|Title||Compliance-appropriate spreadsheet testing|
|Authors||Raymond R. Panko|
|Publication||12th Americas Conference on Information Systems|
|Series||August, Paper 130, pages 980-986|
Sarbanes–Oxley compliance requirements have forced firms to look at their use of spreadsheets in financial reporting. They are finding that they have many spreadsheets and that testing and other formal development disciplines are rare.
The literature on spreadsheet errors has shown that without strong controls, most spreadsheets will have material errors; this means that firms that use uncontrolled spreadsheets cannot plausibly claim to be in compliance with Sarbanes–Oxley.
This paper looks at a promising control discipline for bringing spreadsheets into Sarbanes–Oxley compliance, namely logic inspection testing following the traditional Fagan (1976) methodology created for software testing.
The basic methodology of software code inspection was laid down by Fagan (1976), and it still is the main methodology for code inspection today. In this methodology, there are four phases: