Compliance-appropriate spreadsheet testing | Bibliography | Resources

A significant proportion of spreadsheets have severe quality problems.

The quality and reliability of spreadsheets is known to be poor.

Bishop & McDaid (2007)

Despite overwhelming and unanimous evidence... companies have continued to ignore spreadsheet error risks.

It is now widely accepted that errors in spreadsheets are both common and potentially dangerous.

Nixon & O'Hara (2010)

Spreadsheets contain errors at an alarmingly high rate.

Abraham, et al (2005)

Most large spreadsheets have dozens or even hundreds of errors.

Panko & Ordway (2005)

Spreadsheets are notoriously error-prone.

Cunha, et al (2011)

Studies have shown that there is a high incidence of errors in spreadsheets.

Csernoch & Biro (2013)

Spreadsheets are the most popular live programming environments, but they are also notoriously fault-prone.

Hermans & van der Storm (2015)

Spreadsheet errors are still the rule rather than the exception.

Nixon & O'Hara (2010)

Spreadsheet development must embrace extensive testing in order to be taken seriously as a profession.

Spreadsheets are often hard, if not impossible, to understand.

Mireault & Gresham (2015)

Errors in spreadsheets are as ubiquitous as spreadsheets themselves.

The results given by spreadsheets are often just wrong.

Sajaniemi (1998)

Research on spreadsheet errors is substantial, compelling, and unanimous.

Never assume a spreadsheet is right, even your own.

Raffensperger (2001)

Spreadsheets are alarmingly error-prone to write.

1% of all formulas in operational spreadsheets are in error.

Powell, Baker, & Lawson (2009)

The software that end users are creating... is riddled with errors.

Burnett & Myers (2014)

A lot of decisions are being made on the basis of some bad numbers.

...few incidents of spreadsheet errors are made public and these are usually not revealed by choice.

Kruck & Sheetz (2001)

Spreadsheets are extraordinarily and unacceptably prone to error.

Spreadsheets are more fault-prone than other software.

Kulesz & Ostberg (2013)

The untested spreadsheet is as dangerous and untrustworthy as an untested program.

Spreadsheet shortcomings can significantly hamper an organization's business operation.

Reschenhofer & Matthes (2015)

Developing an error-free spreadsheet has been a problem since the beginning of end-user computing.

Mireault (2015)

Untested spreadsheets are riddled with errors.

Spreadsheets are commonly used and commonly flawed.

Caulkins, Morrison, & Weidemann (2008)

Spreadsheets... pose a greater threat to your business than almost anything you can imagine.

Spreadsheet errors have resulted in huge financial losses.

Abraham & Erwig (2007)

Spreadsheets are easy to use and very hard to check.

Chen & Chan (2000)

Spreadsheet errors are pervasive, stubborn, ubiquitous and complex.

Every study that has looked for errors has found them... in considerable abundance.

Panko & Halverson (1996)

The issue is not whether there is an error but how many errors there are and how serious they are.

Spreadsheets have a notoriously high number of faults.

Rust, et al (2006)

Spreadsheets can be viewed as a highly flexible programming environment for end users.

Abreu, et al (2015)

It is irrational to expect large error-free spreadsheets.

Even obvious, elementary errors in very simple, clearly documented spreadsheets are... difficult to find.

Galletta, et al (1993)

60% of large companies feel 'Spreadsheet Hell' describes their reliance on spreadsheets.

94% of the 88 spreadsheets audited in 7 studies have contained errors.

Most executives do not really check or verify the accuracy or validity of [their] spreadsheets...

Teo & Tan (1999)

Programmers exhibit unwarranted confidence in the correctness of their spreadsheets.

Krishna, et al (2001)

Spreadsheet errors... a great, often unrecognised, risk to corporate decision making & financial integrity.

Chadwick (2002)

Spreadsheets are dangerous to their authors and others.

Durusau & Hunting (2015)

Your spreadsheets may be disasters in the making.

Caulkins, Morrison, & Weidemann (2006)

Despite being staggeringly error prone, spreadsheets are a highly flexible programming environment.

Abreu, et al (2015)

Overconfidence is one of the most substantial causes of spreadsheet errors.

Sakal, et al (2015)

Every study, without exception, has found error rates much higher than organizations would wish to tolerate.

Errors in spreadsheets... result in incorrect decisions being made and significant losses incurred.

Beaman, et al (2005)

People tend to believe their spreadsheets are more accurate than they really are.

Caulkins, Morrison, & Weidemann (2006)

Spreadsheet bibliography

Title	Compliance-appropriate spreadsheet testing
Authors	Raymond R. Panko
Year	2006
Type	Proceedings
Publication	12th Americas Conference on Information Systems
Series	August, Paper 130, pages 980-986
Abstract	Sarbanes–Oxley compliance requirements have forced firms to look at their use of spreadsheets in financial reporting. They are finding that they have many spreadsheets and that testing and other formal development disciplines are rare. The literature on spreadsheet errors has shown that without strong controls, most spreadsheets will have material errors; this means that firms that use uncontrolled spreadsheets cannot plausibly claim to be in compliance with Sarbanes–Oxley. This paper looks at a promising control discipline for bringing spreadsheets into Sarbanes–Oxley compliance, namely logic inspection testing following the traditional Fagan (1976) methodology created for software testing.
Full version	Available
Sample	The Fagan method The basic methodology of software code inspection was laid down by Fagan (1976), and it still is the main methodology for code inspection today. In this methodology, there are four phases: Initial meeting. The process begins with an introductory meeting for the team. At this meeting, the code developer describes the requirements of the module and walks the team through the code. Individual inspection. After the meeting, the team members inspect the module individually, looking for errors. There normally is a time limit for this. Often, this time limit is about two hours. Concluding meeting. After the team members have finished their individual inspections, the team holds a concluding meeting at which the team members go over the errors discovered by the individual members and perhaps look for additional errors. They attempt to develop a consensus about which defect reports are real and to rate the severity of defects. They do not attempt to fix the errors, however. Reporting. One tenet of code inspection is that results should be summarized and reported. Reporting results is critical for learning. Most of what we know about software error rates comes from code inspection reports.

Go to bibliography

Featured

Hire us