Lower EUC Risk with Automated Controls

EUC Risk Management & Controls in the Cloud

Posted by Nitin Aggarwal on Jul 11, 2019 7:06:45 AM

Is your organization moving towards cloud computing solutions? If so, these initiatives can typically be viewed as two different types of projects.

  1. Moving application servers and databases to cloud servers such as Amazon AWS or Microsoft Azure.
  2. Migrating files and data into cloud storage.

How can this be done without disrupting your current EUC and Model controls?  CIMCON can help.


Read More

Topics: Data & Information Governance, Spreadsheet Controls, information security, PII, GDPR Compliance, Spreadsheets

How to Safeguard  your Data in Excel

Posted by Craig Hattabaugh on Jun 3, 2019 8:36:21 AM

There are numerous, well-publicized incidents of data loss and data breach associated with the use of spreadsheets. This perpetual information security risk has led many to call for doing away with spreadsheets entirely. But before you go disrupting any critical business processes that aren’t really broken, consider taking advantage of a new Excel add-in that is available at no cost via Microsoft AppSource.

Read More

Topics: Data & Information Governance, Spreadsheet Controls, information security, PII, GDPR Compliance, Spreadsheets

Is SharePoint a cost-effective solution for EUC and Model Inventory Management?

Posted by Craig Hattabaugh on Apr 18, 2019 10:44:11 AM

Having an accurate and up to date inventory of models (whether they are spreadsheet-based or other) is the foundation of any model governance program. Now that you’ve chosen to manage these model risks, what’s the best way to track them?

Read More

Topics: cloud, Model Inventory

Spreadsheets: A True Love Story

Posted by CIMCON Software on Feb 14, 2019 9:23:57 AM

Nowadays we take spreadsheets for granted. Their power is simply at our fingertips. But it wasn't always this way. How did we come to have these useful tools so readily available? There is surprisingly little formal information about how they came to be, but luckily, there are others who share our passion and have done something about it.  

Read More

Topics: history of spreadsheets, Spreadsheets

Don’t be Headline News: Protect the PII Under Your Control

Posted by Craig Hattabaugh on Jan 29, 2019 1:58:53 PM

There should be no schadenfreude experienced after the news reports of BlackRock accidentally leaking a spreadsheet containing the PII (personally identifiable information) of close to 20,000 independent financial advisors who distribute their iShares products.  It can happen to anyone and in fact, it happens all the time.

Read More

Topics: Spreadsheet Controls, EUC Controls, information security, PII

2019 Perspectives: Reducing Spreadsheet & Other End-User Computing Risk

Posted by Craig Hattabaugh on Jan 10, 2019 12:04:02 PM
Do you think that any of your critical business processes are vulnerable to a spreadsheet error?  Or perhaps, has the number of models (including artificial intelligence) proliferated to the point where it’s difficult to understand your risk exposure (never mind reduce it)? If yes, there is something you can do. 

Read More

Topics: Manage Risk, Reduce EUC Risk, risk management policy, EUC risk management, model risk

Model Inventory: There is a Better Way

Posted by Craig Hattabaugh on Oct 23, 2018 1:35:17 PM

Creating and maintaining a Model Inventory is simple in concept but much harder in practice. Identifying the existing models to include can be challenging, especially given the fact that the line of business aren’t usually enthusiastic about documenting their model usage. Some model owners would prefer that you just go away, thank you very much. But it’s the “maintain” task that is really difficult. Keeping a model inventory accurate and up to date takes a lot of work. From chasing down various owners and users for updates to reporting on KRIs, it is a thankless job that never ends. Model Inventories are very resource intensive but there is an easier way that is better, faster and cheaper.

Read More

Topics: SS3/18, Model Inventory, model risk

What I learned from Walmart’s CIO about EUC Risk Management

Posted by Craig Hattabaugh on Aug 24, 2018 11:49:09 AM

Earlier this year, Peter High wrote on Forbes.com about an interview he had with Clay Johnson who currently is the CIO of Walmart.  Although the topics of discussion weren’t specific to end-user computing risk management, I found Clay’s lessons learned from his early experience at FedEx to be very applicable to my work focused on Model risk and EUC risk management.

Read More

Topics: Manage Risk, risk management policy, EUC risk management, model risk

New Woes for the UK Model Risk Manager

Posted by Craig Hattabaugh on Jul 13, 2018 3:29:53 PM

The Prudential Regulatory Authority’s Supervisory Statement SS3/18 concerning model risk management principles is the latest in a long line of financial industry guidance that started with OCC 2011-12, The Federal Reserve’s SR 11-7 and others. Although it is highly focused on the models used for determining capital adequacy (stress testing) in UK banks, and the principles are sound, it is not good news for model risk managers. 

Read More

Topics: Manage Risk, SS3/18, PRA SS3/18, Prudential Regulation Authority SS3/18, Model Inventory

Protect Personally Identifiable Information (PII) in Unstructured Documents & Spreadsheets in Support of GDPR

Posted by Rosanne Peterson on May 30, 2018 9:22:06 AM

You have millions of end-user controlled files in your organization. Do you know which documents, spreadsheets and other files contain personally-identifiable information (PII)? If not, how can you comply with the EU General Data Protection Regulation (GDPR)? How can you ensure effective security for this unstructured information?

Read More

Topics: Manage Risk, information security, PII, GDPR Compliance

Recent Posts