LOCATION/DATES: Please inquire

COURSE OBJECTIVES

• Provide an overview of EDI systems and present EDI technology

• Analyze risks and exposures of operating in an EDI environment

• Discuss controls of EDI systems and audit guidelines

WHO SHOULD ATTEND

• Executives and managers responsible for spearheading, implementing and managing electronic data interchange (EDI) programs

• Internal, external and EDP auditors

• Legal counsel information security, users, designers, and consultants

COURSE OUTLINE

1. EDI AND IMPACT ON BUSINESS AND SECURITY. 

1. What is EDI and its impact on businesses?

2. EDI Systems.

3. Security and control implications. Electronic commerce.

2. THREATS AND EXPOSURES IN EDI SYSTEMS.

1. Security threats.

2. EDI transaction authenticity and authorization.

3. A CONTROL FRAMEWORK FOR EDI.

1. Defining control zones and exposure.

4. COMPENDIUM OF CONTROLS FOR EDI.

1. Controls for trading partners.

2. Controls for Source Point.

3. Controls over EDI processing.

4. Controls for Third-Party Services (VANs).

5. Controls over the Trading agreement.

6. Controls over EDI Communication Networks.

5. AUDIT CONCERNS AND AUDIT APPROACHES.

1. Security threats.

2. EDI transaction authenticity and authorization.

3. Legal and regulatory exposures. Errors and omissions threats. Audit approaches and review areas.

Participants will receive course notes and sections of a proprietary EDI controls manual.  They can obtain the complete manual at a special discounted price.