To Err in Spreadsheets Is Human - Greater Enterprise Control Through Comprehensive GRC
To err is human – and people do make mistakes in all factors of their lives. Among family and friends, little mishaps are often taken lightly. In a business environment, however, they can quickly snowball into real financial and reputational risks. In a GRC environment, companies must avoid mistakes at all costs in order to uphold regulatory guidelines and make strategically sound decisions. Yet this is only possible when decisions are made based on accurate data with audit-proof archiving. Spreadsheet programs such as Excel are counterproductive because they lack these necessary functions and, therefore, cannot meet the rising challenges of a digital, globally connected business world.
Excerpt
- Excel: Popular but risky in business
What do JP Morgan, Harvard University and the British Intelligence Agency MI5 all have in common? All three organizations have had painful experiences with Excel and spreadsheets. The one wire tapped the wrong phones due to a formatting error. The others accidentally hid contracts instead of deleting them or made fatal calculation errors. In each case, spreadsheets caused a financial and PR nightmare for the organizations involved. Although the reasons for the failures were all very different, they still share a common thread. Spreadsheets are highly prone to error - and risky in business. The time has come for organizations to rethink the way...
- Excel in numbers
To err is human - and people do make mistakes in all factors of their lives. Among family and friends, little mishaps are often taken lightly. In a business environment, however, they are irritating at best. In a worst-case scenario, unintentional mistakes can pose serious financial or reputational risks. This is clearly the case with spreadsheets according to Brand eins, which exposed that around 95 percent of Excel sheets contain errors. The software company Alasco estimates a similar magnitude, stating that 88 percent of all worksheets with more than 150 rows contain massive, proven errors. Just as you can expect people to make mistakes, you can...
- A profound GRC strategy beyond excel
As the numbers show, Excel usage is massive. But quantity and quality are two separate things. Modern enterprise management requires an integrated concept - on every level and throughout the entire organization. Executives today face a complete spectrum of challenges, all in which spreadsheets quickly reach their limitations. Organizations of all sizes and industries are battling a plethora of...
- Spreadsheet risk: an opportunity?
Spreadsheets create weak links and large gaps throughout process mapping, making it difficult to control potential risks. But this risk also poses an opportunity for organizations. Samuel Brandstätter, Head of Product Line GRC & Managing Director GBTEC Austria, explains, “Excel can no longer handle the rising challenges of a modern, targeted enterprise management in a digital, globally connected business world. And that holds true on enterprise process and management levels as well as in light of vital soft skills related to people and corporate culture. Human resources as well as the interrelated corporate culture are decisive factors that still don’t receive adequate attention in the larger scope of risk management. Instead, organizations attempt to use lists, sometimes even spreadsheets, to measure and rate their own HR structures as well as...
- Transparency and monitoring: in search of a complete process
In order to address the known risks related to the fallibilities of spreadsheets, companies need to identify and map external risk factors. This is crucial so that decision-makers can lead their companies through unknown territory in a time of rampant change. The breadth of these risks range from...
- Seeing the light about shadow IT
Knowing that shadow IT is a problem is not enough. Supervisory boards are focusing their attention on disparate IT systems developed in house. In Germany’s financial service industry, these so-called shadow IT systems are regulated through BAIT, the Supervisory Requirements for IT in Financial Institutions. BaFIN, the Federal Financial Supervisory Authority, provides a framework for the technological, organizational resources of financial institutions, especially with regard to IT resource management and information risk management. This is due, in part, to the core function of IT in the entire banking system. In its August 2021 circular, BaFin states, “The use of information technology (IT) in the institutions, including the use of IT services supplied by IT service providers, is key for the...
- GRC from GBTEC: modern, efficient and transparent
The ability to completely manage risks starts with a comprehensive GRC strategy that lays the foundation to face arising challenges and steer the business to success. This is so critical because the implementation of a solid solution and process can lead to a valid risk assessment as well as...
Request now to get access to the full version of the whitepaper.
