How Internal Auditors can win The War against Spreadsheet Fraud
To prevent another round of million dollar scandals due to fraudulent manipulations on spreadsheets, regulatory bodies have launched major offensives against these well-loved User Developed Applications (UDAs). Naturally, internal auditors are front and center in carrying out these offensives.
While regulations like the Sarbanes-Oxley Act, Dodd-Frank Act, and Solvency II can only be effective if end users are able to carry out the activities and practices required of them, auditors need to ascertain that they have. Sad to say, when it comes to spreadsheets, that is easier said than done.
Because spreadsheets are loosely distributed by nature, internal auditors always find it hard to: locate them, identify ownership, and trace their relationships with other spreadsheets. Now, we’re still talking about naturally occurring spreadsheets. How much more with files that have been deliberately tampered?
Spreadsheets can be altered in a variety of ways, especially if the purpose is to conceal fraudulent activities. Fraudsters can, for instance:
hide columns or rows,
perform conditional formatting, which changes the appearance of cells depending on certain values
replace cell entries with false values either through direct input or by linking to other spreadsheet sources
apply small, incremental changes in multiple cells or even spreadsheets to avoid detection
design macros and user defined functions to carry out fraudulent manipulations automatically
Recognising the seemingly insurmountable task ahead, the Institute of Internal Auditors released a guide designed specifically for the task of auditing user-developed applications, which of course includes spreadsheets.
But is this really the weapon internal auditors should be wielding in their quest to bring down spreadsheet fraud? Our answer is no. In fact, we believe no such weapon has to be wielded at all?because the only way to get rid of spreadsheet fraud is to eliminate spreadsheets once and for all.
Imagine how easy it would be for internal auditors to conduct their audits if data were kept in a centralised server instead of being scattered throughout the organisation in end-user hard drives.
And that’s not all. Because a server-based solution can be configured to have its own built-in controls, all your data will be under lock and key; unlike spreadsheet-based systems wherein storing a spreadsheet file inside a password-protected workstation does not guarantee equal security for all the other spreadsheets scattered throughout your company.
Learn more about Denizon’s server application solutions and discover a more efficient way for your internal auditors to carry out their jobs.
For many people within the UK, water is not really something to worry about. Surely enough of it falls out the sky throughout the year that it does feel highly unlikely that we?ll ever run out of it. There certainly does seem to be an abundance of Branded Water available in plastic bottles on our supermarket shelves.
Water, water, every where, And all the boards did shrink; Water, water, every where, Nor any drop to drink.
Despite this, Once-unthinkable water crises are becoming commonplace. If you consider that In England and Wales, we use 16 billion litres of clean drinking water every day ? that’s equivalent to 6,400 Olympic sized swimming pools.
Currently, water companies can provide slightly more than we need ? 2 billion litres are available above and beyond what we’re using. In some areas, though, such as south east England, there is no surplus and, as such, these regions are more likely to face supply restrictions in a dry year.
If we take little moment to reflect on some of the most notable water related stories over the past few years, we’ll start to get a picture of just how real the potential and the threat of water shortages can be.
Reservoirs in Chennai, India?s sixth-largest city, are nearly dry right now. Last year, residents of Cape Town, South Africa narrowly avoided their own Day Zero water shut-off.
It was only year before that, Rome rationed water to conserve scarce resources.
Climate change is likely to mean higher temperatures which may drive up the demand for water (alongside population growth) and increase evaporation from reservoirs and water courses during spring and summer.
The impact of climate change on total rainfall is uncertain, but the rain that does fall is likely to arrive in heavier bursts in winter and summer. Heavier rain tends to flow off land more quickly into rivers and out to sea, rather than recharging groundwater aquifers.
A greater chance of prolonged dry periods is also conceivable. This combined with the harsh reality that no human population can sustain itself without sufficient access to fresh water.
If present conditions continue, 2 out of 3 people on Earth will live within a water-stressed zone by 2025
What is water stress?
Water stress is a term used to describe situation when demand for water is greater than the amount of water available at a certain period in time, and also when water is of poor quality and this restricts its usage. Water stress means deterioration in both the quantity of available water and the quality of available water due to factors affecting available water.
Water stress refers to the ability, or lack thereof, to meet human and ecological demand for water. Compared to scarcity, water stress is a more inclusive and broader concept.
Water Stress considers several physical aspects related to water resources, including water scarcity, but also water quality, environmental flows, and the accessibility of water.
Supply and Demand
Major factors involved when water scarcity strikes is when a growing populations demand for water exceeds the areas ability to service that need.
Increased food production and development programs also lead to increased demand for water, which ultimately leads to water stress.
Increased need for agricultural irrigation in order to produce more crops or sustain livestock are major contributors to localised water stress.
Overconsumption
The demand for water in a given population is fairly unpredictable. Primarily, based on the fact that you can never accurately predict human behaviour and changes in climate.
If too many people are consuming more water than they need because they mistakenly believe that water is freely available and plentiful, then water stress could eventually occur.
This is also linked to perceived economic prosperity of a give region. Manufacturing demand for water can have huge impact regardless whether water is actively used within the manufacturing process or not.
Water Quality
Water quality in any given area is never static. Water stress could happen as a result of rising pollution levels having a direct impact on water quality.
Water contamination happens when new industries either knowingly or unknowingly contaminate water with their industrial practices.
Largely, this can happen and frequently does so because these industries do not take effective control of monitoring and managing their impact on communal water supplies. Incorrectly assuming this is the responsibility of an additional third party like the regional water company.
The truth is, water quality and careful monitoring of it is all of our responsibility.
Water Scarcity
Simple increases in demand for water can in itself contribute to water scarcity. However, these are often preceded by other factors like poverty or just the natural scarcity of water in the area.
In many instances, the initial locations of towns or cities were not influenced by the close proximity of natural resources like water, but rather in pursuit of the extraction of other resources like Gold, Coal or Diamonds.
For Instance, Johannesburg, South Africa is the largest City in South Africa and is one of the 50 largest urban areas in the world. It is also located in the mineral rich Witwatersrand range of hills and is the centre of large-scale gold and diamond trade.
Johannesburg is also one of the only major cities of the world that was not built on a river or harbour. However, it does have streams that contribute to two of Southern Africas mightiest rivers – Limpopo and the Orange rivers. However, most of the springs from which many of these streams emanate are now covered in concrete!
Water Stress and Agriculture
Peter Buss, co-founder of Sentek Technology calls ground moisture a water bank and manufactures ground sensors to interrogate it. His hometown of Adelaide is in one of the driest states in Australia. This makes monitoring soil water even more critical, if agriculture is to continue. Sentek has been helping farmers deliver optimum amounts of water since 1992.
The analogy of a water bank is interesting. Agriculturists must ?bank? water for less-than-rainy days instead of squeezing the last drop. They need a stream of real-time data and utilize cloud-based storage and processing power to curate it.
Sentek?s technology can be found in remote places like Peru?s Atacamba desert and the mountains of Mongolia, where it supports sustainable floriculture, forestry, horticulture, pastures, row crops and viticulture through precise delivery of scarce water.
This relies on precision measurement using a variety of drill and drop probes with sensors fixed at 4? / 10cm increments along multiples of 12? / 30cm up to 4 times. These probe soil moisture, soil temperature and soil salinity, and are readily repositioned to other locations as crops rotate.
Peter Buss is convinced that measurement is a means to an end and only the beginning. ?Too often, growers start watering when plants don’t really need it, wasting water, energy, and labour. By accurately monitoring water can be saved until when the plant really needs it.
Peter also emphasises that crop is the ultimate sensor, and that ?we should ask the plant what it needs?.
This takes the debate a stage further. Water wise farmers should plant water-wise crops, not try to close the stable door after the horse has bolted and dry years return.
The South Australia government thinks the answer also lies in correct farm dam management. It wants farmers to build ones that allow sufficient water to bypass in order to sustain the natural environment too.
There is more to water management than squeezing the last drop. Soil moisture goes beyond measuring for profit. It is about farming sustainably using data from sensors to guide us.
Ecovaro is ahead of the curve as we explore imaginative ways to exploit the data these provide for the common good of all.
A Quarter of the World?s Population, Face High Water Stress
Data from WRI?s Aqueduct tools reveal that 17 countries? home to one-quarter of the world?s population?face ?extremely high? levels of baseline water stress, where irrigated agriculture, industries and municipalities withdraw more than 80% of their available supply on average every year.
Water stress poses serious threats to human lives, livelihoods and business stability. It’s poised to worsen unless countries act: Population growth, socioeconomic development and urbanization are increasing water demands, while climate change can make precipitation and demand more variable.
How to manage water stress
Water stress is just one dimension of water security. However, like any challenge, its outlook depends on adequate monitoring and management of environmental data.
Even countries with relatively high water stress have effectively secured their water supplies through proper management by leveraging the knowledge they have garnered by learning from the data they gathered.
3 ways to help reduce water stress
In any geography, water stress can be reduced by measures ranging from common sense to innovative technology solutions.
There are countless solutions, but here are three of the most straightforward:
1. Increase agricultural efficiency: The world needs to make every drop of water go further in its food systems. Farmers can use seeds that require less water and improve their irrigation techniques by using precision watering rather than flooding their fields.
Businesses need to increase investments to improve water productivity, while engineers develop technologies that improve efficiency in agriculture.
2. Invest in grey and green infrastructure: D Data produced by Aqueduct Alliance – shows that water stress can vary tremendously over the year. WRI and the World Bank?s researchshows that built infrastructure (like pipes and treatment plants) and green infrastructure (like wetlands and healthy watersheds) can work in tandem to tackle issues of both water supply and water quality.
3. Treat, reuse and recycle: We need to stop thinking of wastewater as waste.
Treating and reusing it creates a ?new? water source.
There are also useful resources in wastewater that can be harvested to help lower water treatment costs. For example, plants in Xiangyang, China and Washington, D.C. reuse or sell the energy- and nutrient-rich byproducts captured during wastewater treatment.
Summary
The data is undeniably clear, there are very worrying trends in water.
Businesses and other other organisations need to start taking action now and investing in better monitoring and management, we can solve water issues for the good of people, economies and the planet. We collectively cannot kick this can down the road any further, or assume that this problem will be solved by others.
It is time, for a collective sense of responsibility and for everyone to invest in future prosperity of our Planet as a collective whole. Ecological preservation should be at the forefront of all business plans because at the end of the day profit is meaningless without an environment to enjoy it in!
Like it or not, regulations are here to stay and for a company to comply with them, its IT and financial systems will have to be equipped with a suitable control framework. One common stumbling block to such an implementation is a company?s over-reliance on spreadsheets. (more…)
A cloud broker is someone who can serve as your trusted adviser when it comes to your dealings with a cloud service provider. Sort of an IT consultant who: is familiar with cloud computing, can negotiate a mutually beneficial relationship between you and a provider, and help you manage usage, performance and delivery of cloud services.?But do you need one?
Is it even time for cloud adoption?
Of course, if you haven’t even started considering moving your IT systems to the cloud, what’s the point of reading this article, right? Well, if you’re running a business in Ireland or the UK maybe you should start thinking about it. The benefits (of moving to the cloud) are simply overwhelming. But then that’s for another post.
For now, let’s just briefly talk about the rate of cloud adoption so far. This should give you an idea what other decision makers nearby think about cloud computing and what they’ve done in this regard so far.
According to research conducted by the Cloud Industry Forum (CIF), the number of first-time users of cloud computing in the United Kingdom has risen by about 27% compared to last year.
The study, which was carried out by research company Vanson Bourne and which involved IT decision-makers from both the private and public sector in UK, also showed that 61% of companies are subscribing to cloud-based services. A similar research conducted last year (2011) revealed only 48%.
In Ireland, plans are underway to adopt cloud computing. According to Pricewaterhouse Coopers, 75% of Ireland’s CIOs and IT directors are already adopting a cloud computing strategy.
Definitely, the number of cloud adopters is growing. If that number already includes your hottest competitor, then perhaps there’s no time to waste.
But while a migration to the cloud should be in your pipeline, it shouldn’t be something you should rush into. Generally speaking, there are at least three kinds of services offered by cloud service providers: IaaS (Infrastructure as a Service), PaaS (Platform as a Service), and SaaS (Software as a Service).
Some providers offer variations of these services. You might only need one type of service or a little of everything. There are also technical and regulatory compliance issues that need consideration.
Obviously, if you have no idea where or how to start, you’ll need someone who can help you. But what kind of help do you need?
Let’s proceed by talking about the kinds of services cloud brokers offer as these are obviously indicative of the needs of current cloud customers.
What cloud brokers do?
Cloud brokers offer three main types of services.
Cloud?inter-mediation
Cloud inter-mediation services are designed to add value to existing services and improve capabilities. ?Examples of cloud inter-mediation include managing access to cloud-based services, carrying out performance reporting, and establishing stronger security.
Cloud aggregation
As mentioned earlier, some cloud customers may end up subscribing to multiple cloud services; most likely from different cloud service providers. To get optimal return on their various cloud subscriptions, these customers will need to apply data integration and make these disparate systems work together. They will also have to make sure data flowing from one system to another is kept secure. This is where cloud aggregation comes into play.
Cloud arbitrage
This entails finding the best cloud service provider(s) to solve a particular problem. One example is comparing different providers offering data storage services and identifying the one offering the most competitive rates.
Other cloud arbitrage brokers develop new solutions by combining the services of different cloud service providers and then offer them to cloud customers. While there are similarities between cloud arbitrage and cloud aggregation, the former is more flexible and allows the customer to transfer from one provider to another where conditions are more favourable.
Problems a cloud broker can help you solve
Just like with natural clouds, your experiences in cloud computing won’t be all white and fluffy. You’ll also encounter gray and uncertain (or even stormy) clouds.
One major issue in cloud computing is cloud security. In fact, cloud security (or the apparent lack of it) is the one thing that’s really clouding up the sky of cloud computing. But that doesn’t mean the cloud is totally insecure. Besides, there are certain types of information that really don’t require a high level of security. These types you can easily migrate to the cloud.
For sensitive information, you really need to conduct due diligence to make sure your cloud service providers’ data centres are secure enough.
Where exactly will your data be stored? Are there enough provisions for regulatory compliance? How will your data be segregated? Does the infrastructure readily support ?data forensics? Is there a sound disaster recovery/business continuity plan? These are just some of the questions that need clear answers before you sign a contract with a cloud service provider.
Also, before you sign, you need to study the SLA (Service Level Agreement) very carefully. Look at the guaranteed uptime. Is it enough to meet your own desired service levels?
Bear in mind that the answers to these questions may be too technical. This is one of those instances when a cloud broker can come in handy. As your trusted adviser, your cloud broker can break down the technical jargon and present everything in a language that you can make intelligent decisions from.
A cloud broker will also be able to study the cloud provider’s security architecture and policies and determine whether they’re sufficient to meet your own security requirements. Basically, a cloud broker will not only help you obtain answers to your questions.
He will also know exactly what vital information to extract from providers in order to ensure that you find the best deal possible.
