Program Manager (SOX/AUDIT) (California)

Details
* Address: Oakland, CA 94601 (map)
* Date Posted: 02/28/10
* Posted by: Ad partner
* Job Type: Full-time
Description

Company: Enclipse Corp.
Position Title: Program Manager (SOX/AUDIT)
Job Code:
Job Location: Oakland,…

View full post on Sarbanes jobs | Simply Hired

Top 10 Compliance Spreadsheet Risks and How to Avoid Them – PART 1

One of the biggest threats to compliance isnâ??t your employees or hackers, but a trusted tool: the spreadsheet. It is unstructured, untracked, and unsecured.  Learn to recognize top spreadsheet risks and what you can do to reduce them.

Compliance experts estimate that 80 percent of enterprises use spreadsheets to support critical business functions. For example, in one Deloitte survey of 800 financial professionals, 88 percent said their firms “use spreadsheets of material importance in financial reporting.” At the same time, however, research suggests the typical spreadsheet has a 2 to 5 percent error rate.

As a result, spreadsheets are one of the biggest compliance risks facing regulated companies. Indeed, despite their prevalent use, the life of the average spreadsheet is unstructured, untracked, insecure, and potentially just inaccurate. Learn how to pre-emptively control challenges that can run afoul of Sarbanes-Oxley (SOX), Basel II, or numerous other laws which regulate the integrity of financial processes.

Bet on auditors wanting to see all spreadsheets relating to your companyâ??s financial reporting practices. Will your rows and columns pass compliance muster? To help mitigate the regulatory risks posed by spreadsheets, consider these 10 tips.

1: Acknowledge Spreadsheetsâ?? Programming Power

One issue with spreadsheets is theyâ??re simply so powerful.  The spreadsheet problem is largely due to the fact that weâ??ve given a programming language to a non-IT user without any development environment-type oversight or safeguards.  Theyâ??ve become the programmer, tester and the user – so youâ??ve just lost all objectivity. Whoâ??s going to detect the errors in that spreadsheet?

2: Expect Errors

The average spreadsheet contains a substantial number of errors Human error research indicates that for things about as complex as creating a spreadsheet formula, the error rate floor is about 2 percent to 5 percent. The reason: people tend to take shortcuts when doing math, and these shortcuts often produce errors. Regarding automation, please see tip number eight. On a related note, spreadsheet novices are three times as likely as experts to make mistakes.

Few companies, however, test for spreadsheet errors or outright fraud, preferring instead to eyeball resultsâ??often with predictable consequences. For example, one software developer may use two 15,000-cell Excel spreadsheets to project the market for its products, with figures rounded to whole numbers. Yet another user may inadvertently round the modifier for inflation down say from 1.06 to 1, consequently resulting in a market undervaluation. Such an error would obviously qualify as a material weakness.

3: Manage Spreadsheet Changes

One solution: donâ??t prohibit spreadsheet use, but rather identify which spreadsheets handle critical business functions, and then implement controls to ensure their integrity and accuracy, and especially to prevent fraud. For starters, apply change management controls to spreadsheets, including sign-offs, a record of all changes and the rationale for every change, plus rollback capabilities. Each spreadsheetâ??s business logic must also be thoroughly vetted, as with any application which handles complex business functions.

4: Beware the Orphans

When auditing spreadsheets, pay particular attention to the orphans: spreadsheets of unknown provenance which today still drive critical business processes. As Arthur C. Clarke wrote, “any sufficiently advanced technology is indistinguishable from magic,” and as anyone whoâ??s ever inherited a spreadsheet knows, some operate if not by magic, then at least through unintuitive logic that might take a lifetime to unravel.

Certainly, the average business user canâ??t be expected to accurately keep a 50-tab Excel workbook current.

5: Consider Versioning Software

The poster child of the spreadsheet world is Microsoft Excel. Until recently, however, software to manage Excel in regulated environments was scant. Beginning with Excel 2007, though, Microsoft itself began offering businesses a way to enforce change management, audit controls, and versioning for Excel spreadsheets. Together with SharePoint Server 2007, companies can even manage spreadsheets centrally and offer role-based access to HTML versions of spreadsheets.

Financial Services Anti-Fraud Risk and Control Workbook

Product Description

Myth-busting guidance for fraud preventionin a practical workbook format

An excellent primer for developing and implementing an anti-fraud program that works, Financial Services Anti-Fraud Risk and Control Workbook engages readers in an absorbing self-paced learning experience to develop familiarity with the practical aspects of fraud detection and prevention at banks, investment firms, credit unions, insurance companies, and other financial services providers.

Whether you are a bank executive, auditor, accountant, senior financial executive, financial services operations manager, loan officer, regulator, or examiner, this invaluable resource provides you with essential coverage of:

• How fraudsters exploit weaknesses in financial services organizations

• How fraudsters think and operate

• The tell-tale signs of different types of internal and external fraud against financial services companies

• Detecting corruption schemes such as bribery, kickbacks, and conflicts of interest, and the many innovative forms of financial records manipulation

• Conducting a successful fraud risk assessment

• Basic fraud detection tools and techniques for financial services companies, auditors, and investigators

• Fraud prevention lessons from the financial meltdown of 2007-2008

Written by a recognized expert in the field of fraud detection and prevention, this effective workbook is filled with interactive exercises, case studies, and chapter quizzes, and shares industry-tested methods for detecting, preventing, and reporting fraud.

Discover how to mitigate fraud risks in your organization with the myth-busting techniques and tools in Financial Services Anti-Fraud Risk and Control Workbook.

Order from Amazon TODAY —> Financial Services Anti-Fraud Risk and Control Workbook

eMail Compliance

Mike Kieffer of Intradyn, Inc. talks about email archiving and compliance.

Expanded Audits for Food Manufacturers Detailed by TraceGains

Richard Ross is Director of Industry Relations for TraceGains, Inc.  According to Ross, “A new imperative has appeared.  Consumer trust of food safety is shaken.  Food businesses are realizing that traceability and supply-chain monitoring exposes an opportunity for additional profit.  Although the consumer has always had the power to influence the food industry, that influence is being heard loud and clear – safe, flavorful and affordable food – and the food businesses are listening intently.”   TraceGains, Inc. (www.tracegains.com) was founded in 1998 with a 100% focus on traceability. The company has a patented delivery system —14 patents granted and growing —and also is an Issuer of United States Department of Agriculture Process Verification Program (PVP) Label.

TraceGains, Inc. (www.TraceGains.com) was founded in 1998 with a 100% focus on Positively Assured Traceability™. The company has a patented delivery system—14 patents granted and growing—and also is an authorized Issuer of United States Department of Agriculture Process Verification Program (PVP) Label.  In the current issue of the International Food Safety and Quality Network publication, Manufacturing Journalist TR Cutler examines Expanded External Audits: The Sensible Approach.  

 

Ross shared with Cutler, “Today the annual financial audit is taken for granted by any company that is trying to establish credibility, whether publicly-traded or not. The financial audit is very much a fixture in today’s corporate world; less than four short generations ago, it was viewed as a revolutionary innovation. Corporate disasters have expanded the audit role beyond basic financial reports to include compliance updates on several corporate operational areas. Without third-party audits, stakeholders rely solely upon status updates from management to understand the state of a company. A traceability review offers similar reassurances. Expansions to previous audit protocols, such as the 2002 Sarbanes-Oxley Act, are usually a reaction to newly enacted government regulations or the most recent corporate misstep.

 

Recent events strongly suggest that it is now time to expand the external audit function to include an external review of a company’s traceability system.  This does not require over-reaching governmental regulation.  A decade of installing traceability systems for customers has shown us that only when a real-time process monitoring system is installed, and operational dashboards are provided to senior and mid-managers showing deviation from key operational business rules, will management perceptions synchronize more closely with reality.

 

Cutler asked Ross why monitoring traceability systems are not sufficient.  Ross responded, “Even after process-monitoring traceability systems have been installed, an external review is needed to make sure that any gaps are plugged. A traceability review is a stand-alone audit (following a formally prescribed set of procedures conducted by auditors or third-party companies that are traceability specialists.)  This is the only way that company directors, as well as existing and prospective shareholders, have the information they need to fully evaluate the company’s traceability risk. During the traceability review, specialists need to analyze factors such as: (1) product movement across the company’s different legal entities, (2) identity preservation across various internal process transformations, (3) methods of collecting traceability information, (4) the type of information being collected with respect to the required reporting regulations, (5) the methods the company uses to retrieve regulatory information in the event of a tainted goods episode, (6) company process and business rule compliance monitoring systems, and (7) the company’s recall history.”

By correlating and analyzing previously disparate data sets in the value chain, only TraceGains makes it possible to connect upstream inputs, suppliers, and raw materials to downstream outcomes such product quality or customer satisfaction. Firms can coach or replace poorly performing suppliers and counteract profit-draining events within the enterprise, as well perpetuate positive practices internally and throughout the supply chain, to achieve complete profit optimization.  At TraceGains this is achieved through the Profit Optimizer.

 

 

 

TraceGains Inc.

www.tracegains.com

Marc Simony, Director of Marketing

traceability@tracegains.com

(303)682-9898

Next Page »