Spreadsheet Woes – Limited Features For Easy Adoption of a Control Framework

Like it or not, regulations are here to stay and for a company to comply with them, its IT and financial systems will have to be equipped with a suitable control framework. One common stumbling block to such an implementation is a company?s over-reliance on spreadsheets.

Why is it so difficult to adopt controls for a system that’s reliant on spreadsheets? To understand this, let’s pinpoint some of the strongest, most powerful attributes of these User Developed Applications (UDA).

By nature, spreadsheets are the epitome of simplicity: easy to develop, easily accessible and easily altered. All computers in your workplace will most likely have them and everyone in your organization may be sharing them, making their own versions, and storing them in personal folders.

Sad to say though, these strengths are also control weaknesses and constitute the very reasons why spreadsheets require effective risk management.

Easy to develop. Being easy to develop, most spreadsheet systems are created by non-IT users who have limited knowledge on best control practices. Being constantly under time pressure, these ?developers? may also relegate documentation, security, and data verification to the back burner in favour of coming up with a timely report.

Easy to access. Information in a spreadsheet can be opened by practically anyone within the organization?s network. Who accessed what? And when? If anything goes wrong, it would be difficult to identify the culprit, and the failure to pinpoint responsibility for erroneous data could lead to bigger, more costly mistakes.

Easy to alter. Lastly, if the information is easy to access, then it can also be easily altered, consequently making reports more prone to both accidental errors and fraudulent modifications.

The rise of multimillion dollar scandals due to accidental and intentional spreadsheet errors have prompted regulatory bodies to publish guidelines for mitigating spreadsheet-associated risks. These controls include:

  • Change control
  • Version control
  • Access control
  • Input
  • Security and data integrity
  • Documentation
  • Development life cycle
  • Backup and archiving
  • Logic inspection/Testing
  • Segregation of duties/roles, and procedures
  • Analytics

In theory, these controls should be able to bring down risks considerably. However, because of the inherent nature of spreadsheets, such controls are rarely implemented effectively in the real world.

Take for example Security and Data Integrity. One of the most common causes of spreadsheet error is due to ?hardwiring?. This happens when values are inadvertently entered into a formula cell, naturally changing the logic of the spreadsheet.

As a way of control, cell locking can be applied on the formula cells to prevent users without the proper authority from making any changes. However, when reporting deadlines approach drawing spreadsheets to the forefront of data processing, more people are given access rights to the locked cells. Ironically, it is during these crunch times, when errors are most likely to happen.

Because the built-in features of a spreadsheet support none of the controls mentioned above, some companies are tempted to purchase control-enabling programs for spreadsheets just to continue using them for financial reporting. But although these programs can integrate the required controls, you?d still be interacting with the same complex and outdated interface: the spreadsheets.

Thus, these band-aid solutions may not suffice because the root cause of these problems are the spreadsheets themselves.

Learn more about our server application solutions and discover a better way to implement controls.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

Advert-Book-UK

amazon.co.uk

Advert-Book-USA

amazon.com

Check our similar posts

Cloud Computing Trends: Where is the Cloud Headed Next?

Cloud adoption has been quick and painless at the consumer level. For instance, everyone’s on Gmail, YouTube, Facebook and Twitter on a daily basis yet most think nothing of the fact that they’re already using cloud-based services. Small businesses have also discovered how cloud solutions have raised efficiency in the workplace up a notch or two, while also bringing about significant cost savings. Cloud applications, particularly those for communication, file sharing, office software, backup and storage, and customer management, have rapidly grown in usage among SMBs.

In the same manner, large corporations are starting to see the potential of moving some of their IT department, whether its infrastructure or network management, to the cloud. By all indications it would seem that whether we are ready for it or not, cloud computing technology is here for the long haul.

So where is the cloud headed to next? In this post we examine the trends in the world of cloud computing and what likely lies in store in the near future for cloud users.

Focus on Security

Security has always been a key concern in the cloud computing industry and this will not go away anytime soon. If anything, data security in the cloud will only get to be in the limelight even more as cloud adopters grow in number. That’s why we expect professional cloud services providers to start implementing measures that will help slowly build up confidence in cloud security.

We should soon see more advanced security techniques and protocols that would increase the overall level of privacy and protection for cloud-stored information. Tighter security for login encryptions and prevention of unauthorized access are priority although there are a lot more issues that may need to be addressed. Now it remains to be seen whether these moves are enough for corporate clients to put their full trust in the cloud. But then again, they can always find ways to stay secure while making use of cloud computing where they can, which brings us to the next cloud trend.

Hybrid Approach

Large businesses are taking a longer time to get used to and actually use cloud services, and understandably so. After all, these companies have more at stake when it comes to dealing with such valid issues as security, compliance, outages, legacy systems, and more. However, they also cannot ignore the very appealing characteristics of the cloud. For big companies that have substantial IT needs, scalability, business agility, and faster deployment are listed as the biggest draws of the cloud.

This is why analysts predict that as as these businesses look toward leveraging the benefits of the cloud while at the same time maintaining control over mission critical data and systems, the use of a hybrid approach, i.e. putting some services in a public and at the same time opting to utilize a private cloud for other applications, will see enormous growth.

Mobile Cloud Computing

The BYOD or Bring Your Own Device business policy is another emerging trend that would not have been possible if not for cloud technology. This practice involves having employees bring their mobile devices to work, allowing them to access company files, data, and applications from their personally-owned gadgets in and out of the workplace.

As with any new business practice, the concept of BYOD can be both advantageous and disadvantageous. On the one hand, some believe it helps increase employee productivity and lifts their morale, while reducing overall IT costs. On the other hand, BYOD also opens up a whole new set of problems that are quite consistent with what many businesses take issue with with cloud technology: security. Do the pros outweigh the cons or vice versa? This much isn’t clear yet but what is evident is that more cloud apps are going mobile.

Efficiency, Innovation

While cost savings has always been one benefit that cloud proponents are quick to point out, its capability to improve and streamline business processes, thereby increasing efficiency and agility within the organization, is another key opportunity that the cloud offers. This is evident when you take a look at the most commonly used cloud services: backup and archiving, business continuity, collaboration tools, and big data processing.

Moreover, the cloud is making it easier for individuals to create new products and produce new lines of business. With access to higher IT capacity at lesser cost and at faster deployment rates, businesses can scale into more innovation without having to worry about the availability of computing resources.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
8 Best Practices To Reduce Technical Debt

When past actions in software development return to haunt you…

Is your business being bogged down by technical debt? Let’s look at measures that you can take to reduce it and scale your operations without the weight pulling you back. 

 

Work with a flexible architecture.

Right from the word go, you want to use architecture whose design is malleable, especially with the rapid rate of software evolution witnessed today. Going with an architecture that keeps calling for too much refactoring, or whose design won’t accommodate future changes will leave you with costly technical debt. Use scalable architecture that allows you to modify or add new features in future releases. While on this, complex features required in the final product should be discussed at the planning stage, that way simplified solutions that will be easier to implement can be identified, as this will lead to less technical debt in the long run. 

 

The Deal with Refactoring 

This is basically cleaning up the code structure without changing its behaviour. With the updates, patches, and new functionalities that are added to the systems and applications, each change comes with the threat of more technical debt. Additionally, organisations are increasingly moving their IT infrastructure from on-premises facilities to colocation data centres and deploying them on the cloud. In such scenarios, some workarounds are often needed to enable the systems to function in the new environments, which they hadn’t been initially developed to accommodate. Here, you will need to take some time to refactor the existing system regularly, streamlining the code and optimizing its performance – and this will be key to pay down the tech debt. When working with a flexible architecture from the start, the amount of work that goes into this will be reduced, meaning there’ll be less tech debt involved. 

 

Run discovery tests

Discovery testing essentially takes place even before a line of code is written for the system or application. This takes place at the product definition stage, where human insight software is used to understand the needs of the customer and is particularly helpful in setting priorities for the development work that will be carried out. It gives your business the opportunity to minimize the technical debt by allowing customers to give you a roadmap of the most pertinent features desired from the product. 

 

Routine code review

Getting a fresh look at the product or application from different sets of eyes in the development team will improve the quality of the code, thus reducing technical debt. There’s a catch though – this should be planned in a convenient way that doesn’t end up becoming a burden for the developers. Here are suggestions:

Break down pull requests

Instead of having complex pull requests where numerous changes in the code are introduced at a go, have this broken down into smaller manageable pull requests, each with a brief title and description about it. This will be easier for the code reviewer to analyse. 

● Define preferred coding practices

Documenting the preferred coding style will result in cleaner code, meaning the developers will focus their effort on reviewing the code itself, not losing time on code format debates.

 

Test automation

Relying only on scheduled manual testing opens you up to the risk of technical debt accruing rapidly, and not having sufficient resources to deal with the accumulated problems when they are identified. Automated testing on the other hand enables issues to be uncovered quicker, and with more precision. For instance, you can have automated unit tests that look at the functioning of the individual components of a system, or regression testing where the focus is on whether the code changes that have been implemented have affected related components of the system. However, establishing and maintaining automated testing will require quite some effort – making it more feasible for the long-term projects.

 

Keep a repository that tracks changes made

Do you have a record of changes made in the software? Keeping one in a repository that is accessible by the development team will make it easy to pin-point problems at their source. For instance, when software is being migrated to a new environment, or legacy software is in the process of being modernised, you will want to have an accurate record of changes that are being introduced, that way if there is an undesired impact on the system this it will be easier to zero-down on the cause.

 

Bring non-technical stakeholders on board

Does this conversation sound familiar?

Development Team: “We need to refactor the messy code quickly”

Product Team: “We have no idea what you are saying”

On one hand, you have the management or product team defining the product requirements, creating a project roadmap, and setting its milestones. On the other hand, there’s the software development/engineering that’s primarily focused on the product functionality, technical operations and clearing the backlog in code fixes. Poor communication between the two teams is actually a leading cause of technical debt.

For you to take concrete steps in managing your technical debt, the decision-makers in the organisation should understand its significance, and the necessity of reducing it. Explain to them how the debt occurred and why steps need to be taken to pay it down – but you can’t just bombard them with tech phrases and expect them to follow your thought process. 

So how do you go about it? Reframe the issues involved with the technical debt and explain the business value or impact of the code changes. Basically, the development team should approach it from a business point of view, and educate the management or production team about the cost of the technical debt. This can include aspects such as expenses in changing the code, salaries for the software engineers especially when the development team will need to be increased due to the workload piling up, as well as the revenue that is lost when the technical debt is allowed to spiral. 

The goal here is to show the management or production team how issues like failing to properly define the product requirements will slow down future software development, or how rushing the code will affect the next releases. That way, there will be better collaboration between the teams involved in the project. 

 

Allocate time and resources specifically for reducing technical debt

With management understanding that working with low-quality code is just like incurring financial debt and it will slow down product development, insist on setting time to deal with the debt. 

For instance, when it comes to the timing of application releases, meetings can be conducted to review short- and longer-term priorities. These meetings – where the development team and product team or management are brought together, the developers point out the software issues that should be resolved as a priority as they may create more technical debt. Management then ensures that budgets and plans are put in place to explicitly deal with those ongoing maintenance costs.

 

Retire old platforms

While most of the resources are going into developing new applications and improving the systems being used, the organisation should also focus on retiring the old applications, libraries, platforms, and the code modules. It’s recommended that you factor this into the application release plans, complete with the dates, processes and costs for the systems involved. 

 

Total overhaul

When the cost and effort of dealing with the technical debt far outweighs the benefits, then you may have to replace the entire system. At this tipping point, you’re not getting value from the technical debt, and it has become a painful issue that’s causing your organisation lots of difficulties. For instance, you may be dealing with legacy software where fixing it to support future developments has simply become too complicated. The patches available may only resolve specific issues with the system, and still leave you with lots of technical debt. Here, the best way out is to replace the system in its entirety. 

 

Final thoughts

Every software company has some level of tech debt. Just like financial debt, it is useful when properly managed, and a problem when ignored or allowed to spiral out of control. It’s a tradeoff between design/development actions and business goals. By taking measures to pay down your organization’s debt and address its interest as it accrues, you will avoid situations where short term solutions undermine your long-term goals. This is also key to enable your business to transition to using complex IT solutions easier, and even make the migration between data centres much smoother. These 8 measures will enable you to manage your technical debt better to prevent it from being the bottleneck that stifles your growth.

FUJIFILM Cracks the Energy Code

FUJIFILM was in trouble at its Dayton, Tennessee plant in 2008 where it produced a variety of speciality chemicals for industrial use. Compressed-air breakdowns were having knock-on effects. The company decided it was time to measure what was happening and solve the problem. It hoped to improve reliability, cut down maintenance, and eliminate relying on nitrogen for back-up (unless the materials were flammable).

The company tentatively identified three root causes. These were (a) insufficient system knowledge within maintenance, (b) weak spare part supply chain, and (c) generic imbalances including overstated demand and underutilised supply. The maintenance manager asked the U.S. Department of Energy to assist with a comprehensive audit of the compressed air system.

The team began on the demand side by attaching flow meters to each of several compressors for five days. They noticed that – while the equipment was set to deliver 120 psi actual delivery was 75% of this or less. They found that demand was cyclical depending on the production phase. Most importantly, they determined that only one compressor would be necessary once they eliminated the leaks in the system and upgraded short-term storage capacity.

The project team formulated a three-stage plan. Their first step would be to increase storage capacity to accommodate peak demand; the second would be to fix the leaks, and the third to source a larger compressor and associated gear from a sister plant the parent company was phasing out. Viewed overall, this provided four specific goals.

  • Improve reliability with greater redundancy
  • Bring down system maintenance costs
  • Cut down plant energy consumption
  • Eliminate nitrogen as a fall-back resource

They reconfigured the equipment in terms of lowest practical maintenance cost, and moved the redundant compressors to stations where they could easily couple as back-ups. Then they implemented an online leak detection and repair program. Finally, they set the replacement compressor to 98 psi, after they determined this delivered the optimum balance between productivity and operating cost.

Since 2008, FUJIFILM has saved 1.2 million kilowatt hours of energy while virtually eliminating compressor system breakdowns. The single compressor is operating at relatively low pressure with attendant benefits to other equipment. It is worth noting that the key to the door was measuring compressed air flow at various points in the system.

ecoVaro specialises in analysing data like this on any energy type.?

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Ready to work with Denizon?

Contact Us Today