How Internal Auditors can win The War against Spreadsheet Fraud

To prevent another round of million dollar scandals due to fraudulent manipulations on spreadsheets, regulatory bodies have launched major offensives against these well-loved User Developed Applications (UDAs). Naturally, internal auditors are front and center in carrying out these offensives.

While regulations like the Sarbanes-Oxley Act, Dodd-Frank Act, and Solvency II can only be effective if end users are able to carry out the activities and practices required of them, auditors need to ascertain that they have. Sad to say, when it comes to spreadsheets, that is easier said than done.

Because spreadsheets are loosely distributed by nature, internal auditors always find it hard to: locate them, identify ownership, and trace their relationships with other spreadsheets. Now, we’re still talking about naturally occurring spreadsheets. How much more with files that have been deliberately tampered?

Spreadsheets can be altered in a variety of ways, especially if the purpose is to conceal fraudulent activities. Fraudsters can, for instance:

  • hide columns or rows,
  • perform conditional formatting, which changes the appearance of cells depending on certain values
  • replace cell entries with false values either through direct input or by linking to other spreadsheet sources
  • apply small, incremental changes in multiple cells or even spreadsheets to avoid detection
  • design macros and user defined functions to carry out fraudulent manipulations automatically

Recognising the seemingly insurmountable task ahead, the Institute of Internal Auditors released a guide designed specifically for the task of auditing user-developed applications, which of course includes spreadsheets.

But is this really the weapon internal auditors should be wielding in their quest to bring down spreadsheet fraud? Our answer is no. In fact, we believe no such weapon has to be wielded at all?because the only way to get rid of spreadsheet fraud is to eliminate spreadsheets once and for all.

Imagine how easy it would be for internal auditors to conduct their audits if data were kept in a centralised server instead of being scattered throughout the organisation in end-user hard drives.

And that’s not all. Because a server-based solution can be configured to have its own built-in controls, all your data will be under lock and key; unlike spreadsheet-based systems wherein storing a spreadsheet file inside a password-protected workstation does not guarantee equal security for all the other spreadsheets scattered throughout your company.

Learn more about Denizon’s server application solutions and discover a more efficient way for your internal auditors to carry out their jobs.

More Spreadsheet Blogs

 

Spreadsheet Risks in Banks

 

Top 10 Disadvantages of Spreadsheets

 

Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry

 

How Internal Auditors can win the War against Spreadsheet Fraud

 

Spreadsheet Reporting – No Room in your company in an age of Business Intelligence

 

Still looking for a Way to Consolidate Excel Spreadsheets?

 

Disadvantages of Spreadsheets

 

Spreadsheet woes – ill equipped for an Agile Business Environment

 

Spreadsheet Fraud

 

Spreadsheet Woes – Limited features for easy adoption of a control framework

 

Spreadsheet woes – Burden in SOX Compliance and other Regulations

 

Spreadsheet Risk Issues

 

Server Application Solutions – Don’t let Spreadsheets hold your Business back

 

Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

 

Check our similar posts

Malware

In the past, viruses were created with the sole purpose of wreaking havoc on the infected systems. A large fraction of today’s malware, on the other hand, are designed to generate revenues for the creator. Spyware, botnets, and keyloggers steal information from your system or control it so that someone else can profit. In other words, the motivation for making them is now more attractive than before.

Keyloggers can reveal your usernames, passwords, PIN numbers, and other authentication information to their creators by recording your key strokes. This information can then be used for breaking into various accounts: credit cards, payment programs (like PayPal), online banks, and others. You’re right, keyloggers are among the favourite tools of individuals involved in identity theft.

Much like the viruses of old, most present day malware drain the resources, such as memory and hard disk space, of contaminated systems; sometimes forcing them to crash. They can also degrade network performance and in extreme cases, may even cause a total collapse.

If that’s not daunting enough, imagine an outbreak in your entire organisation. The damage could easily cost your organisation thousands of euros to repair. That’s not even counting yet the value of missed opportunities.

Entry points for malware range from optical disks, flash drives, and of course, the Internet. That means, your doors could be wide open to these attacks at this very moment.

Now, we’re not here to promise total invulnerability, as only an unplugged computer locked up in a vault will ever be totally safe from malware. Instead, this is what we’ll do:

  • Perform an assessment of your computer usage practices and security policies. Software and hardware alone won’t do the trick.
  • Identify weak points as well as poor practices and propose changes wherever necessary. Weak points and poor practices range from the use of perennial passwords and keeping old, unused accounts to poorly configured firewalls.
  • Install malware scanners and firewalls and configure them for maximal protection with minimal effect on network and system performance.
  • Implement regular security patches.
  • Conduct a regular inspection on security policy compliance as well as a review of the policies to see if they are up to date with the latest threats.
  • Keep an audit trail for future use in forensic activities.
  • Establish a risk management system.
  • Apply data encryption where necessary.
  • Implement a backup system to make sure that, in a worst case scenario, archived data is safe.
  • Propose data replication so as to mitigate the after effects of data loss and to ensure your company can proceed with ‘business as usual’.

Once we’ve worked with you to make all these happen, you’ll be able to sleep better.

Other defences we’re capable of putting up include:

Reducing Your Carbon Footprint

Climate change creates a loud buzz across the globe. People are talking about how extreme the weather is, how polluted the environment has become or how devastating the results of carbon emissions are. While it is true that humans contribute a large impact to the worsening climate situations, people are also the most influential key towards making this world a better place. As much as the increase in carbon emissions results from what you do, the healthy change can also start in you.

Although it is a bit difficult to determine what you can do to help the society, do not be disheartened. The devastating forces may be massive for you to work through, but there are countless simple actions?you can take to reduce your carbon footprints day by day.

Home

While you are in the comfort of your home, you can start saving energy to reduce your carbon emission. You could’replace your standard light bulbs with compact fluorescent ones. A compact fluorescent bulb saves more than 2/3rds or up to 1,300 pounds of carbon dioxide in its lifetime. This bulb contains mercury, so make sure to choose a brand that has lower mercury than others.

Another thing, you can do to reduce your carbon footprint at home, is to mind your electronics. When you do not use your gadgets and appliances, make sure you unplug them. If you buy new ones, take time to look at the energy rating of the electronics to save you more energy in future use.

Alternative renewable energy is also a good thing to shift into. Try solar, hydro or wind power at home. Setting up your own residential solar panels and building your own turbines are excellent ways to choose green energy.

Food

The food industry is one of the largest contributors of carbon emissions. You may not have control over the food processing, but you can lower your carbon footprint by buying local products in the market. These local products are not transported from far off places, so the carbon dioxide released from them is lower compared to imported ones. Take a look at the packaging as well; less packaging means less waste.

If you have a big backyard, you could use your it to grow food. ?Eating food, either fruit or vegetable, which you grow at home is energy efficient. No more fuel combustion from transportation and other consequent food processing.

Travel

When you have your own car, accelerating it slowly and smoothly, as well as maintaining speed while driving will help lower your carbon emissions. If you drive a lot, it would be better to get a green car. As of now, you can consider using?public transportation and go for road travel rather than air travel when you take long distance trips. But when you need to take planes, better choose a non-stop flight instead of connecting ones.

Indeed, there are many ways you can combat global warming and climate change. The road to improved life quality through energy efficiency might be hard, but a transformed lifestyle can make a big difference. Start now ? lighten your carbon footprint and help save the world.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
What are Operational Reviews

Faced with growing competition, businesses continually need to find new innovative solutions and ideas to improved organizational performance, especially in various cut-throat industries where innovation and good management can make or break the company.

This is the reason why, businesses place greater emphasis on the evaluation of efficiency, effectiveness, and economics of its operations.

Conducting regular Operational Reviews are key to keeping your company at peak performance.

What is an Operational Review

An operational review is an in-depth and objective review of an entire organization or a specific segment of that organization. It can be used to identify and address existing concerns within your company such as communication issues between departments, problems with customer relations, operating procedures, lack of profitability issues, and other factors that affect the stability of the business.

Operational reviews allow the organization members to evaluate how well they are performing, given that they perform appropriately according to the procedures set by them, allocating their resources properly, and performing such tasks within time frame set and using cost-effective measures. More importantly, it also shows your company how well it is prepared to meet future challenges.

What are the objectives of an Operational Review

The goals of an operational review are to increase revenue, improve market share, and reduce cost.

An operational review allows the management to see their company in a different light i.e a larger perspective. That is, it gives the management the opportunity to evaluate if the entrusted resources were used wisely to achieve the desired results of operations.

Operational reviews provide a comprehensive assessment of authority in that they help define expectations, and empower people within an organization to enact? up on it. This is due feedback provided will help them to better gauge the value of tasks performed and whether the job is being done the right or wrong way, and on what areas the company can excel and improve on.

The whole is greater than the sum of its parts

Questions worth considering in an Operational Review

Are you able to view your own organization as a whole from an objective angle?

Do the different departments complement each other so that they form a cohesive unit that boosts your business in the right direction?

With our comprehensive assessment of your organization?s current systems, operations, processes, and strategies, our operational review programs aim to help you in achieving these lofty goals: to improve business profitability and identify incompetence in both operations and organizational systems.

Benefits of an Operational Review

The main objective of an operational review is to help organizations like yours to learn how to deal with and address issues, instead of simply reacting to the challenges brought about by growth and change.

Information and data gathered in an Operational Review is practical from both a financial and operational perspective. Using? data, management can then formulate recommendations, which are not only realistic, but more importantly, can help the organization achieve its goals.

The Operational Review recognizes the extent to which your internal controls actually work, and enables you to identify and understand your strengths, weaknesses, opportunities and threats.

What should be included in an operational review

  • Assess compliance within your own organizational objectives, policies and procedures
  • Evaluate specific company operations independently and objectively
  • Impartial assessment regarding the effectiveness of an organization’s control systems
  • Identify the appropriate standards for quantifying achievement of organizational objectives
  • Evaluate the reliability and value of the company’s management data and reports
  • Pinpoint problem areas and their underlying causes
  • Identify opportunities to increase profit, augment revenue, and reduce costs without sacrificing the quality of the product or service.

More Operational Review Blogs

 

Carrying out an Operational Review

 

Operational Reviews

 

Operational Efficiency Initiatives

 

Operational Review Defined

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Ready to work with Denizon?

Contact Us Today