Printer Friendly

EDI for Managers and Auditors.

Electronic data interchange (EDI) is nothing new. The first set of standards for EDI was published in 1975. The standards have, however, been continually updated with advancing technology. It is a topic of great interest to managers, who must seek new ways to ensure that the integrity, security, and confidentiality of information is maintained between users.

EDI for Managers and Auditors provides an interesting discussion of these issues. The authors, who are careful to describe what EDI is and is not, define EDI as an "exchange of electronic business documents between trading partners computer to computer, in a standard format, thus allowing these documents to be received, validated, and accepted into the job stream of the receiving computer and immediately processed if so desired."

This book is organized in two parts. Part one of the describes the EDI environment, including management, security technology, controls, evaluation packages, and the legal issues involved in implementation. Part two describes the auditability of EDI and the procedures involved.

Even though this book was written and published in Canada, EDI had its beginnings in the United States and is now gaining worldwide attention as a viable vehicle for international trade because it permits cost savings and optimal management of operations.

The authors describe EDI's benefits and advocate the use of risk analyses for prudent management, depending on the nature of the transactions and their transmission from point to point. They describe the American National Standards Institute's (ANSI) representation on the International Standards Organization and identify two related technical standards for the security of EDI. They also describe preceding ANSI standards and how security incidents should be reported to users.

The use of EDI is a growing process that has expanded globally. EDI for Managers and Auditors is well written and emphasizes that commercial organizations must continually review, revise, and update security controls as they increase reliance on the EDI system.

This resource would be helpful to any organization contemplating the use of the EDI process.

Reviewer: Howard Keough, CPP, is a security consultant in Rockville, MD, and a member of the ASIS Standing Committee on Computer Security.
COPYRIGHT 1992 American Society for Industrial Security
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 1992 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Author:Keough, Howard
Publication:Security Management
Article Type:Book Review
Date:Dec 1, 1992
Previous Article:Toll Fraud and Telabuse.
Next Article:Training tomorrow's security specialist.

Related Articles
Recordkeeping for electronic transactions.
Implications of computers in financial statement audits.
EDI and the tax department.
Update on FTA EDI Audit and Legal Issues Task Force.
Auditing electronic data: a report of the Steering Committee Task Force on EDI Audit and Legal Issues for Tax Administration.
Digital Accounting: The Effects of the Internet and ERP on Accounting.

Terms of use | Copyright © 2018 Farlex, Inc. | Feedback | For webmasters