EUC Data Governance

The State of EUC Data Governance

March 4, 2021

Why is EUC Data Governance Important?

Global Regulatory Focus

Regulators worldwide have recognized EUC data governance as a key gap in many companies and have placed increased scrutiny in this area. This is especially true in financial services. Regulators are continually levying fines or building end user computing (EUC) specific regulations.

In the past 12 months alone, these regulators have issued fines or new data governance requirements for financial services firms.

Office of the Superintendent of Financial Institutions (OSFI-BSIF)

OSFI-BSIF

The Office of the Comptroller of the Currency (OCC)

OCC

Federal Financial Supervisory Authority (BaFin)

BaFin

Federal Deposit Insurance Corporation (FDIC)

FDIC

High profile failures have led to major consequences, including fines and reputational damage for some of the world’s largest institutions. For example, Citibank was fined $400M and served a cease & desist order. Failure with Citibank’s EUC data governance program was explicitly stated as one of the major reasons for the action.

View OCC Cease & Desist for Citibank
(Data governance findings start on page 8)

Increased Risk Exposure

EUC data governance requires continuous focus given the shifting user environment and regulatory landscape. Data governance program gaps can leave companies exposed to failure with major financial and reputational impacts. For example, JP Morgan’s $6B loss in the London Whale incident was in part due to:

  • Spreadsheet mismanagement
  • Manual processing reliance
  • Inadequate reviews

How Can Technology Help with EUC Governance?

Critical Areas for Technology Enablement

Applying automation to an EUC data governance program provides enhanced controls for two areas with the highest risk exposure.

  1. EUC Profiling:
    Ensuring an accurate and ‘noise free’ EUC Inventory by profiling and ranking each EUC based their inherent risk characteristics.
  2. Spreadsheet Controls:
    Automating change management, version control, error identification, and approval workflows increases efficiency and accuracy.

Staying One Step Ahead

The rapidly changing landscape demands companies to stay up-to-date in their internal policies and enabling technologies.

  • New EUC Applications/ File Types
    Applications like R, Python, MATLAB, Alteryx, and data analysis tools (e.g. Power BI) are increasingly utilized across business for critical processes. These all fall under the scope of EUC programs.
  • Focus on EUC Retirement & Alternatives
    Regulators are focused on migration of EUCs into IT-manage alternatives. This means the EUC program must adapt to incorporate identification of alternatives and EUC retirement frameworks.
  • Data Lineage and Process Risk: EUC risk is no longer simply a product of a file’s internal structure and complexity. Risk assessment must incorporate data lineage and involvement in high- risk company processes to gain a holistic view of the program.

EUC Data Governance Solutions

Reduce Risk, Increase Efficiency & Program Auditability

Using technology to manage an EUC data governance program decreases risk. It also results in saving time for end users and having a program that stands up to regulatory scrutiny.

  • Automates tracking of critical changes
  • Ensures comprehensive and accurate EUC inventory and controls
  • Increases efficiency by saving time and resources

Systematic vs. Manual EUC Data Governance

Applying automation provides greater ROI vs. reliance on manual processes that are inefficient and more prone to error.

Manual
Systematic
Spreadsheets and databases have no native functionality to retain changes
✓ Automated, auditable change management with notifications & versioning
“Eye balling” manual reviews leaves high chance of oversights and errors
✓ Integrity check to ensure good practices are observed
No objective way to categorize risk
✓ Automated, objective risk assessment
Resources and time required for manual processes will be prohibitive and future growth will encounter barrier
✓ Future proof: Software is scalable for future growth in volume and complexity
Human resources have direct labor and opportunity costs
✓ ROI is favorable relative to any manual, non- automated approach

Taking Control

Take the first step in controlling spreadsheet risk by defining a comprehensive spreadsheet policy. Apparity’s team of experts have developed a best practice spreadsheet policy guide to get started.

GET FREE GUIDE

Subscribe for Apparity Blog Updates

Share this post:   
Subtle White Feathers

Chris Trammell

Leveraging a deep background in the EUC-industry and client services, Chris supports new and existing clients as a part of the Apparity Sales team.

Related Articles

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *