THE GOVERNANCE OF RISK ARISING FROM THE USE OF SPREADSHEETS IN ORGANISATIONSDownload This Article
Tessa Minter, Carlos Correia
The key to maximising the effectiveness of spreadsheet models for critical decision making is appropriate risk governance. Those responsible for governance need, at a macro level, to identify the specific spreadsheet risks, determine the reasons for such exposures and establish where and when risk exposures occur from point of initiation to usage and storage. It is essential to identify which parties could create the exposure taking cognisance of the entire supply chain of the organisation. If management’s risk strategy is to control the risks then the question reverts to how these risks can be prevented and/or detected and corrected? This paper attempts to address each of these critical issues and to offer guidance in the governance of spreadsheet risk. The paper identifies the the risk exposures and sets out the responsibilities of directors in relation to spreadsheets and the spreadsheet cycle. Spreadsheet risk exposure can be managed in terms of setting the control environment, undertaking risk assessment, providing the requisite information and communicating with internal and external parties as well as implementing spreadsheet lifecycle application controls and monitoring activities.
Keywords: Spreadsheet Governance, Spreadsheet Risk, Spreadsheet Lifecycle
How to cite this paper: Minter, T., & Correia, C. (2014). The governance of risk arising from the use of spreadsheets in organisations. Risk governance & control: financial markets & institutions, 4(2), 7-16. http://doi.org/10.22495/rgcv4i2art1