How Internal Auditors can win The War against Spreadsheet Fraud

To prevent another round of million dollar scandals due to fraudulent manipulations on spreadsheets, regulatory bodies have launched major offensives against these well-loved User Developed Applications (UDAs). Naturally, internal auditors are front and center in carrying out these offensives.

While regulations like the Sarbanes-Oxley Act, Dodd-Frank Act, and Solvency II can only be effective if end users are able to carry out the activities and practices required of them, auditors need to ascertain that they have. Sad to say, when it comes to spreadsheets, that is easier said than done.

Because spreadsheets are loosely distributed by nature, internal auditors always find it hard to: locate them, identify ownership, and trace their relationships with other spreadsheets. Now, we’re still talking about naturally occurring spreadsheets. How much more with files that have been deliberately tampered?

Spreadsheets can be altered in a variety of ways, especially if the purpose is to conceal fraudulent activities. Fraudsters can, for instance:

  • hide columns or rows,
  • perform conditional formatting, which changes the appearance of cells depending on certain values
  • replace cell entries with false values either through direct input or by linking to other spreadsheet sources
  • apply small, incremental changes in multiple cells or even spreadsheets to avoid detection
  • design macros and user defined functions to carry out fraudulent manipulations automatically

Recognising the seemingly insurmountable task ahead, the Institute of Internal Auditors released a guide designed specifically for the task of auditing user-developed applications, which of course includes spreadsheets.

But is this really the weapon internal auditors should be wielding in their quest to bring down spreadsheet fraud? Our answer is no. In fact, we believe no such weapon has to be wielded at all?because the only way to get rid of spreadsheet fraud is to eliminate spreadsheets once and for all.

Imagine how easy it would be for internal auditors to conduct their audits if data were kept in a centralised server instead of being scattered throughout the organisation in end-user hard drives.

And that’s not all. Because a server-based solution can be configured to have its own built-in controls, all your data will be under lock and key; unlike spreadsheet-based systems wherein storing a spreadsheet file inside a password-protected workstation does not guarantee equal security for all the other spreadsheets scattered throughout your company.

Learn more about Denizon’s server application solutions and discover a more efficient way for your internal auditors to carry out their jobs.

More Spreadsheet Blogs

 

Spreadsheet Risks in Banks

 

Top 10 Disadvantages of Spreadsheets

 

Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry

 

How Internal Auditors can win the War against Spreadsheet Fraud

 

Spreadsheet Reporting – No Room in your company in an age of Business Intelligence

 

Still looking for a Way to Consolidate Excel Spreadsheets?

 

Disadvantages of Spreadsheets

 

Spreadsheet woes – ill equipped for an Agile Business Environment

 

Spreadsheet Fraud

 

Spreadsheet Woes – Limited features for easy adoption of a control framework

 

Spreadsheet woes – Burden in SOX Compliance and other Regulations

 

Spreadsheet Risk Issues

 

Server Application Solutions – Don’t let Spreadsheets hold your Business back

 

Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

 

Check our similar posts

The Matrix Management Structure

Organizations exploit matrix management in various ways. A company, for instance, that operates globally uses it at larger scale by giving consistent products to various countries internationally. A business entity, having many products, does not assign its people to each product full-time but assign those to different ones on a part time basis, instead. And when it comes to delivering high quality and low cost products, companies overcome industry pressures with the help of many overseeing managers. In a rapidly changing environment, organizations respond quickly by sharing information through a matrix model.

Understanding the Matrix Management Structure

A basic understanding of matrix management starts with the three key roles and responsibilities that applies in the structure.

  • Matrix Leader ? The common person above all the matrix bosses is the matrix leader. He ensures that the balance of power is maintained in the entire organization by delegating decisions and promoting collaboration among the people.
  • Matrix Managers ? The managers cooperate with each other by defining the respective activities that they are responsible for.
  • Matrix Employees – The employees have lesser direct authority but has more responsibilities. They resolve differing demands from more than one matrix managers while they work things out upwards. Their loyalty must be dual and their relationships with managers must be maintained.

Characteristics of a Matrix Structure

Here are some features that define the matrix management structure:

  • Hybrid Structure ?The matrix structure is a mix of functional and project organization. Since it is a combination of these two, matrix management is hybrid in nature.
  • Functional Manager ? When it comes to the technical phases of the project, the functional manager assumes responsibility. The manager decides on how to get the project done, delegates the tasks to the subordinates and oversees the operational parts of the organization.
  • Project Manager ? The project manager has full authority in the administrative phases, including the physical and financial resources needed to complete the project. The responsibilities of a project manager comprise deciding on what to do, scheduling the work, coordinating the activities to diverse functions and evaluating over-all project performance.
  • Specialization ?As the functional managers concentrate on the technical factors, the project managers focus on administrative ones. Thus, in matrix management, there is specialization.
  • Challenge in Unity of Command ? Companies that employs matrix management usually experience a problem when it comes to the unity of command. This is largely due to the conflicting orders from the functional and project managers.

Types of Matrix Structure

The matrix management structure can be classified according to the level of power of the project manager. Here are three distinct types of matrix structures that are widely used by organizations.

  • Weak Matrix ? The project manager has limited authority and power as the functional manager controls the budget of the project. His role is only part-time and more like a coordinator.
  • Strong Matrix ? Here, the project manager has almost all the authority and power. He controls the budget, holds the full time administrative project management and has a full time role.
  • Balanced Matrix ? In this structure type, both the project and functional managers control the budget of the project. The authority and power is shared by the two as well. Although the project manager has a full time role, he only has a part time authority for the administrative staff to report under his leadership.

Successful companies of today venture more on enhancing the abilities, skills, behavior and performances of their managers than the pursuit of finding the best physical structure. Indeed, learning the fundamentals of the matrix structure is essential to maximize its efficiency. A senior executive pointed out that one of the challenges in matrix management is not more of building a structure but in creating the matrix to the mind of the managers. This comes to say that matrix management is not just about the structure, it is a frame in the mind.

Operational Efficiency Initiatives

When was the last time you checked your technology spending against your IT infrastructure’s contribution to the bottom line?

Chances are, what’s happening underneath all those automated processes, expensive hardware, and fancy graphical user interfaces is not doing your bottom line any good.

If you don’t keep a watchful eye, your IT operations can easily nurture a lot of wastage and unnecessary costs. Underutilised servers, duplicate processes, poorly managed bandwidths, and too much complexity are among the common culprits.

For minor problems, we can eliminate wastage by setting up some technology enhancements, instilling best practices, and performing a few tweaks. However, if you’re not adequately trained on how to go about with it, your band-aid solutions can add more complexity to the mix.

Of course, there will always come a time when you will have to spend on new technologies to maintain the overall efficiency of your IT infrastructure. Whether you intend to purchase new hardware or software applications or build an entirely new infrastructure, the sheer cost of such undertakings warrants seeking expert advice.

Failure to do so can result in fragmented resources lacking in cohesiveness, which don’t contribute to efficiency at all.

Our solutions for improving operational efficiencies cover the entire spectrum: from planning what to buy, optimising what you’ve already bought, to making your team comfortable with them all. Please find time to view our solutions below and uncover ways to drive those profits up even as you work within your budget.

 

More Operational Review Blogs

 

Carrying out an Operational Review

 

Operational Reviews

 

Operational Efficiency Initiatives

 

Operational Review Defined

 

Symbion Pharmacy Services? Definition of Responsibility

A ?symbion? is an organism in a symbiotic (i.e. mutually beneficial) relationship with another one. In the case of Australia?s giant Symbion Pharmacy Services, this means supplying and delivering over-counter Chemmart medicines to more than 3,000 hospital and retail pharmacies, while remaining mindful of its carbon footprint.

In 1999, the company with the tagline ?life matters? and a desire to be seen as ?a good corporate citizen? decided it was time to measure exactly what it was pumping out from 12 facilities and over 200 vehicles. This was a voluntary decision as even now there is still no carbon emissions law in Australia (although no doubt being a ?first mover? will put the company in a competitive position when this inevitably comes).

Symbion decided to install emission detection devices and connect these to a central monitoring system with the intention of managing what these measured. There were two stages to this process. First, Symbion determined its reporting requirements based on one of its larger warehouses. Following that, it established a carbon footprint for each of its wholly owned and managed facilities. This put it in a position to:

  • Analyse total emissions down to a level of detail where it understood the contribution of each source
  • Use big data management tools to identify carbon hotspots for priority remedial action
  • Inform the affected workforce, explain the monitoring system and keep them in the loop
  • Separately manage energy abatement programs such as lighting and delivery routes

The program also had productivity spin-offs in that it focused management attention on the processes behind the emissions that were ripe for material and system improvements. It also provided marketing leverage. Symbion?s customers are in the wellness business, ahead of the curve when it comes to how emissions contribute to chronic illness, and aware of the cost of this in terms of human capital.

EcoVaro could help you manage your throughputs by analysing your data on our cloud-based system. This includes trending your metrics, comparing them to your industry seasonal average, and providing you with a business-like view of how well you are doing.

Our service reduces your reliance on (and the cost of) third party audits, and simplifies the reporting process to your controlling authority. It simply makes more sense to contract your software out this way, and only pay for it when you need it.

Ready to work with Denizon?

Contact Us Today