Add to collection(s) Add to saved
  1. Business
  2. Economics
Uploaded by Zaphara Tiara

PrE5 - Chapter 3 EDI

advertisement 
Auditing
Electronic Data
Interchange
Prepared by:
ZIELLE
Table of contents
01
03
Introduction
What is EDI?
EDI Standards
Financial EDI
Controls
EDI Controls
Access Control
02
04
Benefits of EDI
Common EDI cost savings
Audit Procedures Relating
to EDI
Test of authorization and
validation control
Test of access controls
Test of audit trail controls
Objective
 Recognize the unique exposures that arise
in connection with electronic data
interchange (EDI) and understand how
these exposures can be reduced.
01
Introduction
Electronic Data
Interchange (EDI)
Gen. the intercompany exchange of
computer-processible business
information in standard format
EDI Standards
Key to EDI success is the use of a standard format for
messaging between dissimilar systems.
Financial EDI
Using electronic funds transfer (EFT) for cash disbursement and
cash receipts processing is more complicated than using EDI for
purchasing and selling activities
What are the benefits of EDI?
The following are some common EDI cost
savings that justify the approach:
●
●
●
●
●
●
Data Keying
Error Reduction
Reduction of Paper
Postage
Automated Procedures
Inventory Reduction
03 EDI Controls
Transaction Authorization and Validation
Value-Added Networks
(VANs)
Validate passwords
and user ID codes
Translation Software
Validate trading partner’s ID and
password against a validation
file in the firm’s database
Trading Partner’s
Transalation Software
References the valid
customer and vendor
files to validate the
transaction
Access Control
●
●
EDI trading partners must permit a degree
of access to private data files that would
be forbidden in a traditional environment
The trading partners agreement will
determine the degree of access control in
place
Electronic Data Interchange
(EDI)
04 Audit Objectives Relating EDI
The auditor’s objectives are to determine that:
1
All EDI transactions are authorized, validated, and in compliance with the trading partner
agreement
2
No unauthorized organizations gain access to database records
3
Authorized trading partners have access only to approved data
4
Adequate controls are in place to ensure a complete audit trail of all EDI transactions
Audit Procedures Relating EDI
To achieve these control objectives, the auditor may perform the following tests of controls:
Test of
Authorization and
Validation Controls
 review agreements with the VAN facility to validate transactions and ensure that
information regarding valid trading partners is complete and correct
 Examine the organization’s valid trading partner file for accuracy and completeness
 Access to the valid vendor or customer file is limited to authorized employees only
Test of Access
Controls
Test of Audit Trail
Controls
 Reconciling the terms of trading agreement against the trading partner’s access
privileges stated in the database authority table
 Simulate access by a sample of trading partners and attempt to violate access
privileges
 Verifying that the EDI sytem produces a transaction log that tracks transactions
through all stages of processing
 Veryfying that key data values were recorded correctly at each point
Summary
EDI
Benefits
of EDI
Controls
Audit
Procedures
& Objectives
Thank
You!
Related documents
APPLICATION RISK AND CONTROLS
APPLICATION RISK AND CONTROLS
US-EDI-Teacher-Instruction-Sheet-for-software
US-EDI-Teacher-Instruction-Sheet-for-software
Example of Survey Software
Example of Survey Software
Chapter 8 – Exercise 1 1
Chapter 8 – Exercise 1 1
Job Title: Customer Service / Sales Support
Job Title: Customer Service / Sales Support
Document17871361 17871361
Document17871361 17871361
Part1 - Faculty of Computer Science and Information Technology
Part1 - Faculty of Computer Science and Information Technology
Even more on who should OWN EDI
Even more on who should OWN EDI
Document17871358 17871358
Document17871358 17871358
Download
advertisement