Spreadsheet Woes – Burden in SOX Compliance and Other Regulations

End User Computing (EUC) or end User Developed Application (UDA) systems like spreadsheets used to be ideal ad-hoc solutions for data processing and financial reporting. But those days are long gone.

Today, due to regulations like the:

  • Sarbanes-Oxley (SOX) Act,
  • Dodd-Frank Act,
  • IFRS (International Financial Reporting Standards),
  • E.U. Data Protection Directive,
  • Basel II,
  • NAIC Model Audit Rules,
  • FAS 157,
  • yes, there?s more ? and counting

a company can be bogged down when it tries to comply with such regulations while maintaining spreadsheet-reliant financial and information systems.

In an age where regulatory compliance have become part of the norm, companies need to enforce more stringent control measures like version control, access control, testing, reconciliation, and many others, in order to pass audits and to ensure that their spreadsheets are giving them only accurate and reliable information.

Now, the problem is, these control measures aren’t exactly tailor-made for a spreadsheet environment. While yes, it is possible to set up a spreadsheet and EUC control environment that utilises best practices, this is a potentially expensive, laborious, and time-consuming exercise, and even then, the system will still not be as foolproof or efficient as the regulations call for.

Testing and reconciliation alone can cost a significant amount of time and money to be effective:

  1. It requires multiple testers who need to test spreadsheets down to the cell level.
  2. Testers will have to deal with terribly disorganized and complicated spreadsheet systems that typically involve single cells being fed information by other cells in other sheets, which in turn may be found in other workbooks, or in another folder.
  3. Each month, an organisation may have new spreadsheets with new links, new macros, new formulas, new locations, and hence new objects to test.
  4. Spreadsheets rarely come with any kind of supporting documentation and version control, further hampering the verification process.
  5. Because Windows won’t allow you to open two Excel files with the same name simultaneously and because a succession of monthly-revised spreadsheets separated by mere folders but still bearing the same name is common in spreadsheet systems, it would be difficult to compare one spreadsheet with any of its older versions.

But testing and reconciliation are just two of the many activities that make regulatory compliance terribly tedious for a spreadsheet-reliant organisation. Therefore, the sheer intricacy of spreadsheet systems make examining and maintaining them next to impossible.

On the other hand, you can’t afford not to take these regulations seriously. Non-compliance with regulatory mandates can have dire consequences, not the least of which is the loss of investor confidence. And when investors start to doubt the management’s capability, customers will start to walk away too. Now that is a loss your competitors will only be too happy to gain.

Learn more about our server application solutions and discover a better way to comply with regulations.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Check our similar posts

The Child at Work: Fun Team Builds with LEGO SERIOUS PLAY

There is a child just below the surface in all of us. When were kids, adults lopped off the sharp bits that intruded into their ?genteel? society. Schools, to their everlasting shame sanded away our unique free spirits, as they stuck us into uniforms and imposed a daily classroom discipline. We received badges and prizes if we obeyed, and strict sanctions when we did not. This produced a generation of middle-age managers who no longer know how to play.

Life can be so deadly serious ?

Things work pretty much the same in business. Life is deadly serious. If we want to keep our jobs, we must deliver on the bottom line in our departments. There is little time for fun outside the Christmas party, when we may, within the limits of decorum engage in activity for enjoyment and recreation, rather than a serious or practical purpose.

Team builds (and strategic planning sessions) can be deadly boring affairs that proceed down narrow funnels defined by human resource facilitators. No matter how hard HR they may try, the structural hierarchy will remain intact, unless they find a way to set it aside during the program. Injecting fun into the occasion liberates independent thought, and this is why.

? But not for a little child at play

Next time you dine out at a branded family restaurant, select a seat that allows you observe the kiddies? play zone. Notice how inventive children become, when the family hierarchy is not there to tell them what to do (although parents may try from the wrong side of the soundproof glass). The ?serious play? side of fun team-builds aims to liberate managers by releasing their child for the duration. Shall we dig a little deeper into this and discover the dynamics?

Many of us have less than perfect oral communication skills. This is one of the great impediments to modern business meetings. We may not have sufficient time to formulate our thoughts for them to remain relevant when we speak. When we express them, we sense the group?s impatience for us to hurry up, so other members can have their opportunity to contribute.

Sharing better thinking with LEGO? bricks

Most of us feel an urge to click the brightly coloured plastic bricks together that carpenter Ole Kirk Christiansen released into a war-weary world in 1949. The basic kit is a great leveller because the blocks are all the same, and the discriminators are the colours and the power of our imagination. Watching a free-form LEGO builder in action is equally fascinating, as we wonder ?what they will do next? and ?what is happening in their mind.?

Examples of LEGO Serious PLAY in action

Instead of asking team members to describe themselves in a minute, a LEGO? SERIOUS PLAY? facilitator may gather them around a table piled high with LEGO bricks instead, and ask them to each build a model of themselves. The atmosphere is informal with interaction and banter encouraged. It is still serious play though, as team members get to know each other, and their own personalities better

The system is equally effective in strategic sessions, where the facilitator provides specially selected building blocks for the team to experiment with as they learn to listen, and share. This enables them to deconstruct a problem into its component parts, and share solutions regardless of seniority, culture, and communication skills.

Creating problem- and solution-landscapes three dimensionally this way, enables open conversations that keep the focus on the problem. Participants at these team builds do not only reach effective consensus faster. They are also busy building better communication skills as they do.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
Becoming Nimble the Agile Project Management Way

In dictionary terms, ?agile? means ?able to move quickly and easily?. In project management terms, the definition is ?project management characterized by division of tasks into short work phases called ?sprints?, with frequent reassessments and adaptation of plans?. This technique is popular in software development but is also useful when rolling out other projects.

Managing the Seven Agile Development Phases

  • Stage 1: Vision. Define the software product in terms of how it will support the company vision and strategy, and what value it will provide the user. Customer satisfaction is of paramount value including accommodating user requirement changes.
  • Stage 2: Product Roadmap. Appoint a product owner responsible for liaising with the customer, business stakeholders and the development team. Task the owner with writing a high-level product description, creating a loose time frame and estimating effort for each phase.
  • Stage 3: Release Plan. Agile always looks ahead towards the benefits that will flow. Once agreed, the Product Road-map becomes the target deadline for delivery. With Vision, Road Map and Release Plan in place the next stage is to divide the project into manageable chunks, which may be parallel or serial.
  • Stage 4: Sprint Plans. Manage each of these phases as individual ?sprints?, with emphasis on speed and meeting targets. Before the development team starts working, make sure it agrees a common goal, identifies requirements and lists the tasks it will perform.
  • Stage 5: Daily Meetings. Meet with the development team each morning for a 15-minute review. Discuss what happened yesterday, identify and celebrate progress, and find a way to resolve or work around roadblocks. The goal is to get to alpha phase quickly. Nice-to-haves can be part of subsequent upgrades.
  • Stage 6: Sprint Review. When the phase of the project is complete, facilitate a sprint review with the team to confirm this. Invite the customer, business stakeholders and development team to a presentation where you demonstrate the project/ project phase that is implemented.
  • Stage 7: Sprint Retrospective. Call the team together again (the next day if possible) for a project review to discuss lessons learned. Focus on achievements and how to do even better next time. Document and implement process changes.

The Seven Agile Development Phases ? Conclusions and Thoughts

The Agile method is an excellent way of motivating project teams, achieving goals and building result-based communities. It is however, not a static system. The product owner must conduct regular, separate reviews with the customer too.

A Business Case for Sharing

We blogged about sharing services in a decentralised business context recently, and explained why we think why these should be IT-Based for speedy delivery. This is not to say that all shared services projects worldwide have been resounding successes. This is often down to the lack of a solid business case up front. We decided to lay out the logic behind this process.

Management Overview ? The overview includes a clear definition of why the current situation is unacceptable, the anticipated benefits of sharing, and an implementation plan were it to go ahead. The project should not proceed until the stakeholders have considered and agreed on this.

Alternatives Considered ? The next stage is to get closer to the other options in order to determine whether an alternative might perhaps be preferable. Substitutes for shared services are often doing nothing, improving the current method, and outsourcing the service to a third party.

The Bottom Line in Business ? Sharing services comes at an initial cost of infrastructure changes, and the impact on human capital (the latter deserves its own blog). The following need careful consideration from the financial angle:

Numbers to Work Through

  • Manpower to design and roll the project out in parallel with the existing organisation.
  • Capital for creating facilities at the central point including civil works, furniture and equipment and IT infrastructure.
  • The costs of travel, feeding and accommodation. These can be significant depending on the time that implementation takes.
  • The opportunity loss of diverting key staff – and the cost of temporary replacements – if appointing line staff to the project team.
  • Crystal-clear project metrics including (a) the direct, realisable savings (b) the medium and long-term effects on profit and (c) where to deploy the savings

Risk Management

Shared services projects don’t go equally smoothly, although planning should reduce the risk to manageable levels. Nonetheless it is important to imagine potential snags, decide how to mitigate them and what the cost might be.

We believe in implementing shared services on a pilot basis in the business unit that eventually provides them. We recommend building these out to other branches only when new processes are working smoothly.

Moving On From a Decision

We recommend you revisit your management overview, the logic behind it, the assumptions you made, and the costs and benefits you envisage before deciding to go ahead

The final step in proving a business case is doable should be fleshing out your roadmap into a detailed operations plan with dependencies on a spreadsheet.

Ready to work with Denizon?