Spreadsheet bibliography

Title Governance of spreadsheets through spreadsheet change reviews
Authors Miguel Ferreira & Joost Visser
Year 2012
Type Proceedings
Publication EuSpRIG
Series July
Abstract

We present a pragmatic method for management of risks that arise due to spreadsheet use in large organizations.

We combine peer-review, tool-assisted evaluation and other pre-existing approaches into a single organization-wide approach that reduces spreadsheet risk without overly restricting spreadsheet use. The method was developed in the course of several spreadsheet evaluation assignments for a corporate customer.

Our method addresses a number of issues pertinent to spreadsheet risks that were raised by the Sarbanes-Oxley act.

Full version Available
Sample
Workflow of spreadsheet change reviews
Workflow of spreadsheet change reviews

The core of this approach is a lightweight auditing process for spreadsheet changes. The user asks a colleague to conduct a review and makes a formal statement.

If the reviewer finds the change to be correct and to not introduce additional risks, then he formally states that, and the user proceeds with use of the spreadsheet.

If the reviewer does not feel confident about the correctness of the change or the impact it might have, then he will decline to share the responsibility for it. The user may then ask for a tool-assisted evaluation of the spreadsheet.