players let somebody else decide the rules and arrange the fixtures, a software Scrum team just wants the action.

Scrum does however align closely ? dare I say interchangeably with Agile?s sprints. Stripping it of all the other stages frees the observer up to analyse it more closely in the context of a rough and tumble project, where every morning can begin with a backlog of revised requirements to back fit.

The 3 Main Phases of a Scrum

A Scrum is a single day in the life of a project, building onto what went before and setting the stage for what will happen the following day. The desired output is a block of component software that can be tested separately and inserted later. Scrumming is also a useful technique for managing any project that can be broken into discreet phases. The construction industry is a good example.

Phase 1 – Define the Backlog. A Scrum Team?s day begins with a 15 minute planning meeting where team members agree individual to-do lists called ?backlogs?.

Phase 2 – Sprint Towards the Goal. The team separates to allow each member to complete their individual lines of code. Little or no discussion is needed as this stage.

Phase 3 – Review Meeting. At the end of each working day, the team reconvenes to walk down what has been achieved, and check the interconnected functionality.

The 3 Main Phases of a Scrum ? Conclusions and Thoughts

Scrum is a great way to liberate a competent project team from unnecessary constraints that liberate creativity. The question you need to ask yourself as manager is, are you comfortable enough to watch proceedings from the side lines without rushing onto the field to grab the ball.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
What Sub-Metering did for Nissan in Tennessee

When Nissan built its motor manufacturing plant in Smyrna 30 years ago, the 5.9 million square-foot factory employing over 8,000 people was state of art. After the 2005 hurricane season sky-rocketed energy prices, the energy team looked beyond efficient lighting at the more important aspect of utility usage in the plant itself. Let’s examine how they went about sub-metering and what it gained for them.

The Nissan energy team faced three challenges as they began their study. They had a rudimentary high-level data collection system (NEMAC) that was so primitive they had to transfer the data to spread-sheets to analyse it. To compound this, the engineering staff were focused on the priority of getting cars faster through the line. Finally, they faced the daunting task of making modifications to reticulation systems without affecting manufacturing throughput. But where to start?

The energy team chose the route of collaboration with assembly and maintenance people as they began the initial phase of tracking down existing meters and detecting gaps. They installed most additional equipment during normal service outages. Exceptions were treated as minor jobs to be done when convenient. Their next step was to connect the additional meters to their ageing NEMAC, and learn how to use it properly for the first time.

Although this was a cranky solution, it had the advantage of not calling for additional funding which would have caused delays. However operations personnel were concerned that energy-saving shutdowns between shifts and over weekends could cause false starts. ?We’ve already squeezed the lemon dry,? they seemed to say. ?What makes you think there?s more to come??

The energy team had a lucky break when they stumbled into an opportunity to prove their point early into implementation. They spotted a four-hourly power consumption spike they knew was worth examining. They traced this to an air dryer that was set to cyclical operation because it lacked a dew-point sensor. The company recovered the $1,500 this cost to fix, in an amazing 6 weeks.

Suitably encouraged and now supported by the operating and maintenance departments, the Smyrna energy team expanded their project to empower operating staff to adjust production schedules to optimise energy use, and maintenance staff to detect machines that were running without output value. The ongoing savings are significant and levels of shop floor staff motivation are higher.

Let’s leave the final word to the energy team facilitator who says, ?The only disadvantage of sub-metering is that now we can’t imagine doing without it.?

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Ready to work with Denizon?

Contact Us Today