i-nth logo

Authors

Paul Bordelon

Abstract

Spreadsheet applications are vital tools that accountants, auditors, and their clients use daily. The data that spreadsheets generate by processing input, formulas, macros, and other functions enables organizations to provide information ranging in importance from bank reconciliations to financial statements submitted to market regulatory agencies.

Given the pervasive use of spreadsheets and their impact on financial reporting, US publicly traded companies must address security and data integrity controls to comply with requirements of Section 404 of the US Sarbanes-Oxley Act of 2002.

Password protection is a preventive control over unauthorized access to spreadsheets. Another preventive control that aids spreadsheet security and data integrity is spreadsheet protection, which prevents unauthorized updates to entire workbooks.

Setting access controls, locking workbooks, and tracking changes can help auditors and their clients mitigate the security and data integrity risks that are inherent with spreadsheet applications.

Sample

Auditors and their clients can mitigate risks using the preventive and detective application controls built into Excel:

  • Restricting access. Auditors can recommend that their clients use password protection to restrict unauthorized users from altering financially sensitive information.
  • Locking workbooks and cells. Spreadsheet protection can prevent unauthorized updates to entire workbooks or specific cells.
  • Change control. Excel's "Track Changes" feature catalogs alterations made to entire spreadsheets or individual cells, enabling spreadsheet users or auditors to see the history of changes and to check the validity of changes made.

Publication

2006, The Internal Auditor, Volume 63, number 3, June, pages 29-32

Full article

Not available