EUCs pose a unique risk to companies because they fall outside of traditional internal controls. As a result, they go unnoticed while becoming entrenched in critical business processes.
The majority of all highly regulated companies who are tasked with either updating their existing end user computing controls or are having to implement a credible and robust end user computing policy for the first time typically have very little internal resource or expertise that they can leverage to get the job done.
End user computing applications pose a unique risk to organizations because they fall outside of the realm of traditional application risk management controls. With the right set of EUC controls in place, you can mitigate this risk and ensure policy compliance for your most sensitive files.
EUC Policy Guide
Take the first step in governing your end user computing data and applications with the free EUC Policy guide.
Spreadsheets are a key tool in banking. Regulatory mandates such as Basel III, DFAST and CCAR force banks to evaluate how they manage their end user applications in a rigorous control framework.
As many insurers come to learn, spreadsheets and other EUC applications lack controls. Applying them manually is far too heavy a burden given their complexity. This contributes to data quality issues, a lack of ownership visibility, and unclear access rights. Furthermore, many regulators require historical detail to gauge completeness— something Excel does not offer.
Utility companies use Excel spreadsheets to consolidate financial information, energy trading, and operational data from different regional systems. SOX and regulatory agencies require companies to use a rigorous control framework to make sure that financial reporting, rate case details, energy trade confirmations, and commodity commitments are sound and accurate.