Nowadays we take spreadsheets for granted. Their power is simply at our fingertips. But it wasn't always this way. How did we come to have these useful tools so readily available? There is surprisingly little formal information about how they came to be, but, luckily, there are others who share our passion and have done something about it.
Topics: Spreadsheets, history of spreadsheets
There should be no schadenfreude experienced after the news reports of BlackRock accidentally leaking a spreadsheet containing the PII (personally identifiable information) of close to 20,000 independent financial advisors who distribute their iShares products. It can happen to anyone and in fact, it happens all the time.
Topics: PII, information security, EUC Controls, Spreadsheet Controls
Topics: Manage Risk, risk management policy, model risk, EUC risk management, Reduce EUC Risk
Creating and maintaining a Model Inventory is simple in concept but much harder in practice. Identifying the existing models to include can be challenging, especially given the fact that the line of business aren’t usually enthusiastic about documenting their model usage. Some model owners would prefer that you just go away, thank you very much. But it’s the “maintain” task that is really difficult. Keeping a model inventory accurate and up to date takes a lot of work. From chasing down various owners and users for updates to reporting on KRIs, it is a thankless job that never ends. Model Inventories are very resource intensive but there is an easier way that is better, faster and cheaper.
Topics: model risk, Model Inventory, SS3/18
Earlier this year, Peter High wrote on Forbes.com about an interview he had with Clay Johnson who currently is the CIO of Walmart. Although the topics of discussion weren’t specific to end-user computing risk management, I found Clay’s lessons learned from his early experience at FedEx to be very applicable to my work focused on Model risk and EUC risk management.
Topics: Manage Risk, risk management policy, model risk, EUC risk management
The Prudential Regulatory Authority’s Supervisory Statement SS3/18 concerning model risk management principles is the latest in a long line of financial industry guidance that started with OCC 2011-12, The Federal Reserve’s SR 11-7 and others. Although it is highly focused on the models used for determining capital adequacy (stress testing) in UK banks, and the principles are sound, it is not good news for model risk managers.
Topics: Manage Risk, PRA SS3/18, Prudential Regulation Authority SS3/18, Model Inventory, SS3/18
You have millions of end-user controlled files in your organization. Do you know which documents, spreadsheets and other files contain personally-identifiable information (PII)? If not, how can you comply with the EU General Data Protection Regulation (GDPR)? How can you ensure effective security for this unstructured information?
Topics: Manage Risk, PII, GDPR Compliance, information security
Steve's team finished the month-end close ahead of schedule without any mistakes. This humorous 15-second video shows how he celebrates!
Topics: Spreadsheet Errors, Videos
Why would a senior executive with strategic responsibilities even remotely think about something so seemingly tactical as spreadsheet risk? Read on: This article discusses a series of recent cases that illustrate how a spreadsheet error can quickly evolve into a material - and public - business crisis.
Topics: Spreadsheet Errors, Manage Risk
Imogen doesn't worry about errors in her models - she has automated controls! This humorous 15-second video explains why she is so relaxed.
Topics: Spreadsheet Errors, Videos