Chugach Electric Gets Control of Spreadsheets for SOX Compliance with Brainloop Secure Dataroom

Most organizations don’t have any of those standard controls in place around spreadsheets, and Chugach was no different.”
– Cheryl Klein, Founder and Principal Consultant, GRC Consulting Services

Spreadsheets out of Control

Chugach Electric Association needed to get its Excel spreadsheets under control for compliance with Sarbanes-Oxley (SOX) regulations. “A lot of organizations have issues with Excel spreadsheets,” said Cheryl Klein, founder and principal consultant of GRC Consulting Services. “The most often-used financial application for tracking, accounting and reporting is Excel. Unfortunately there are very few controls around anything within Excel to ensure that the information is valid, that it is correct, that it reports correctly, that someone hasn’t made a change inadvertently… Generally speaking most organizations don’t have any of those standard controls in place around spreadsheets, and Chugach was no different.”

Chugach Electric, headquartered in Anchorage, Alaska, is the largest producer and distributor of electricity in the state. It is a member-owned cooperative and therefore a private organization, though it had taken on a public debt which required it to comply with federal financial regulations, including SOX.

To bring the organization into compliance, Chugach Electric enlisted an outside consultancy, Certified Security Solutions. Cheryl Klein was the lead consultant for this project. She assembled a team of IT and financial professionals to implement the proper controls and processes for SOX compliance, test them for effectiveness and interface with their external auditor KPMG. (Klein has since started her own company, GRC Consulting Services, which specializes in governance, risk and compliance initiatives.)

The proliferation of spreadsheets for financial reporting was a major issue. By scanning the file server for last-modified dates at the end of the quarter, they were able to determine which spreadsheets were used in financial reporting. “We tested and validated the functionality of each one of those spreadsheets to ensure that all the formulas were being called correctly, the summations used the right ranges… So we knew that those were the key spreadsheets, tested and signed off,” said Klein.

From that point, they looked for a way to secure the spreadsheets by limiting access only to authorized individuals and creating an audit trail around journal entries and approvals. As a midsized organization, Chugach Electric did not have the time or resources to deploy a comprehensive enterprise resource planning (ERP) system such as SAP or Oracle. Instead they wanted a cost-effective, targeted solution that would enable them to achieve and maintain SOX compliance.

Brainloop Secure Dataroom for SOX Controls

Chugach Electric adopted Brainloop Secure Dataroom, a hosted service for managing and sharing confidential documents. It provides a secure, Web-based document repository with user authentication and access rights, a tamper-proof audit trail and collaboration tools. Chugach Electric used the Brainloop platform to establish controls around their financial spreadsheets.

Now they actually have a more streamlined workflow process that is better controlled than they did when just emailing spreadsheets back and forth.”
– Cheryl Klein, GRC Consulting Services

Klein continued, “The goal was to create efficient, repeatable processes for compliance. Because compliance with SOX is not a one-time thing – it’s every year you have to go through this. So the goal was to bring them to the point of initial compliance, and then a cost-effective, repeatable compliance process going forward. The use of Brainloop Secure Dataroom does both of those. We got them into compliance initially. And now they actually have a more streamlined workflow process that is better controlled than they did when just emailing spreadsheets back and forth.”

Time and Money Saved – Every Year

Reining in Excel spreadsheets closed major gap for SOX compliance. The Brainloop platform allowed Chugach Electric to achieve SOX compliance initially, as mandated by law, as well as to save time and money maintaining compliance going forward. SOX requires organizations to perform testing internally, in addition to the testing done by an external auditor. By establishing secure controls and processes around their financial spreadsheets, Chugach Electric and its auditor KPMG only have to confirm that the controls are in place and working instead of manually re-testing and re-validating the spreadsheets each quarter. This saves a tremendous amount of time and money in labor and consulting fees every year.

 Copyright © 2010 Apropos LLC. All rights reserved.

From Mail Order to the Internet – The Shoe Shack Builds a Growing Business Using StoresOnline

We spent some hours every week learning how to market our website. It paid off greatly for us.”
– Bryan Castleman, Co-owner, The Shoe Shack

How to Build an E-commerce Website?

In 2003 the Shoe Shack was a small mail order shoe business when it decided to make the leap to the Internet. However its first online store was relatively unsuccessful. “We really weren’t getting any traffic or sales,” said Bryan Castleman, co-owner of the Shoe Shack. Not wanting to give up, he searched for a better way to build and market an e-commerce website.

Today the Shoe Shack sells shoes, work boots, western boots, military boots and other footwear online at discounted prices. Its main website is shoeshackonline.com, and it operates several related niche websites that include discountedboots.com, workbootsuperstore.com and militarybootpros.com. It also has a retail storefront at its building in Martin, Tennessee, though 95% of its sales volume comes via the Internet.

After its first attempt at creating an e-commerce website, Castleman attended a conference for StoresOnline, an Internet company that provides a structured platform and simplified, do-it-yourself approach for building e-commerce websites. “We went to StoresOnline and saw how easy it was to build a website. It was somewhat laid out for you already, but you could also do your own customization,” he said. StoresOnline provides templates that users can customize with text and graphics. It has software tools for managing websites, products, customers, email and order processing. “With some of the places where we had a website, Yahoo! being one of them, we had to pay a commission of our sales. StoresOnline doesn’t ask for a commission of sales online. They are more of an e-commerce platform that you build on.”

“Marketing was the one aspect that stood out,” continued Castleman. “StoresOnline compiles all that in a marketing database. And then they give you strategies on how to use them for your website – how to optimize your website by doing meta tags, key words, image tags, all kinds of things that go with Internet marketing. We spent some hours every week learning how to market our website. It paid off greatly for us. We were able to get it up and running.”

StoresOnline also hosts websites in its data center. “They host my website on their servers, which are backed up. You can host them other places, or if you want to host them yourself, you can. We haven’t had a problem with our site being down. They’re a good one to go with,” he said.

Profits and Growth by Doing It Yourself

Since that time the Shoe Shack has enjoyed solid growth. “Before then we were really a small business. My father was the only employee. Now we’ve grown and have eight full-time employees and several part-time employees that work during the busy seasons and Christmas. Last year we had a twenty percent growth overall in our company… Being able to sell more online has allowed us to get capital and to buy close-out items that we can sell on eBay and in our retail store,” said Castleman.

The guided, do-it-yourself approach has worked well for the company. “A lot of people like to do things themselves because it does pay off. This is a way you can learn how to market all your websites by following their strategies. StoresOnline has videos that show you how to work on your website, how to put products up, how to build a page, how to put links on your page, things like that. You might need them to help set up, but we pretty much do everything ourselves,” he said.

“That makes us a little bit more profitable. It allows us every now and then to discount items that other, bigger companies might not be able to do. We can put more money into marketing because we have our own in-house marketing company.”

A Bump in the Road

But the road to success was not without bumps along the way. An oversight cost them a significant volume of business in 2005, though they eventually recovered. The Shoe Shack mistakenly thought they had renewed the domain name for their main website, but in fact it had expired. A scam artist bought the domain name for ten dollars and offered to sell it back to them for a million dollars cash. They declined, so the scammer set up the domain to filter orders to other online footwear businesses as an affiliate website. The Shoe Shack was forced to use a different name for its website and rebuild and re-market it.

“We were really upset about it. It taught us a good lesson to make sure our domain names are registered. When you buy a domain name, that is your business, that’s your name, that’s where your website is going to be hosted. We make sure now that everything is all together and check one or two times a year, if not more. Because that hurt us,” said Castleman.

Onward and Upward

The Shoe Shack continues to grow by developing new niche websites, most of which are related to footwear, such as workbootsuperstore.com and militarybootpros.com. Having learned how to build and market a website, Castleman is adept at creating new ones using the StoresOnline platform. Existing pages and products can be transferred over with some modifications to the text, links and tags. “We try to hit different niche markets. I buy several domain names that I might one day build a website on. That’s how I see our business and our company growing. And I love using StoresOnline because it seems so simple for me. I know how to use it, I’m comfortable with it, and it has been a good experience. I don’t plan to change,” he said.

“There are still a lot of things we don’t do that StoresOnline tells us we should do. As we grow and can hire more people, we’ll continue to do more and more online. The Internet is a huge business online and it’s somewhat never ending. There might be other people marketing online, but there is always a piece of the pie out there you can get in retail sales. You have to figure out what you can work with as a business.”

 Copyright © 2010 Apropos LLC. All rights reserved.