+612 9045 4394
EDI Audit and Control : Telecommunications Library - Albert J. Marcella

EDI Audit and Control

Telecommunications Library

Hardcover Published: 19th February 1993
ISBN: 9780890066102
Number Of Pages: 236

Share This Book:


RRP $342.99
or 4 easy payments of $59.24 with Learn more
Ships in 7 to 10 business days

Provides answers to key questions affecting the future of electronic data interchange (EDI) and its impact on the business community as a whole. This evolving technology is cheaper than fax, easier to use than electronic bulletin boards and faster than the postal services. It contains practical information and alerts the reader to the level and types of controls necessary to protect data handled through the EDI system interface.

Forewordp. xiii
Prefacep. xv
Acknowledgmentsp. xvii
The Frontier: An EDI Overviewp. 1
Exactly What Is EDI?p. 1
Growth of EDIp. 1
EDI Market Acceptancep. 2
The Costs and Benefits of Imppementing EDIp. 5
Who Should Use EDI?p. 6
EDI Operating Issuesp. 7
EDI Risksp. 8
Management Control Concernsp. 9
General Controls in EDI Standardsp. 10
ANSIp. 11
Acknowledgmentsp. 12
EDI Audit Implicationsp. 12
Summaryp. 13
EDI Infrastructure and Standardsp. 15
The Essential Components of EDIp. 15
Standardsp. 15
Telecommunications Hardware and Softwarep. 16
Translation Softwarep. 16
Standards: Evolution of a Business Toolp. 18
The Development of North American Standardsp. 18
The Development of International Standardsp. 21
The Standards Controversyp. 23
ANSI ASC X12 Transaction Set Table, Segment Dictionary Format, and Data Element Definitionp. 25
Networks and Telecommunicationsp. 29
Third-Party Networksp. 29
Benefits of Value-Added Networksp. 30
Interconnectability: VAN Versus Point-to-Pointp. 31
Selecting a Third-Party Networkp. 33
Internal Controls in Third-Party Networksp. 34
Access Controlp. 34
Data Integrityp. 35
Transmission Securityp. 37
Liability of Third-Party Network Vendorsp. 40
Cross-Vulnerabilities in EDI Partnershipsp. 43
What is Cross-Vulnerability in EDI?p. 43
Cross-Vulnerabilities Involving Securityp. 43
Point-of-Sale and EDI Securityp. 44
Limitations of Current Security Structuresp. 45
Security Solutionsp. 47
Cross-Vulnerabilities in Other Business Areasp. 48
Difficulties with Shared Standardsp. 49
The Uncertain Legal Status of EDI Contractsp. 50
Conflicts in Partners' Competitive Profilesp. 52
More EDI-Related Exposuresp. 53
Summary and Recommendationsp. 54
Control Self-Assessment Worksheet and Summaryp. 57
Managing Interenterprise Partnershipsp. 61
Characteristics of Interenterprise Partnershipsp. 61
Selecting Trading Partnersp. 61
The Trading Partner Agreementp. 62
Other EDI Agreementsp. 64
Third-Party Network Agreementsp. 65
Application Software Agreementsp. 65
Legal Issues, Lawyers, and Auditorsp. 66
Fundamental Questionsp. 67
Creating an Enforceable Contractp. 69
A Matter of Evidencep. 69
Managing Liability and Riskp. 71
Conventions, Guidelines, and Agreementsp. 72
Summaryp. 72
EDI Application Control Issuesp. 75
Internal Controls in Information Systemsp. 75
Application Controlsp. 75
Security Controlsp. 78
Environmental Controlsp. 78
Project Controlsp. 78
EDI Standard-Driven Controlsp. 78
Other EDI-Specific Controlsp. 79
Controls for Transaction Accuracy and Completenessp. 80
Inbound Transaction Control Considerationsp. 81
Outbound Transaction Control Considerationsp. 81
Transmission Control Considerationsp. 82
Control Agreements Between Partnersp. 83
EDI Management and Environmental Controlp. 85
Environmental Controls: An Overviewp. 85
Operations and Managementp. 85
Computer Operationsp. 86
Data and Program Securityp. 86
Contingency Planning and Disaster Recoveryp. 87
Project Managementp. 88
Learn About EDIp. 89
Gain Executive Commitment and Management Buy-Inp. 89
Establish Quality Project Planp. 89
Review Business Processes and Internal Systemsp. 90
Conduct Surveysp. 90
Review Standards and Documents to be Exchangedp. 91
Choose Translation Softwarep. 91
Choose a Network Providerp. 91
Design, Develop, and Test the Systemp. 92
Cut Over to and Implement the EDI Systemp. 92
Perform Postimplementation Reviewp. 92
Vendor-Supplied Translation Softwarep. 92
EDI and Records Retentionp. 95
The Risks of Poor Records Retentionp. 95
The Objectives of Good Records Retentionp. 96
The Basic Principles of Records Retentionp. 96
Paper Versus Electronic Copiesp. 97
The Admissibility of Electronic Recordsp. 98
Key Considerations for an EDI Records Management Programp. 99
Storage Mediap. 100
Auditability of Recordsp. 101
Records to Consider Keepingp. 102
Retention Requirements for EDIp. 103
The Control Dimensions of Financial EDIp. 105
What is Financial EDI?p. 105
ANSI ASC X12 Versus UN/EDIFACT Payment Formatsp. 106
Financial EDI in Insurancep. 109
The Financial EDI Information Componentp. 109
The Canadian Financial EDI Audit Trailp. 112
Uniform Commerical Code Article 4A: Funds Transferp. 114
The Model Electronic Payments Agreement and Commentaryp. 115
Canadian Inter-Financial Institution EDI Control and Audit Standardsp. 115
Uniform Conduct for the Interchange of Trade Data by Teletransmissionp. 115
Financial EDI Controlsp. 116
The Payor's Perspectivep. 116
The Payee's Perspectivep. 117
The Financial Institution's Perspectivep. 119
Evaluated Receipt Settlement and Financial EDI: An Application at the Macro Levelp. 119
Summaryp. 121
EDI Audit Considerationsp. 123
The Auditor as Control Consultantp. 123
General Audit Implications for EDIp. 123
The External Auditor's Rolep. 125
Knowledge of the Businessp. 125
Assessment of Riskp. 126
Evaluation of General Controlsp. 127
Evaluation of Processing Controlsp. 128
Testingp. 130
Use of Computer-Assisted Audit Techniquesp. 130
The Internal Auditor's Rolep. 131
Final Thoughts on the Auditor's Changing Rolep. 135
Epiloguep. 139
General Considerations for an EDI Auditp. 143
Management Control Concernsp. 143
Loss of the Paper Audit Trailp. 143
Business Continuityp. 143
Exposure of Data to Third Partiesp. 143
Potential Legal Liabilityp. 144
Records Retention and Retrievabilityp. 144
Segregation of Dutiesp. 144
Managing Interenterprise Relationshipsp. 144
Implications for Information Systems Auditorsp. 144
An EDI Implementation Audit Programp. 147
Audit Objectivep. 147
Implementation Audit Programp. 147
A Financial EDI Audit Programp. 151
Overviewp. 151
Audit Procedures for Generic Funds Transferp. 151
Management and Administrative Controlsp. 152
System Controlsp. 152
User (Operational) Controlsp. 153
Financial EDI-Specific Audit Proceduresp. 154
Management Controlsp. 154
Application Controlsp. 154
Environmental Controlsp. 155
Audit Considerations for Trading Partner Agreementsp. 157
Review Model Trading Partner Agreementsp. 157
Evaluate Controls to be Included in the Trading Partner Agreementp. 158
Evaluate Interorganizational Control Assurancesp. 158
Audit Considerations for Third-Party Network Agreementsp. 159
Complete Statement of Termsp. 159
Data Ownershipp. 160
Confidentialityp. 160
Investigations and Auditsp. 161
Liability for Errorsp. 161
Amendmentsp. 161
Terminationp. 162
Environmental Audit Considerations: Contingency Planning and Disaster Recoveryp. 163
Telecommunications Services and Supportp. 163
Additional Audit Considerationsp. 165
Recommended Readingsp. 167
General Readingsp. 167
Management Topicsp. 170
Standardsp. 172
Audit and Control Issuesp. 173
Security Issuesp. 175
Legal Issuesp. 175
Network and Telecommunications Issuesp. 177
Software and Third-Party Network Vendorsp. 178
Productivity Enhancementsp. 179
Contingency Planning and Disaster Recoveryp. 179
Association Addressesp. 182
Glossaryp. 183
About the Authorsp. 205
Indexp. 207
Table of Contents provided by Syndetics. All Rights Reserved.

ISBN: 9780890066102
ISBN-10: 0890066108
Series: Telecommunications Library
Audience: General
Format: Hardcover
Language: English
Number Of Pages: 236
Published: 19th February 1993
Publisher: Artech House Publishers
Country of Publication: US
Dimensions (cm): 22.9 x 15.2  x 1.7
Weight (kg): 0.52