i-nth logo

Authors

Nolan Gesher

Abstract

Spreadsheets seem to be the perfect tool for managing critical data with flexibility and little or no overhead. Spreadsheets are often used to manage critical data, making them an essential decision-making tool. For example, data is extracted from spreadsheets and entered into a general ledger for corporate reporting to calculate business decisions.

Recent headlines have uncovered a number of spreadsheet-fraud related incidents that have cost the industry millions in financial losses. In a recent case, bank tellers manipulated large deposit tickets and the spreadsheets used to track them. This enabled them to hide the deposits and skim an estimated $3 million.

Regardless of the starting point, it is likely the use of spreadsheets in any organization is in dire need of control. An automated audit and control framework that can support all business lines across the organization is required to address this long-ignored, yet looming, area of hidden risk.

Sample

Control, audit and efficiency.

What is needed to meet the control, audit and efficiency requirements of enterprise spreadsheet use:

  • Discovery and assessment: Create an inventory of spreadsheets. Best done via an automated solution. Not all spreadsheets require the same level of audit and control.
  • Security: Password-protecting data relies on users. Automated solutions approach security from an enterprise perspective.
  • Control: Includes a need for audit capabilities to track all changes made within a spreadsheet and the ability to manage links between spreadsheets.
  • Analytics: Proactively look for anomalies at the cell level to alert users and reviewers of potential errors or fraud.
  • Operational efficiency: Automate manual, uncontrolled processes to save time, impact the bottom line and identify and reduce the number of spreadsheet errors.

Publication

2010, Operational Risk & Regulation, Volume 11, Number 2, February, pages 31-32

Full article

The hidden risk