Presentation is loading. Please wait.

Presentation is loading. Please wait.

Validating Excel-based Spreadsheets Robert Ladyman File-Away Limited.

Published byStanley Dalton Modified over 9 years ago

Similar presentations

Presentation on theme: "Validating Excel-based Spreadsheets Robert Ladyman File-Away Limited."— Presentation transcript:

1 Validating Excel-based Spreadsheets Robert Ladyman File-Away Limited

2 Why wouldn’t you validate? We don’t validate Excel Spreadsheets because…

3 Excuses, excuses We only perform one-off calculations Not true if it’s not “untitled” A well-known Monitoring Authority –100% QC check –Clarification: must be validated if used for pivotal data handling

4 Excuses, excuses We don’t perform any calculations, we just store data –“We don’t perform calculations, so we’ll store it in something specialized for calculations” –You need to state what you do, not what you don’t do (you don’t store your data in Paintbrush). –Excel is an active agent (more later)

5 Why would you validate? GxP and its relatives –Data Protection Laws …and who wants to keep doing 100% QC

6 What type of ‘system’ is a spreadsheet? Level 1 systems –Off-the-shelf “Engines”: O/S, Oracle, Word, Excel itself (you don’t tend to validate them) Level 5 systems –Bespoke Strictly validated Spreadsheets are programs+data and level 5, NOT LEVEL 1 Applies to all spreadsheets, not just Excel-based ones

7 How do you validate? Use the classic, standard methods

8 Our old friends URS – User Requirements Specification Version Control Testing Documentation (including the validation report)

9 URS For the desired system: what you want not what you have Field-values (how many, + or -) Calculations (standards?) If you end up with Excel, make sure you know what version you might use

10 URS - Audit trails If your URS states that you need Audit Trails, Excel spreadsheets are probably the wrong tool –Sarbanes-Oxley has resulted in more plug-in systems (e.g. Wimmer, RSME) …of course, audit trails aren’t needed if you don’t store data

11 Version control MD5 sums –External to the file, best and simplest tool –What? –Why? There is no such thing as ‘bit rot’… –How?

12 Testing Test data –Valid and boundary checks Predict the results (plan) Evaluate the test results (validation report)

13 Documentation Outputs –Test results –Programming notes – how does it work internally (you’d do that for a program) –Don’t forget the user manual and SOP

14 Existing spreadsheets Call it “version 1” Write a URS Create and record an MD5 before any changes Test against the URS and any other claims

15 What can (and can’t) be done? Excel Controls Set passwords to control:- Access (to open the spreadsheet) To modify (otherwise there is read-only access) To protect / un-protect (to program it) –Message displayed if changes attempted –BUT - the Microsoft Excel Help states (in "About worksheet and workbook protection") "[Excel passwords are] not intended to be mechanisms for securing data or protecting [data]“ –7 minutes

16 Ah…but… “You CANNOT lock it down” “You CAN lock it down”

17 What else can (and can’t) you do? Excel Controls –Set cell types (integer, date, number) Date format can be yyyy-mm-dd Error message for wrong type when entered… BUT this can be overridden by pasting and by the delete key AND watch out for those ‘active’ conversions (remember 12-3, 12/4?)

18 Excel is an active agent The test value was NOT prefixed with ‘=‘. Shaded are the correct output – only 6 out of 15 are correct Test ValueInteger format General format Number format (2dp) 12-3“error”12-Mar 12/3/2008 39519.00 12/3412-Mar 12/3/2008 4.00 12-Mar“error”12-Mar 12/3/2008 39519.00 12/3/07“error”12-Mar 12/3/2007 39153.00 22/22/22“error”22/22/22“error”

19 Built-in Tools Use the built-in Excel tools Tools – Formula Auditing –Precedents –Dependants –Trace Error

20 An example spreadsheet Designed for Excel 2003 Calculates the sum and mean for each pair of values (for a sample of some sort) Banner for “Valid” and “Invalid” Handout has ‘all’ the parts (you might not print that) Not just for show

21 Example Spreadsheet URS (the highlights) Must indicate missing sample ID in a row Must indicate missing value 1 and value 2 data Date must be no later than current date Must not store data Must display study number

22 How can we match the URS? Have an area for meta-data Have an area for data entry Have an area for validity checks Protect all other areas so that they cannot be modified Use entry-field types

23 Don’t take MY word for it… EuSpRIG - European Spreadsheet Risks Interest Group "Research has repeatedly shown that an alarming proportion of corporate spreadsheet models are not tested to the extent necessary to support Directors' fiduciary, reporting and compliance obligations. Uncontrolled and untested spreadsheet models therefore pose significant business risks. These risks include: –Lost revenue & profits –Mis-pricing and poor decision making due to prevalent but undetected errors –Fraud due to malicious tampering –Difficulties in demonstrating fiduciary and regulatory compliance”

24 Don’t take MY word for it… Ray Panko, University of Hawaii. Lawrence and Lee examined 30 project financing spreadsheets: all 30 had errors. Error rate: 100% StudySpreadsheetsNumber with errors % with errors Coopers & Lybrand 1997 232191% KPMG, 1997222091% Lukasic, 199822100% Butler (HMRC), 2000 7686% Total544991%

25 Resources Ray Panko:http://panko.shidler.hawaii.edu/http://panko.shidler.hawaii.edu/ More research to frighten you: http://arxiv.org/find/all/1/all:+spreadsheet/0/1/0/all/0/1 http://arxiv.org/find/all/1/all:+spreadsheet/0/1/0/all/0/1 …and more figures: http://www.isaca.org/Template.cfm?Section=Home&CONTENTID=3 5903&TEMPLATE=/ContentManagement/ContentDisplay.cfm http://www.isaca.org/Template.cfm?Section=Home&CONTENTID=3 5903&TEMPLATE=/ContentManagement/ContentDisplay.cfm The example spreadsheet: http://www.file-away.co.uk/spreadsheets.html http://www.file-away.co.uk/spreadsheets.html MD5 software (check with your administrator) http://www.pc-tools.net/win32/md5sums/ http://www.pc-tools.net/win32/md5sums/

Download ppt "Validating Excel-based Spreadsheets Robert Ladyman File-Away Limited."

Similar presentations

ADMINISTRATION Information Technology for Administrators SPREADSHEETS Click To Continue.

ADMINISTRATION Information Technology for Administrators SPREADSHEETS Click To Continue.
Copyright © 2013 Pearson Education, Inc. publishing as Prentice Hall2-1.

Copyright © 2013 Pearson Education, Inc. publishing as Prentice Hall2-1.
EXCEL 101 Level 1 on a MAC CORE (Centre for Organizational Resilience), For Youth Initiative.

EXCEL 101 Level 1 on a MAC CORE (Centre for Organizational Resilience), For Youth Initiative.
1 Linking & Consolidating Worksheets Applications of Spreadsheets.

1 Linking & Consolidating Worksheets Applications of Spreadsheets.
With Microsoft Excel 2007 Comprehensive 1e© 2008 Pearson Prentice Hall1 PowerPoint Presentation to Accompany GO! with Microsoft ® Excel 2007 Comprehensive.

With Microsoft Excel 2007 Comprehensive 1e© 2008 Pearson Prentice Hall1 PowerPoint Presentation to Accompany GO! with Microsoft ® Excel 2007 Comprehensive.
Protecting cells in the worksheet from being changed. June 21, 2012.

Protecting cells in the worksheet from being changed. June 21, 2012.
+ Learning Intention 10 To understand and apply our understanding of spreadsheet software functions and techniques for efficiently and effectively manipulating.

+ Learning Intention 10 To understand and apply our understanding of spreadsheet software functions and techniques for efficiently and effectively manipulating.
Tutorial 7: Developing an Excel Application

Tutorial 7: Developing an Excel Application
Developing an Excel Application

Developing an Excel Application
Tutorial 8: Developing an Excel Application

Tutorial 8: Developing an Excel Application
Chapter 07: Lecture Notes (CSIT 104) 1111 Exploring Microsoft Office Excel 2007 Chapter 7 Data Consolidation, Links, and Formula Auditing.

Chapter 07: Lecture Notes (CSIT 104) 1111 Exploring Microsoft Office Excel 2007 Chapter 7 Data Consolidation, Links, and Formula Auditing.
XP New Perspectives on Microsoft Excel 2003, Second Edition- Tutorial 8 1 Microsoft Office Excel 2003 Tutorial 8 – Developing an Excel Application.

XP New Perspectives on Microsoft Excel 2003, Second Edition- Tutorial 8 1 Microsoft Office Excel 2003 Tutorial 8 – Developing an Excel Application.
Chapter 6 Financial Forecast. Agenda Developing a financial forecast model Advanced formatting Using the scenario manager to facilitate decision-making.

Chapter 6 Financial Forecast. Agenda Developing a financial forecast model Advanced formatting Using the scenario manager to facilitate decision-making.
Templates and Styles Excel 2000 - Advanced. Templates are pre- designed and formatted spreadsheets –They provide consistency of layout/structure –They.

Templates and Styles Excel Advanced. Templates are pre- designed and formatted spreadsheets –They provide consistency of layout/structure –They.
ACOT Intro/Copyright Succeeding in Business with Microsoft Excel 2010: Chapter1.

ACOT Intro/Copyright Succeeding in Business with Microsoft Excel 2010: Chapter1.
Microsoft Office 2007 Excel Chapter 8 Formula Auditing, Data Validation, and Complex Problem Solving.

Microsoft Office 2007 Excel Chapter 8 Formula Auditing, Data Validation, and Complex Problem Solving.
The installation process is started by double-clicking on the USB-Key file ‘install.xls’

The installation process is started by double-clicking on the USB-Key file ‘install.xls’
Using Data Dump to Export Data from StarPanel Purpose: Means of exporting data as Excel spreadsheet for manipulation outside StarPanel. Generally start.

Using Data Dump to Export Data from StarPanel Purpose: Means of exporting data as Excel spreadsheet for manipulation outside StarPanel. Generally start.
3.1 Data and Information –The rapid development of technology exposes us to a lot of facts and figures every day. –Some of these facts are not very meaningful.

3.1 Data and Information –The rapid development of technology exposes us to a lot of facts and figures every day. –Some of these facts are not very meaningful.
Exploring Microsoft Excel 2002 Chapter 7 Chapter 7 List and Data Management: Converting Data to Information By Robert T. Grauer Maryann Barber Exploring.

Exploring Microsoft Excel 2002 Chapter 7 Chapter 7 List and Data Management: Converting Data to Information By Robert T. Grauer Maryann Barber Exploring.

Similar presentations

Ads by Google