Spreadsheet Woes – Burden in SOX Compliance and Other Regulations

End User Computing (EUC) or end User Developed Application (UDA) systems like spreadsheets used to be ideal ad-hoc solutions for data processing and financial reporting. But those days are long gone.

Today, due to regulations like the:

  • Sarbanes-Oxley (SOX) Act,
  • Dodd-Frank Act,
  • IFRS (International Financial Reporting Standards),
  • E.U. Data Protection Directive,
  • Basel II,
  • NAIC Model Audit Rules,
  • FAS 157,
  • yes, there?s more ? and counting

a company can be bogged down when it tries to comply with such regulations while maintaining spreadsheet-reliant financial and information systems.

In an age where regulatory compliance have become part of the norm, companies need to enforce more stringent control measures like version control, access control, testing, reconciliation, and many others, in order to pass audits and to ensure that their spreadsheets are giving them only accurate and reliable information.

Now, the problem is, these control measures aren’t exactly tailor-made for a spreadsheet environment. While yes, it is possible to set up a spreadsheet and EUC control environment that utilises best practices, this is a potentially expensive, laborious, and time-consuming exercise, and even then, the system will still not be as foolproof or efficient as the regulations call for.

Testing and reconciliation alone can cost a significant amount of time and money to be effective:

  1. It requires multiple testers who need to test spreadsheets down to the cell level.
  2. Testers will have to deal with terribly disorganized and complicated spreadsheet systems that typically involve single cells being fed information by other cells in other sheets, which in turn may be found in other workbooks, or in another folder.
  3. Each month, an organisation may have new spreadsheets with new links, new macros, new formulas, new locations, and hence new objects to test.
  4. Spreadsheets rarely come with any kind of supporting documentation and version control, further hampering the verification process.
  5. Because Windows won’t allow you to open two Excel files with the same name simultaneously and because a succession of monthly-revised spreadsheets separated by mere folders but still bearing the same name is common in spreadsheet systems, it would be difficult to compare one spreadsheet with any of its older versions.

But testing and reconciliation are just two of the many activities that make regulatory compliance terribly tedious for a spreadsheet-reliant organisation. Therefore, the sheer intricacy of spreadsheet systems make examining and maintaining them next to impossible.

On the other hand, you can’t afford not to take these regulations seriously. Non-compliance with regulatory mandates can have dire consequences, not the least of which is the loss of investor confidence. And when investors start to doubt the management’s capability, customers will start to walk away too. Now that is a loss your competitors will only be too happy to gain.

Learn more about our server application solutions and discover a better way to comply with regulations.

More Spreadsheet Blogs


Spreadsheet Risks in Banks


Top 10 Disadvantages of Spreadsheets


Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry


How Internal Auditors can win the War against Spreadsheet Fraud


Spreadsheet Reporting – No Room in your company in an age of Business Intelligence


Still looking for a Way to Consolidate Excel Spreadsheets?


Disadvantages of Spreadsheets


Spreadsheet woes – ill equipped for an Agile Business Environment


Spreadsheet Fraud


Spreadsheet Woes – Limited features for easy adoption of a control framework


Spreadsheet woes – Burden in SOX Compliance and other Regulations


Spreadsheet Risk Issues


Server Application Solutions – Don’t let Spreadsheets hold your Business back


Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Check our similar posts

ISO in Energy management

Every industry has its own set levels of quality that are considered acceptable or desirable. Energy performance like any other field is governed by some set standards. These differ across regions but international standards do exist.

ISO 50001 is the international energy standard applicable to both large and small organisations irrespective of geographical, cultural or social conditions. It outlines the best energy management practices that are considered to be the best by specifying that an organisation must integrate an energy management system and institute an energy policy, objectives, targets, and action plans taking into account legal requirements and information related to significant energy use. The energy standard is applicable to organisations.

What’s the importance of attaining energy certification?

ISO certification in any industry is a demonstration of quality or that a service or product meets the expected service standards. In energy management, ISO certification is a demonstration that an organisation or company has implemented sustainable energy management systems, completed a baseline of energy use and, is committed to continuously improve its energy performance. In addition, ISO certification assists organisations in the following ways:

? Organisations are able to optimise the existing energy-consuming assets

? Offers guidance on bench-marking, measuring, documenting, and reporting energy intensity improvements and their projected impact on reducing GHG emissions

? Creates transparency and facilitates communication on the management of energy resources

? Promotes energy management best practices and reinforces good energy management behaviours

? Assists facilities in evaluating and prioritising the implementation of new energy-efficient technologies

? Provides a framework for promoting energy efficiency throughout the supply chain

? Facilitates energy management improvements in the context of GHG emission reduction projects: The reduction of carbon emissions means therefore an organisation is able to meet government carbon reduction targets by demonstrating environmental credentials. The accruing benefits are many, ranging from increased investor confidence to more tender opportunities

Energy management software plays a vital role in helping organisations comply with energy standards through improved performance across the various functions in an organisation.

What is Business Intelligence?

How well do you know your customers? That is, can you actually pinpoint which among them are you most profitable with and which are making you spend more? Are you content with the accuracy of your forecasts and market predictions? Do you feel you’re spending more on legal costs and regulatory compliance than you should?

Your IT department may be handling these concerns pretty well but perhaps you’d like to know how you can further improve things.

What we’ve got is an IT solution wrapped in a fancy name called ‘Business Intelligence’ or BI. If you think that’s too strong a term, we invite you to read more below, then you be the judge.

Dashboards – Determine the health of your business at a glance

Most drivers rarely make use of their car’s dashboard. After all, you can still reach your destination by just using the steering wheel, pedals, gear stick and so on. But that’s not exactly the most efficient way to drive, right?

If you want to save on fuel, you’ll want to glance on the RPM and speedometer from time to time. You might also want to utilise the trip meter to determine which route is the shortest to a given destination. Other dashboard components like the fuel gauge, tire pressure gauge, engine temperature indicator, and volt meter can likewise provide information about your car’s health.

The same concept applies to business management. If you want to run your business intelligently, you can make use of BI dashboards. These are tools in a typical business intelligence package that will allow you to determine the health of your business via a set of smartly configured gauges and other intuitive graphical representations.

So that, literally, at a mere glance, you’ll already know whether various units in your company are working efficiently. A dashboard will also give you instant feedback of the strategies you’ve recently implemented; to let you know if things are working as planned.

If you want more information than a dashboard can provide, our BI packages also include highly customised reports.

Reports that help you decide faster

Dashboards are great for getting valuable information at a glance but they won’t tell you everything. For more details, you’ll need to view highly customised reports. Our reports are tailor made for each user. We see to it that, by default, each person gets the information he needs the most.

If you belong to the sales department, you normally won’t need a presentation of the data that is appropriate for people in accounting. That way, you don’t spend time filtering. Instead, you and your people can move on to making well-informed decisions.

Our BI systems make use of your vast collection of data to provide reports that will organise your regulatory requirements and call your attention to approaching deadlines. The same system will provide the right information for your people on the field. If your team members are equipped with smart phones and Pocket PCs, they can retrieve whatever it is they need to know to close deals, make sales, and serve clients faster than the competition.

Generating logical information from disparate sources of data scattered over an enterprise-wide organisation is no easy task. But we’ll make it look simple. That’s because we’ve got the expertise to bring it all together into a robust data warehouse and to extract them in the form of reports and dashboards through OLAP.

OLAP and Data Warehousing – Powering the generation of actionable information

Want to know how to generate reports with the highest degree of accuracy and reliability? In theory, what you need is a single repository or a data warehouse. That is, order receipts, sales invoices, as well as customer & supplier data is integrated with regulatory details, personnel data, and others. These are all specially organised for future reporting and analysis.

However, data, no matter how all-embracing, is useless until it is processed into actionable information. Through OLAP or Online Analytical Processing, you can seamlessly collect all relevant data from your vast repository to answer queries like “What is our company’s profitability for the 2nd quarter in all identified key cities for our top-of-the-line products?”.

The strength of OLAP lies in its inherent ability to perform data analysis and very complex calculations, thus enabling it to return complex queries much faster than other database technologies. It is therefore suitable for very large data sources, i.e., data warehouses.

Dashboards and reports will only give your organisation the edge if the information retrieved is reliable, fast, and accurate – exactly the kind OLAP is so good at.

Mobile BI – Step back and see the big picture anytime, anywhere

Spreadsheets are great for displaying detailed information. However, in today’s highly competitive market, retrieving information that matters the most in the shortest possible time is vital in maintaining a sizeable lead over the competition. To step back and see the big picture, you’ll need insightful tools like dashboards and automatically generated reports.

Reports can be beamed to mobile devices such as smart phones and Pocket PCs. They can also be viewed on eBook readers as well. You can also do the same tasks with spreadsheets. But imagine how you’d need to scroll over a large spreadsheet on any of these mobile devices just to know which customer in your current location has performed well over the last month.

If you really want to make quick, well-informed decisions, BI dashboards for mobile devices is the way to go. You can make use of various business objects such as drill-able charts, performance metrics, and metric trend graphs to make crucial decisions even when on you’re in the field.

Transformation to a process based organisation

Today’s global marketplace rewards nimble organisations that learn and reinvent themselves faster than their competition. Employees at all levels of these organisations see themselves as members of teams responsible for specific business processes, with performance measures tied to the success of the enterprise. As team members, they are “owners” of the process (or processes) to which they are assigned. They are responsible for both the day to day functioning of their process(s), and also for continuously seeking sustainable process improvements.

Transforming a traditionally designed “top down control” enterprise to a process-based organisation built around empowered teams actively engaged in business process re-engineering (BPR) has proven more difficult than many corporate leaders have expected. Poorly planned transformation efforts have resulted in both serious impacts to the bottom line, and even more serious damage to the organisation’s fabric of trust and confidence in leadership.

Tomislav Hernaus, in a publication titled “Generic Process Transformation Model: Transition to Process-based Organisation” has presented an overview of existing approaches to organisational transformation. From the sources reviewed, Heraus has synthesised a set of steps that collectively represent a framework for planning a successful organisational change effort. Key elements identified by Hernaus include:

Strategic Analysis:

The essential first step in any transformation effort must be development of a clear and practical vision of a future organisation that will be able to profitably compete under anticipated market conditions. That vision must be expected to flex and adjust as understanding of future market conditions change, but it must always be stated in terms that all organisational members can understand.

Identifying Core Business Processes:

With the strategic vision for the organisation in mind, the next step is to define the core business processes necessary for the future organisation to function. These processes may exist across the legacy organisation’s organisational structures.

Designing around Core Processes:

The next step is development of a schematic representation of the “end state” company, organised around the Core Business Processes defined in the previous step.

Transitional Organisational Forms/ Developing Support Systems:

In his transformation model, Hernaus recognises that information management systems designed for the legacy organisation may not be able to meet the needs of the process management teams in the new organisation. Interim management structures (that can function with currently available IT system outputs) may be required to allow IT professionals time to redesign the organisation’s information management system to be flexible enough to meet changing team needs.

Creating Awareness, Understanding, and Acceptance of the Process-based Organisation:

Starting immediately after the completion of the Strategic Analysis process described above, management must devote sufficient resources to assure that all organisation members, especially key managers, have a full understanding of how a process-based organisation functions. In addition, data based process management skills need to be provided to future process team members. It is not enough to schedule communication and training activities, and check them off the list as they are completed. It is critical that management set behavioural criteria for communication and training efforts that allow objective evaluation of the results of these efforts. Management must commit to continuing essential communication and training efforts until success criteria are achieved. During this effort, it may be determined that some members of the organisation are unlikely to ever accept the new roles they will be required to assume in a process-based organization. Replacement of these individuals should be seen as both an organisational necessity and a kindness to the employees affected.

Implementation of Process Teams:

After the completion of required training AND the completion of required IT system changes, process teams can be formally rolled out in a planned sequence. Providing new teams with part time support by qualified facilitators during the firsts weeks after start-up can pay valuable long term dividends.

Team Skill Development and Continuous Process Improvement:

Providing resources for on-going skill development and for providing timely and meaningful recognition of process team successes are two keys for success in a process-based organisation. Qualified individuals with responsibility for providing training and recognition must be clearly identified and provided with sufficient budgetary resources.

The Hernaus model for transformation to a process based organisation is both well thought out and clear. His paper provides an ample resource of references for further study.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Ready to work with Denizon?

Contact Us Today