No XBRL For Once
I usually write about XBRL, and XBRL only. Not because XBRL is the only thing that is on my mind, as I am sure some think. I just assume that people that visit this blog do so because they have an interest in XBRL, and not in my personal ramblings.
Now, I also assume that some readers of this blog may share the hectic lifestyle that I have, at least in part. So, maybe you will find the thoughts that follow interesting as well. If not, an XBRL post will come soon, I promise :)
I fly a lot. I used to fly a lot before 9/11/2001, and like everybody else I was affected by the changes that followed those terrible days. And like most I never dreamt about complaining. Then somebody tried to blow up a plane with explosive hidden in his shoe, and we all started taking our shoes off when gong through security. A nuisance, but that made sense too.
Now, somebody tried to blow up a plane by concocting a chemical mixture in his lap and we won’t be allowed to have anything in our lap during the last hour before landing. I think the guy also went to the restroom before starting up his thing, because of that we won’t be allowed to go to the restroom either.
This guy had a history. His own father went to the US embassy in Nigeria to let them know that he had become “radicalized”, and was allegedly ignored. Also, he did manage to get those chemicals through security in some way.
I really hope that, once the turmoil of what happened has subsided, reason will prevail and additional – and more than welcome – measures will focus on better prevention in the areas that have failed this time, and targeted on new threats as they are discovered, rather than on the immediate prevention of the actions that have occurred in this or any other episode.
If not, next time somebody tries something new and, say, is caught on tape sneezing before trying it, we might end up with a ban on blowing our noses for the last hour before landing. Now that I think of it, somebody could write a great fiction story where the villain orchestrates terrorist attacks on planes that never succeed, but that through the actions of the terrorist take away one “liberty” from worldwide passengers each time… Wait a minute… fiction?
Do not get me wrong, I am in favour, and grateful, for any additional security measures that can save lives, including my loved one’s and mine. I guess my point is that the lives claimed in terrorist attacks are the first and the most tragic result of those attacks, but that the changes that go into place as a consequence of those attacks, which affect everybody’s daily life for years and years to come, are probably regarded as an even greater success by the perpetrators of those crimes.
The line between much needed additional security measures to react to new threats, and just closing the stables after the horses have escaped is thin.
XBRL: What’s In It For Internal Auditors?
Earlier this month, The Institute of Internal Auditors (IIA) Research Foundation published my white paper XBRL: What’s In It for Internal Auditors, which I had the privilege to write with the invaluable review and advice of a number of individuals quoted in the paper.
This paper was initially conceived to address the results of an XBRL awareness survey among chief internal audit executives worldwide conducted by The IIA at the end of 2008. The survey showed only a partial awareness of XBRL by internal audit professionals. In addition, auditors were minimally involved in the actual process of generating XBRL filings even in those companies that are already using XBRL, either in voluntary or mandatory projects.
One of the objectives of the white paper is to fill this awareness gap by providing a comprehensive overview of what XBRL is, how it is being used in various programs across the world, and how it will have to be used to meet the SEC’s interactive data mandate, which starts in the second half of this year.
However, this is only one part of the story. Obviously, internal auditors need to be able to contribute to, and provide professional assurance on, the process of generating XBRL filings as they do with any other corporate reporting process. Still, XBRL’s value proposition in internal auditing processes goes far beyond being an additional format to which to convert financial reports. The white paper highlights the uses of XBRL that go beyond regulatory compliance, demonstrating how it enables the enhancement of critical processes in the internal space: data integration, reporting assembly, application of validation rules, controls, and visualization templates in a consistent way across the whole corporate information system.
Simply put, internal auditors should consider XBRL — and I am not referring here just to the US GAAP XBRL taxonomy used to report to the SEC, but to the standard as a whole in its various flavors as described in the paper — as a key tool to perform their functions more efficiently, rather than simply an additional reporting burden that requires their professional attention. XBRL enables moving from widespread manual, error-prone processes to automated and standardized ones in key data-related activities. It is something that businesses can leverage internally as a key technology and not just see as an additional compliance burden.
This concept is relevant not only for internal auditing, but for internal corporate processes in general. It can help executives making crucial decisions today on how to comply with the SEC’s interactive data mandate over the course of the next several years.
The white paper also examines different approaches to XBRL adoption, where XBRL can be either bolt-on at the highest financial report generation level, built-in deeper into the reporting layer of the corporate information system, or deeply embedded at ledgers level.
If a company sees XBRL as just another format in which financial statements have to be submitted for compliance, its management is likely to consider only the easiest options to create its filings: either create them under the existing process and convert to the new format at the end, or outsource as much of the process as possible. These choices not only represent a missed opportunity on the “internal” benefits that XBRL enables, but will actually be put to test by evolving reporting requirements. Additional reporting concerns like IFRS convergence and the “Year 2″ requirements already set in the SEC mandate, which extend the depth at which information will have to be tagged in notes and schedules, are reason enough to consider all of the options available and their implications very carefully.
In short, even if you are not an internal auditor, I think it may be worthwhile for you to get the white paper from The IIA website.
Originally posted on March 30, 2009 on the Hitachi Data Interactive Blog
Follow Me!
