Protiviti's end-user application professionals help you manage the risks associated with end-user developed applications while maintaining the benefits these tools provide.
End-user developed applications, such as spreadsheets and databases, are everywhere. Users tend to place undue trust in the integrity of the analysis that these applications produce, often placing a level of reliance them similar to what they would for formally developed or ‘off the shelf’ applications.
As end-users have become more IT proficient, their applications have become more complex. End-user applications such as spreadsheets or desktop database and reporting tools were never designed to be enterprise-level applications, but the growing use of complex and user-defined functions, lengthy macros and links to other systems has led to the development of highly complicated applications. In contrast to most other applications of this nature and criticality, end-user applications are rarely designed and developed by expert users or with controls in mind.
Increasing regulatory pressure, focus from auditors, and an awareness of the risk is forcing organizations to address the issue of end-user computing risk management, though few really understand what the issue is and what they need to do about it. While guidance exists, much of it is academic, providing little practical value to companies. Our approach represents a pragmatic response to end-user computing risk based on real business need and built on practical experience. We can help with all project phases, from building an application inventory and performing a risk assessment to implementing an effective yet pragmatic risk management framework and assisting with software selection and configuration. Protiviti remains vendor-independent but has thorough knowledge of the technology solutions available in the market. Our services include
- Spreadsheet Risk Management
- Desktop Database and Reporting Risk Management
Please read Protiviti's Spreadsheet Risk Management: Frequently Asked Questions (PDF)