A Practical Approach to Managing Spreadsheet Risk in a Global Business

TL;DR

This paper discusses a practical approach to managing spreadsheet risks in large organizations by implementing governance frameworks, policies, standards, controls, and management tools, illustrated through a case study of a global energy company.

Contribution

It introduces a pragmatic, case-study-based methodology for controlling spreadsheet risks in multinational organizations, emphasizing governance and management practices.

Findings

Effective governance frameworks reduce spreadsheet risk

Implementation of policies and standards improves control

Management tools assist in risk mitigation

Abstract

Spreadsheets are used extensively within today's organisations. Although spreadsheets have many benefits, they can also present a significant risk exposure, requiring appropriate management. Protiviti has worked with a number of organisations, ranging in size up to huge multi-nationals, to help them build appropriate spreadsheet governance frameworks, including the design and implementation of policies, minimum design standards, control processes, training and awareness programmes and the consideration and implementation of spreadsheet management tools. This paper presents a case-study explaining the practical and pragmatic approach that was recently taken to control spreadsheet risk at one of Protiviti's clients - a global energy firm.