Spreadsheet Controls and the NAIC Model Audit Rule

White Paper Published By: Prodiance Corp.

Since the National Association of Insurance Commissioners (NAIC) made revisions to the Financial Reporting Model Regulation (Model Audit Rule) in June 2006, the insurance industry’s attention to the risks associated with financial reporting has been on the rise. Structured similarly to Section 404 of the Sarbanesâ€Oxley Act, the Model Audit rule places a significant burden on Câ€level executives to ensure their oversight in the internal controls for financial reporting (ICFR) process. Executives within these insurance organizations, both public and private, will be required to evaluate their internal controls in preparation for the first reports due in 2010 for the 2009 reporting period.

Tags :

prodiance, sarbanesâ€oxley act, security and integrity of data, analytics, risk assessment, optimization, , security

Published:	Dec 22, 2008
Type:	White Paper
Length:	13 pages

Spreadsheet Controls and the NAIC Model Audit Rule White Paper

November 2008 P-01514, Revision A

Prodiance White Paper
Table of Contents
Table of Contents ........................................................................................................................................ 1
Spreadsheets and the Model Audit Rule .................................................................................................... 2
Auditor Guidance ........................................................................................................................................ 2
Leveraging Technology ............................................................................................................................... 5
Prodiance Enterprise Spreadsheet Manager .............................................................................................. 6
Prodiance eDiscovery .................................................................................................................................. 7
Prodiance Spreadsheet IQ .......................................................................................................................... 8
Prodiance Link Migration Manager ............................................................................................................ 9
Prodiance ESM .......................................................................................................................................... 10
3 Levels of Control .................................................................................................................................... 11
Proven ROI ................................................................................................................................................ 12
About Prodiance ....................................................................................................................................... 12
Spreadsheet Controls & The Model Audit Rule 1 Prodiance White Paper
Spreadsheets and the Model Audit Rule
Since the National Association of Insurance Commissioners (NAIC) made revisions to the Financial Reporting Model Regulation (Model Audit Rule) in June 2006, the insurance industry's attention to the risks associated with financial reporting has been on the rise. Structured similarly to Section 404 of the Sarbanes-Oxley Act, the Model Audit rule places a significant burden on C-level executives to ensure their oversight in the internal controls for financial reporting (ICFR) process. Executives within these insurance organizations, both public and private, will be required to evaluate their internal controls in preparation for the first reports due in 2010 for the 2009 reporting period.
One major hurdle in preparing for the Model Audit Rule is in understanding how to manage end user computing (EUC) applications (including critical spreadsheets, Access databases, and BI reports) to successfully meet the outlined compliance requirements. Insurance organizations rely on complex and mission critical spreadsheet applications as forecasting tools to determine risk and uncertainty for property, casualty, pension, health, life, annuities, and welfare plans. To keep up with ever-changing compliance mandates such as ERISA, PBGC, FAS 87, FAS 106/158, and IAS 19, proprietary algorithms and extensive IP is often created within these spreadsheet applications, making their safe keeping and integrity paramount to business operations.
In addition, hundreds and even thousands of critical and complex spreadsheets are used in accounting and finance operations for revenue recognition, account reconciliation, journal entries, and closing the books. These spreadsheets often contain many external links and data feeds, complex formulas, macros/VB code, hidden data, and advanced mathematical functions. This complexity easily lends itself to human error, and when these critical spreadsheets are left unmanaged, it creates an open door for non-compliance, financial loss and even fraud. As such, critical spreadsheets used in insurance operations need to be manage... [download for more]

Browse Technology Topics

Data Center Virtualization, Cloud Computing, Infrastructure, Design and Facilities... more, Power and Cooling, Green Computing less		Data Management Application Integration, Analytical Applications, Business Intelligence... more, Configuration Management, Database Development, Data Integration, Data Mining, Data Protection, Data Quality, Data Replication, Database Security, EDI, SOAP, Service Oriented Architecture, Web Service Management, Data Warehousing less
Electronics Analog Communications, Digital Signal Processing, Electronic Design Automation... more, System On A Chip, Electronic Test and Measurement, Embedded Design, Boards & Modules, Embedded Systems and Networking, Electromechanical & Mechanical, Optoelectonics & Displays, Packaging and Interconnects, Passive & Discrete Components, Power Sources & Conditioning Devices, Integrated Circuits and Semiconductors, Sensors & Actuators less		Enterprise Applications Application Integration, Application Performance Management... more, Best Practices, Business Activity Monitoring, Business Analytics, Business Integration, Business Intelligence, Business Management, Business Metrics, Business Process Automation, Business Process Management, Call Center Management, Call Center Software, Change Management, Corporate Governance, Customer Interaction Service, Customer Relationship Management, Customer Satisfaction, Customer Service, EBusiness, Enterprise Resource Planning, Enterprise Software, EProcurement, Extranets, Groupware Workflow, HIPAA Compliance, IP Faxing, IT Spending, Marketing Automation, Performance Testing, Product Lifecycle Management, Project Management, Return On Investment, Risk Management, Sales & Marketing Software, Sales Automation, Server Virtualization, Simulation Software, Supply Chain Management, System Management Software, Total Cost of Ownership, Video Conferencing, Voice Recognition, Voice Over IP, Workforce Management, Incentive Compensation, Spend Management, Manufacturing Execution Systems, International Computing less
Human Resource Technology Human Resources Services, Payroll Software, Time and Attendance Software... more, Workforce Management Software, Financial Management, Employee Monitoring Software, Employee Training Software, Recruiting Software/Services, Employee Performance Management, ELearning, Benefits Management, Expense Management less		IT Career Advancement Cisco Certification, Microsoft Certification, Linux Certification... more, Network Security Certification, Software Development Certification less
IT Management Employee Performance, ITIL, Productivity, Project Management... more, Software Compliance, Sarbanes Oxley Compliance, Service Management, Desktop Management less		Knowledge Management Collaboration, Collaborative Commerce, Contact Management... more, Content Delivery, Content Integration, Content Management System, Corporate Portals, Customer Experience Management, Document Management, Information Management, Intranets, Messaging, Records Management, Search And Retrieval, Search Engines, Secure Content Management, SLA less
Networking Active Directory, Bandwidth Management, Convergence, Distributed Computing... more, Ethernet Networking, Fibre Channel, Gigabit Networking, Governance, Grid Computing, Infrastructure, Internetworking Hardware, Interoperability, IP Networks, IP Telephony, Local Area Networking, Load Balancing, Migration, Monitoring, Network Architecture, Network Management, Network Performance, Network Performance Management, Network Provisioning, Network Security, OLAP, Optical Networking, Quality Of Service, Remote Access, Remote Network Management, Server Hardware, Servers, Small Business Networks, TCP/IP Protocol, Test And Measurement, Traffic Management, Tunneling, Utility Computing, VPN, Wide Area Networks, Green Computing, Cloud Computing, Power and Cooling, Data Center Design and Management, Colocation and Web Hosting less		Platforms AS/400, Domino, Linux, Microsoft Exchange, Oracle, PeopleSoft... more, SAP, Siebel, Solaris, Tivoli, Unix, Web Sphere, Windows, Windows Server less
Security Access Control, Anti Spam, Anti Spyware, Anti Virus, Application Security... more, Auditing, Authentication, Biometrics, Business Continuity, Compliance, DDoS, Disaster Recovery, Email Security, Encryption, Firewalls, Hacker Detection, High Availability, Identity Management, Internet Security, Intrusion Detection, Intrusion Prevention, IPSec, Network Security Appliance, Password Management, Patch Management, Phishing, PKI, Policy Based Management, Security Management, Security Policies, Single Sign On, SSL, Secure Instant Messaging, Web Service Security, PCI Compliance, Vulnerability Management less		Software Development .NET, C++, Database Development, Java, Middleware, Open Source... more, Software Outsourcing, Quality Assurance, Scripting, SOAP, Software Testing, Visual Basic, Web Development, Web Services, Web Service Security, XML less
Storage Backup And Recovery, Blade Servers, Clustering, IP Storage... more, ISCSI, Network Attached Storage, RAID, Storage Area Networks, Storage Management, Storage Virtualization, Email Archiving, Data Deduplication less		Wireless 802.11, Bluetooth, CDMA, GPS, Mobile Computing, Mobile Data Systems... more, Mobile Workers, PDA, RFID, Smart Phones, WiFi, Wireless Application Software, Wireless Communications, Wireless Hardware, Wireless Infrastructure, Wireless Messaging, Wireless Phones, Wireless Security, Wireless Service Providers, WLAN less