CRO need for spreadsheet vigilance and governance

CRO need for spreadsheet vigilance and governance

Spreadsheets are used throughout the world to capture, manipulate and display data. They are also one of the biggest risk exposures that businesses have in today’s global regulatory environment.

Arithmetic errors were a concern on paper ledgers and early computer spreadsheets. Now, with sophisticated business spreadsheets employing complex and highly specialized formulas, implementing effective spreadsheet management and governance is a top priority for many chief risk officers (CROs). Spreadsheet management for heavy users, regardless of the industry, starts with recognizing the issues presented by reliance on unsubstantiated data and poor controls. Managers tend to be overconfident that their data is accurate, without adequate review by a second set of eyes or audit software. However, repeated studies indicate that nearly 90 percent of spreadsheets contain errors.

In spite of the evidence that inaccurate figures become facts repeated elsewhere, many companies have not implemented emerging best practices to assess and mitigate spreadsheet and other accuracy risks.

With risk management executives challenged to identify, manage and reduce risk exposure in critical data, many CROs are employing effective technology tools for testing digital records. More sophisticated than earlier compliance software tools, the newer automated spreadsheet controls use risk intelligence to search for versions of spreadsheets, access control information, data and formula errors and other exposures. This does not remove the need for human oversight, but it ensures consistency and thoroughness throughout an organization.

CROs and their staff have enough challenges in their efforts to mitigate potential risks before the need to take reactive measures. Automated analysis options better allocate time and resources while ensuring constant vigilance and staff diligence. They offer scalability and transparency for growing firms.

Risk management teams spending far too much time being risk reactive, focused on finding and reacting to risk rather than managing and reducing it. The overwhelming effort leads to burnout, stress, turnover and staffing challenges. It must feel like walking on a risky high-wire, struggling to maintain balance and posture. Spreadsheet risk is endemic, so implementing tools companywide to address the potential issue is a critical part of managing control of the content.

Read the executive brief “CRO Guide: The Path to Risk Resilience” to learn how to identify, manage and reduce the risk exposure in your critical data today.

About Diane Robinette

Diane RobinetteDiane Robinette is President and CEO at Incisive Software, a company helping risk executives reduce exposure in critical business and financial processes. Prior to Incisive, Diane served in executive and senior level positions at companies including BroadVision, Contivo (acquired by Liaison Technologies), Covigna (acquired by ProQuest/Snap-on), Perfect Commerce and Proximex (acquired by Tyco). She also held management positions at KPMG and EY. Diane believes that by taking a modern and automated approach, risk teams can move towards a risk resilient posture that allows them to anticipate and reduce exposure, no matter what is thrown their way.