Is Your Organization’s Performance at Risk from Excel Anarchy?

POWERFUL YET DANGEROUS TOOLS

There is no question spreadsheets are one of the most powerful tools used by companies today. There is a relatively low learning curve, the software is inexpensive and readily available, they are quick to get up and running and are easy to modify. These are all reasons why spreadsheets are one of the most dangerous tools in common use across organizations. There are many examples of substantive mistakes due to spreadsheet errors. Who can forget Fannie Mae’s $1.13 billion mea culpa during 2003? In a news release they noted that a review of third-quarter figures revealed a $1.13 billion error in shareholder equity, “…as there were honest mistakes made in a spreadsheet used in the implementation of a new accounting standard.”

If spreadsheets are so powerful, then why should companies be leery of using them? First and foremost, as noted above, they are prone to errors. There are many who are proficient in Excel, yet all have made errors at some point while using spreadsheets. When spreadsheet authors have graduated to using tables rather than copying formulas, leveraging named ranges for clarity, and making data dance with fancy pivot tables and more; spreadsheets remain subject to human error. Even when spreadsheets are in fact error-free and testing validates desired results, there is still the risk that others who use the spreadsheets will introduce errors. Further, the notion that the ease of use of spreadsheets is a strength yields a false sense of security. Other users can copy and modify a file, redistribute it, use the old version of a file, or simply misread a file leading to multiple versions of the truth.

FURTHER RISKS AND HOW TO MITIGATE THEM

The lack of an audit trail and paucity of spreadsheet security present governance challenges across the board. From where did the spreadsheet get its base data? When was it updated? Has it been modified? The challenges go beyond traditional data governance to considering sources, lineage, and right to use; and extending to analytics governance. With modern business intelligence tools, it is easy to pop the results into Excel, add to the information, present it in different ways, and apply additional analytics. Over time data and analytics-fed spreadsheets can build up. Teams add automation, staff turns over, and then without intent; critical reporting becomes dependent on a series of spreadsheets held together by bubble gum and string.

What, then, are mitigating measures for the risks that spreadsheets present? The first step is to understand where spreadsheets exist and the roles they play in a company’s formal management, analytic and reporting processes. It would be a fool’s errand to attempt to eliminate ad hoc utilization of spreadsheets; however, it is possible to examine their ‘formal’ use. It matters not whether the starting point is from the last mile working backward up the chain, or from portfolio management working forward to end reporting and analytics. Regardless, the first step towards eliminating the anarchy that may have formed is understanding the extent of spreadsheet usage.

A catalog of spreadsheet use is necessary to begin analyzing the points of risk and deciding if there are acceptable or unacceptable risks at each point. The resulting operational efficiency can be determined by examining how quickly replacing spreadsheets with automated or vendor solutions will repay the effort. Will the change involve too much loss of flexibility compared with the risk reduction and increase in efficiency? The transparency that a spreadsheet audit can bring is necessary before an organization can answer these questions.

MERADIA CAN HELP

Meradia has improved clients’ operations by eliminating rogue spreadsheet-based processes during every transformation and implementation engagement. That said, during every project we employed spreadsheets as tools. Meradia can provide perspective in answering the question, “Is the organization using spreadsheets appropriately, or is it time to take back control?”

Download Thought Leadership ArticleServices: Solution Design, System RationalizationExpertises: Performance, Risk & AnalyticsClients: Asset Managers, Asset OwnerAuthors: Mick Cartwright