학술논문
Defining and Adopting an End User Computing Policy: A Case Study
Document Type
Working Paper
Author
Source
Proceedings of the EuSpRIG 2019 Conference "Spreadsheet Risk Management", Browns, Covent Garden, London, pp27-38, ISBN: 978-1-905404-56-8
Subject
Language
Abstract
End User Computing carries significant risks if not well controlled. This paper is a case study of the introduction of an updated End User Computing policy at the Wesleyan Assurance Society. The paper outlines the plan and identifies various challenges. The paper explains how these challenges were overcome. We wrote an End User Computing Risk Assessment Application which calculates a risk rating band based on the Complexity, Materiality and Control (or lack of it) pertaining to any given application and the basis of assessment is given in this paper. The policy uses a risk based approach for assessing and mitigating against the highest risks first and obtaining the quickest benefit.
Comment: 25 Pages, 12 Colour Figures. 1 Table. First presented at the EuSpRIG 2018 Conference at Imperial College, London. Revised and updated following a further presentation at the EuSpRIG 2019 Conference also at Imperial College, London
Comment: 25 Pages, 12 Colour Figures. 1 Table. First presented at the EuSpRIG 2018 Conference at Imperial College, London. Revised and updated following a further presentation at the EuSpRIG 2019 Conference also at Imperial College, London