Insurance
Spreadsheet Challenges
Insurance firms rely on critical spreadsheet and end-user computing (EUC) applications within finance operations and to determine risk and uncertainty for property, casualty, pension, health, life, annuities, and welfare plans. The safekeeping of these applications is paramount to business operations. However, the complexity combined with the criticality of these spreadsheets often opens the door for human error, non-compliance, financial loss, and even fraud when they are left unmanaged and uncontrolled.
Model Audit Rule Compliance Mandates In addition to exposing firms to operational risk, uncontrolled and unmonitored spreadsheets, Access databases and other EUCs are now coming under auditor scrutiny for NAIC Model Audit Rule (MAR) compliance. Structured similarly to Section 404 of the Sarbanes-Oxley Act, MAR places a significant burden on C-level executives to ensure their oversight in the internal controls for financial reporting (ICFR) process. A major hurdle in preparing for the MAR compliance is in understanding how to mitigate the risks associated with EUC applications.
Establishing Spreadsheet Controls With the Prodiance Enterprise Risk Manager (ERM) system, insurance firms can:
- Automate spreadsheet discovery, inventory and risk assessment processes
- Improve spreadsheet security and limit access to critical spreadsheets to only authorized personnel
- Automate spreadsheet versioning while providing access to historical data
- Monitor all changes to critical spreadsheets and EUCs
- Control user input to critical spreadsheets
- Analyze spreadsheets for complexity, risk and structural errors
- Enforce spreadsheet development lifecycle policies and best practices
- Automate spreadsheet review and approval via automated workflows and email notifications
- Established a controlled environment for all critical spreadsheets and associated documentation
- Improve management reporting and visibility for all critical spreadsheets
- Improve compliance with NAIC regulatory mandates
- Boost productivity through a seamless, non-invasive end user experience