Compliance-appropriate spreadsheet testing | Bibliography | Resources

Spreadsheets are often hard, if not impossible, to understand.

Mireault & Gresham (2015)

The untested spreadsheet is as dangerous and untrustworthy as an untested program.

Programmers exhibit unwarranted confidence in the correctness of their spreadsheets.

Krishna, et al (2001)

Even obvious, elementary errors in very simple, clearly documented spreadsheets are... difficult to find.

Galletta, et al (1993)

Every study, without exception, has found error rates much higher than organizations would wish to tolerate.

Spreadsheets can be viewed as a highly flexible programming environment for end users.

Abreu, et al (2015)

Errors in spreadsheets... result in incorrect decisions being made and significant losses incurred.

Beaman, et al (2005)

Spreadsheet errors have resulted in huge financial losses.

Abraham & Erwig (2007)

Spreadsheet errors... a great, often unrecognised, risk to corporate decision making & financial integrity.

Chadwick (2002)

...few incidents of spreadsheet errors are made public and these are usually not revealed by choice.

Kruck & Sheetz (2001)

Spreadsheet development must embrace extensive testing in order to be taken seriously as a profession.

A lot of decisions are being made on the basis of some bad numbers.

1% of all formulas in operational spreadsheets are in error.

Powell, Baker, & Lawson (2009)

Spreadsheets are easy to use and very hard to check.

Chen & Chan (2000)

Despite overwhelming and unanimous evidence... companies have continued to ignore spreadsheet error risks.

It is irrational to expect large error-free spreadsheets.

Untested spreadsheets are riddled with errors.

Errors in spreadsheets are as ubiquitous as spreadsheets themselves.

Spreadsheets are alarmingly error-prone to write.

A significant proportion of spreadsheets have severe quality problems.

Spreadsheet shortcomings can significantly hamper an organization's business operation.

Reschenhofer & Matthes (2015)

Spreadsheets contain errors at an alarmingly high rate.

Abraham, et al (2005)

Spreadsheets are more fault-prone than other software.

Kulesz & Ostberg (2013)

Studies have shown that there is a high incidence of errors in spreadsheets.

Csernoch & Biro (2013)

Spreadsheets are extraordinarily and unacceptably prone to error.

The software that end users are creating... is riddled with errors.

Burnett & Myers (2014)

Spreadsheet errors are still the rule rather than the exception.

Nixon & O'Hara (2010)

It is now widely accepted that errors in spreadsheets are both common and potentially dangerous.

Nixon & O'Hara (2010)

The results given by spreadsheets are often just wrong.

Sajaniemi (1998)

People tend to believe their spreadsheets are more accurate than they really are.

Caulkins, Morrison, & Weidemann (2006)

Most large spreadsheets have dozens or even hundreds of errors.

Panko & Ordway (2005)

94% of the 88 spreadsheets audited in 7 studies have contained errors.

Overconfidence is one of the most substantial causes of spreadsheet errors.

Sakal, et al (2015)

Your spreadsheets may be disasters in the making.

Caulkins, Morrison, & Weidemann (2006)

The quality and reliability of spreadsheets is known to be poor.

Bishop & McDaid (2007)

Spreadsheets have a notoriously high number of faults.

Rust, et al (2006)

Despite being staggeringly error prone, spreadsheets are a highly flexible programming environment.

Abreu, et al (2015)

Spreadsheets... pose a greater threat to your business than almost anything you can imagine.

Every study that has looked for errors has found them... in considerable abundance.

Panko & Halverson (1996)

Spreadsheets are dangerous to their authors and others.

Durusau & Hunting (2015)

Most executives do not really check or verify the accuracy or validity of [their] spreadsheets...

Teo & Tan (1999)

Spreadsheet errors are pervasive, stubborn, ubiquitous and complex.

Research on spreadsheet errors is substantial, compelling, and unanimous.

Developing an error-free spreadsheet has been a problem since the beginning of end-user computing.

Mireault (2015)

60% of large companies feel 'Spreadsheet Hell' describes their reliance on spreadsheets.

Never assume a spreadsheet is right, even your own.

Raffensperger (2001)

Spreadsheets are the most popular live programming environments, but they are also notoriously fault-prone.

Hermans & van der Storm (2015)

Spreadsheets are commonly used and commonly flawed.

Caulkins, Morrison, & Weidemann (2008)

The issue is not whether there is an error but how many errors there are and how serious they are.

Spreadsheets are notoriously error-prone.

Cunha, et al (2011)

Spreadsheet bibliography

Title	Compliance-appropriate spreadsheet testing
Authors	Raymond R. Panko
Year	2006
Type	Proceedings
Publication	12th Americas Conference on Information Systems
Series	August, Paper 130, pages 980-986
Abstract	Sarbanes–Oxley compliance requirements have forced firms to look at their use of spreadsheets in financial reporting. They are finding that they have many spreadsheets and that testing and other formal development disciplines are rare. The literature on spreadsheet errors has shown that without strong controls, most spreadsheets will have material errors; this means that firms that use uncontrolled spreadsheets cannot plausibly claim to be in compliance with Sarbanes–Oxley. This paper looks at a promising control discipline for bringing spreadsheets into Sarbanes–Oxley compliance, namely logic inspection testing following the traditional Fagan (1976) methodology created for software testing.
Full version	Available
Sample	The Fagan method The basic methodology of software code inspection was laid down by Fagan (1976), and it still is the main methodology for code inspection today. In this methodology, there are four phases: Initial meeting. The process begins with an introductory meeting for the team. At this meeting, the code developer describes the requirements of the module and walks the team through the code. Individual inspection. After the meeting, the team members inspect the module individually, looking for errors. There normally is a time limit for this. Often, this time limit is about two hours. Concluding meeting. After the team members have finished their individual inspections, the team holds a concluding meeting at which the team members go over the errors discovered by the individual members and perhaps look for additional errors. They attempt to develop a consensus about which defect reports are real and to rate the severity of defects. They do not attempt to fix the errors, however. Reporting. One tenet of code inspection is that results should be summarized and reported. Reporting results is critical for learning. Most of what we know about software error rates comes from code inspection reports.

Go to bibliography

Featured

Hire us