EXCEL – SO POPULAR, SO RISKY

Are you aware which subject links the British secret service "MI5" with the American bank JP Morgan and Harvard University???

All three organizations have had painful experiences with EXCEL - ranging from formatting, deletion, to calculation errors!?

Three times a real catastrophe. But as different as the reasons for Excel's failure in each case, one thing is clear: spreadsheets are prone to mistakes!??

Therefore, it is time to reconsider Excel’s popularity – since currently, more than 750 million people globally use Excel spreadsheets due to Microsoft's market share.??

The vast majority of employees is used to work with MS Office and consequently, rely on Excel for data analysis.??

This obviously increases the risk and the susceptibility to errors for users when Excel is used incorrectly - with often serious consequences for companies.?

?

• EXCEL IN NUMBERS??

We all make mistakes in our lives. What might be covered with a smile in a private setting can at least lead to dissatisfaction in the professional context and to the risk of huge financial and reputational damages in worst case.??

Studies say, this is clearly evident when working with Excel, which is prone to mistakes, as around 95% of these worksheets contain errors. Still, in spite of this, companies remain devoted to Excel as their calculation, data organization and analysis tool.??

• EXCEL VS. A DEEP GRC STRATEGY??

The fact that users of Excel quickly reach their limits becomes clear when considering the range of individual challenges of modern, cross-organizational corporate management.??

Today more than ever, organizations of all sizes and in all industries find themselves in a field of tension between internal and external tasks.?

Well, does Excel really contribute to data control and can it serve as a solid analysis tool for profound risk and opportunity assessment???

Risk management experts dealing with potential risks are likely to answer “no!”.??

In other words, Excel remains a risk for planning: Apart from a lack of functions in scheduling and process control, there are also weaknesses in data quality management and scalability. The processes involved in working with Excel are also too lengthy and imprecise.??

?

• EXCEL GENERATES RISKS & CHALLENGES??

In this context, threats in the overall process mapping and control of possible risks and potential opportunities in an organization become visible. Excel does not fully satisfy the increasing challenges of modern corporate management in a digital and globally connected business world.??

The key elements are employees and the linked corporate culture to which numerous companies still pay too little attention in their general risk management.??

Instead, organizations use spreadsheets to try to measure and weight their own employee and organizational structures and to map strengths and weaknesses based on pure key figures causing the following:??

• issues caused by inadequate data quality??
• entire processes can only be displayed inadequately?
• high planning risk created by workload and rate of errors??
• challenging cross-organizational corporate management??

• TRANSPARENCY AND MONITORING?

Apart from the weaknesses mentioned above, it is likewise necessary to pay more attention to external risk factors, since leaders wish to guide their companies through the many unknowns in uncertain times.?

This scope of risks begins with wars, embargoes, and financial risks and does not conclude with natural disasters, production stoppages, and delivery bottlenecks.??

Furthermore, there are legal requirements that demand a professional Governance, Risk & Compliance Management (GRC) in any organization:??

Companies need to offer transparent information about their business activities and to consistently document and monitor business processes by setting up a risk management strategy including early warning and monitoring systems taking into consideration environmental and social facets in all business operations.?

?

• INSUFFICIANCY OF SHADOW-IT SOLUTIONS??

This calls for a more rigorous monitoring of information security. Appropriate quantitative or qualitative criteria need to be defined by the management for controlling the areas responsible for operations and further development of IT systems.??

The goal is to achieve more effectiveness of information security measures, information risk management responsibilities and controls, as well as physical information security requirements. This binds executives to increasingly address the issue and ensure "clean" IT solutions and processes in their own organizations, including the monitoring obligation.??

As a result, there are definite regulatory requirements that cannot be met by shadow IT solutions, such as self-created and shared spreadsheet solutions.??

This poses a constant threat to the organization's internal IT security if used as well as:?

• regulatory compliance not possible with spreadsheet solutions?
• insufficient ability to map complex information security issues??
• lack of monitoring and control options lead to lack of auditing security??

Those internal and external risks that cannot or can only be mapped with difficulty, as well as legal requirements, demonstrates the weakness of Excel and Excel-based solutions.??

Consequently, solutions that can be used to map the entire GRC process for solid corporate management need to be established. Areas of corporate strategy, risk and compliance management should no longer act largely isolated in companies and use a common database.??

This implies that modern and integrated opportunity and risk management solutions require a different process view of the topic as a whole!?

• GRC FROM GBTEC - MODERN, EFFICIENT & TRANSPARENT??

We at GBTEC give companies with our digital and automated GRC tool the perfect solution to manage risk management tasks in the best feasible way - including monitoring and control.??

With this solution, essential systems in the areas of governance, risk and compliance can be combined, redundancies avoided, and cross-departmental collaboration can be improved.??

Our workflow based GRC software leads to more transparency in the complete risk management process, including compliance with internal regulations and legal requirements, policies and rules.?

For more information on BIC GRC visit our website via https://www.gbtec.com/software/ or download our whitepaper!?