Control and Audit of Electronic Data Interchange

Electronic DataInterchange Control and Audit of Electronic Data Interchange By: JamesV. Hansen NedC. Hill Marriott Schoolof Management BrighamYoungUn...
1 downloads 2 Views 684KB Size
Electronic DataInterchange

Control and Audit of Electronic Data Interchange By: JamesV. Hansen NedC. Hill Marriott Schoolof Management BrighamYoungUniversity Provo, Utah 84602

Abstract Electronic data interchange (EDI) is the movement of information electronically betweena buyer and seller for purposesof facilitating a business transaction. EDI represents a powerful application of computer-communications technology. Its value includes such benefits as reduced paperwork, elimination of data entry overheads, improved accuracy, timely information receipt, accelerated cash flow, and reducedinventories. EDI brings with it, however, new and important control considerations. This article discusses,in a non-technical fashion, the control architectures and concerns associated with EDI. Audit considerations in the EDI environment, as well as related audit tools, are also outlined. Keywords: Data communications, control and audit, electronic data interchange ACMCategories: H.4.3, K.6.4

Introduction Manyfirms in a numberof industries are adopting business strategies based upon electronic data interchange (EDI), Documented benefits accruing from EDI include reduced order lead times; higher customerservice level; fewer outof-stock situations; improved communication about promotions, price changes, and product availability; lower inventory costs; better accuracy in ordering, shipping, and receiving; and reductions in labor costs (Stern and Kaufman, 1985). Survey results summarizedin the next section showthat EDI is increasing steadily as a means of conductingbusiness.Thethesis of this article is that EDI changesthe control and audit environment, but that methodsand procedures exist that are responsive to those changes. Our objective is to increase the reader’s understanding of both areas. To that end, the discussion centers on the following areas: The first part of the article presents somerelevant results from a recent survey, establishes fundamentalsandterminology, and provides an overview of someof the control issues associatedwith EDI. The next part of the article outlines a suggestedEDIcontrol architecture, discussessomeof the morefrequently raised concerns by firms considering EDI, and suggests how those concerns maybe addressed.Thelast part of the article discusses audit considerations and tools appropriate to EDI, notes a change in audit boundaries, and finallyl offers someconcluding remarks.

Recent Survey Findings It maybe of interest to briefly consider some recent survey findings related to perceived EDI benefits amongthe business community. The most comprehensiveand current survey of EDI use was completed by EDI Research, Inc. 1 (EDI Research,1988). Thesecondauthor of this article played a major role in this survey. Respondents whowere currently using, or planning to use, EDI 1This survey data wasproducedfrom a telephone surveyof 1094U.S. firms representingtotal sales of 15%of all U.S. sales volume.The sizes of the firms rangedfrom$30million to $2billion in sales. Intervieweeswere quite evenly divided among the functional areasof marketing,purchasing,manufacturing, logistics, andfinance.Twelve standardindustry classification codesare representedby the respondent firms.

MIS Quarterly/December 1989 403

ElectronicDataInterchange

wereaskedwhy. Thequestionwaspresentedin open-ended form, and responses weregroupedto represent,as nearlyas possible,the wordsof the respondents (see Table1). Themostfrequently mentioned benefit, "quickresponse andaccessto information,"wasmentioned nearlytwiceas often as anyother reason.Thesecondmostfrequently mentioned benefit was"cost efficiency," followed closely by "customer request."The"effect of EDI on paperwork"wasnotedby 12.4 percent of the respondentsand "accuracy"by 9.8 percent.

Table2. RatingFactorsImportantto EDI Average Benefit Factor Rating Improvedcustomerservice 4.29 Improved control of data 4.14 Reduced clerical error 3.97 3.71 Decreased administrative cost Decreased inventory cost 3.35 Increasedsales 3.25 Decreased manufacturingcost 2.75

It shouldbe notedthat someof the purported advantagesof EDI werenot perceivedas particularly importantby respondents. Forinstance, EDItypically reduceslabor costs, yet this advantagewasmentionedby less than 4 percent of the respondents.Inventory savingswasalso ratedrelatively low.

is that everybenefit mentioned in Table1 is directly or indirectly related to customer service. Rapidprocessing of information,cost efficiency, responseto customerrequest, and accuracyall influence the relationship betweenthe firm employing EDI andits customers.

Theresults of a question similar to the one above,but not openended,gavea slightly different perspective. Respondents wereaskedto rate variouspossible EDIbenefits on a 5-point scale, with "5" beingthe mostimportantand"1" beingthe least important.Theseresults are summarizedin Table2. As the table shows,the benefit rated the highestis "improved customer service." However, customer service was not mentionedat all in Table1. A possible reason Table 1, Reasons for UsingEDI Percentageof Advantages* Respondents Quick responseand 47.1% accessto information Costefficiency 20.4% 19.2% Customer’srequest 12.4% Effect of EDIon paperwork Accuracy 9.8% 5.7% Better communications Easeprocessing 5.5% for orderentry Aids in accounting, billing, etc. 5.5% 5.5% Better customerservice 4.9% Tracing shipments 4.9% Remaincompetitive 4.0% Industry standards 4.0% Increaseproductivity 4.0% Convenience Reduce manpower 3.7% 3.2% Inventorycontrol-reduct. (Table doesnot include responsesmentioned 10 or less times.)

404 MISQuarterly~December 1989

Peters(1987)cites a numberof compellingreasonswhyfirms are finding it necessary to utilize EDIin order to remaincompetitive,both domestically andinternationally.Henotesthat EDIlinks foster the exchange of a wider range of electronic documents suchas purchaseorders, material releases,advance shippingnotices, freight bills, receivingdiscrepancy reports,invoices,and remittance advicesamongtrading partners. In addition,severalbanksare also participatingin manufacturers’efforts to integrate electronic fun~:fstransfer(EFT)with EDI. Onemeasure of the strength of the EDImarketplaceis the anticipatedgrowthin the number of future EDItrading partners. In the EDIResearch surveyreferred to earlier (EDIResearch, 1988), respondents wereaskedto indicate the number of newtrading partnersthey expected to addin 1988 and 1989.Table3a showsthat two-thirds of the respondents plannedto addtrading partners.The remainingone-third did not intend to addany. Fifteen percentplannedto addmorethan 21 new partners, and 6.5 percent plannedto add more than 50. For the following year (1989), expectedgrowth in the numberof trading partners accelerated (Table 3b). Over83 percentof the respondents intend to add newEDI partners, compared to 66.5 percent in 1988. Only 17 percent do not plan to add partners during 1989.Sixteenpercent plan to add morethan 50 partners, while only 6.5 percent plannedtO add that manyin 19,88. Theaddition of trading partners alone maynot be the most compelling measureof growth in

Electronic DataInterchange

Table 3a. Intended Addition of EDI Trading Partners in 1988 Numberof Additions None 1 to 10 11 to 20 21 to 50 > 50 Don’t know

Percentage of Respondents 33.5% 41.8% 9.9% 8.4% 6.5%

Table 4. Expected Growth in EDI DocumentVolume Expected Growth < 6% 6 to 12% 12 to 18% 18 to 24% 24 to 30% > 30%

100.0% Median = 4.6 new partners

Table 3b. Intended Addition of EDI Trading Partners in 1989 Number of Additions None 1 to 10 11 to 20 21 to 50 > 50 Don’t know

Percentage of Respondents 16.9% 36.0% 17.8% 13.3% 16.0% 100.0%

Percentage of Respondents 10.1% 15.8% 11.3% 13.8% 18.6% 30.4% 100.0%

EDI Fundamentals and Definitions Electronic data interchange(EDI) is the move* ment of business documentselectronically betweenor within firms (including their agents or intermediaries) in a structured, machine-retrievable, data format that permits data to be transferred, without rekeying, from a business application in one location to a business application in anotherlocation.

Median = 9.3 new partners

the EDI marketplace.Theaddition of trading partners that have already implemented EDI may not expand the business base as much as adding trading partners that are initiating EDI. Moreover, adding newtrading partners does not necessarily translate into major increases in EDI volume. Perhaps a more important measureis the expected growth in EDI documentvolume. Another issue respondents in the EDI Research study were asked to assess was percent growth of EDI documentvolumewithin their functional areas over the next three years. Almost onethird of those answeringthis question expected a growth rate of over 30 percent, as shownin Table 4. Only 10 percent assessed the growth rate at less than 6 percent. The average was in excess of 22 percent annual growth in EDI volume. Onefinal set of survey data that maybe of interest is shownin Table 5. Of the 1094 respondents, 69 percent imported or exported goods outside the U.S. Of those, 34.7 percent said they use or plan to use EDI for purposesof international trade.

There are a number of ways to transmit data electronically. In general, movingelectronic data betweentwo points is called electronic messaging. The various forms of electronic messaging maybe arrayed along a continuum (see Figure 1) from unstructuredto highly structured. As the figure shows,EDIallows the use of generic formats (such as ANSI X12) intended for use any of the trading partners, industry-specific formats designed to suit the needs of a particular type of business (e.g., automotive), as well proprietary formats that maybe limited to particular firms and their trading partners. There is sometendency to confuse EDI with certain other forms of data communication, such as facsimile transmission and electronic mail. Table 5. Planned Use of EDI for International Trade Response Yes No Don’t know

Percentage of Respondents 34.7% 47.8% 17.6% 100.0%

MIS Quarterly~December 1989 405

ElectronicDataInterchange

Highly Structured Format

Unstructured Format Facsimile Transmission

Electronic Mail

t_

Generic

~

Industry

~

Proprietary

.......S.t.a..n_~.~i_d_ ......__!.......C..°_~_v..e.~ii~.n_~..___..L.. .....F..o.r_.m..a.t. ....... Electronic DataInterchange

Figure 1. Electronic Messaging EDI, however, differs in significant ways.In the caseof facsimile transmission,businessdocumentsare sent electronically by convertingan imageof the document into digitized form. Ordinarily, the data so transmitted is not machine retrievable. Typically, the data mustbe rekeyed into a businessapplication system.EDIdata is machine retrievable, andthe architectureof EDI avoidsunnecessary re-entry of data. Some advocatesof electronic mail argue that EDIis a subfunction of electronicmail. It is true that electronic mail can movebusinessdocumentselectronically, but electronicmail is currently limited to the useof a free format,rather than the structuredformatthat definesEDI. This is an importantdistinction because it canbedifficult to designprograms that canreadelectronic mail directly into datafiles that canbe directly read and processedby business application programs. Electronic payments (EP) is a subset of EDI that involves not only the transfer of payment information betweentwo partners but also requiresa financial institution for the transferof value. The automatedclearinghouse (ACH) systemis an EPsystemthat permits the electronic movement of payment and other (limited) informationelectronically between two partners. Fedwireis another EPsystemthat involves a realtime transfer of value from one accountto another. Fedwireis sometimes also referred to as EFT(electronic fundstransfer). FinancialEDI refers to EDI messages that are connectedwith the paymentsystem.It is sometimes helpful to considerinvoices, payment advices, andcredit anddebit memos as a distinct subsetof EDItransactionssince thesemayhave implications for credit terms,banking,andthe paymentsystem.

406 MISQuarterly~December 1989

EDI’s Impacton Internal Controls Froma control andaudit standpoint,thosecharacteristics of EDIthat makeit a powerfulbusinessstrategy -- e.g., reduction of paper and human intervention, andtighter couplingof vendors and suppliers -- have a dramaticimpact. Thechangefrom paper-based transaction processing systemstowarda paperlesstransaction environmentresults in control evidencebeing foundin machine-readable formats that maybe distributedat locationsthat transcend traditional corporateboundaries.Otherimportant consequencesinclude these: ¯ Absenceof source documents-- Traditional papersourcedocuments related to transactionswith outsideparties bearingsignatures andevidencingauthorizationandother informationwill generallynot exist in the EDIenvironment,or mayonly be available for a limited period. For example,purchaseordersand invoices are receivedfromcustomers andvendors in a machinereadableformatfrom a central networkdepository. ¯ Bridging applications- Transactions may be initiated automaticallybaseduponthe occurrenceof someevent. For example,a basic invoice maybe generated, basedupon the receipt of a purchaseorder, and determination that the customer’s credit rating is satisfactoryandthat sufficient inventoryis onhand. ¯ Direct interactionwith tradingpartners-Transactions maybe initiated directly by customersandvendors.Theauthorizationof transactionsis controlledby limiting thosetrading partnersthat cangain accessto the computer system. In general,EDIcanvirtually eliminatepaperflow in the order/delivery/invoice/ payment cyclebe-

ElectronicDataInterchange

causethe computer-based networkenablestransactionsto be initiated, recorded,approved, and executed electronically. Repeated transcriptions by various parties involved in the processing cycle are eliminated becausethe computeris able to manipulateand exchangethe data in a variety of waysafter these transactionsare enteredinto the system.Hereis one example. A major auto manufacturerhas completely automated the manufacturingprocesswith a material requirementsplanning(MRP)system for materials requisition, purchasing,and inventory control. Thesystemhas entirely automatedthe process of purchasing and disbursements and is tied into the general ledger systemfor accountingand financial reporting. TheMRP systeminitiates orders andelectronically transmitspurchaseorders to company suppliers baseduponforecasted productsalesandcurrentinventorylevels. All suppliers are required to be part of the company’selectronic data interchange network. When inventory is receivedfrom suppliers, the receiving departmentusesoptical scanningequipment to identify the product.There are nopaperreceivingreports. Invoicesare receivedthroughthe electronic data interchangenetworkfrom suppliers. On a weeklybasis the machine-readable databaseof unpaidinvoices is matchedagainst the machine-readable receiving report database.Matched itemsare routedinto the cash disbursementsystem. Unmatched items on either tile are written to a temporary holding file for follow-up by the user through terminals. Payments to suppliersare initiated by the computer systemand are madeelectronically througha wire transfer of fundsat the company’scentral bank. Thecompany maintainsperpetual inventory records. Because of the historical accuracy of the MRP system,annualphysical inventories are not taken, althoughtest countsare takenin conjunctionwith the annualaudit. Thereis virtually no paperfor the auditorto examinein this system.Theonly paperis the contract betweenthe manufacturerandits suppliers. Themanufacturerhasestablisheda policy of purchasinggoodsonly throughsuppliers who

agreeto participatein the electronicdatainterchangenetwork. Suchdevelopments immediatelyraise questions concerning control.

A General EDI Control Architecture Figure2 illustrates the basicstructureof an EDI transmissiongroup. For economy of expression, wehavecalled this an EDImessage. Theinnermostboxesare comprisedof electronic representations of businessdocuments suchas purchaseorders, invoices, andremittanceadvices. In EDI parlance, an electronic businessdocumentis termeda transaction set. Transaction set control is implemented by useof transaction set headerand trailer records.Theheadersand trailers containcontrol informationsuchas destination ID, date, numberof line segments, and so on. Theyact in a manneranalogousto that of batch control tickets in routine batch processing. All transactionsets of a similar type, e.g., purchaseorder, forma functional group.Functional groupsare also providedwith headerandtrailer recordsfor control. All the functional groups taken together form an EDI messagebounded by transmissiongroup headerand trailer records. Thisdata is inserted into a transmission protocol,andtransmission is initiated. Important (andsimilar) control informationis provided the header andtrailer recordsat all threelevels. Thetransactionset (or functionalgroup,or EDI message)is uniquely identified and timestamped. Recordcountsandhashtotals are utilized to checkfor completeness.Sendingand receivingparties are uniquelyidentified in the EDI messageheaderrecords. EDIsystemsarchitectures for inboundtransaction sets andoutbound transactionsets are representedin Figures 3 and4 respectively. The communications interface maybe thought of as a modem. The EDI translator converts the incomingEDI format to that format required by the firm’s applicationprograms. Theapplication interface acceptsinput fromthe EDItranslator, accessesthe appropriate application program, ensuresthat the data is completeandis in the necessary format,then feedsthe datato the application program.Theprocessis reversedfor outboundtransactions.

MIS Quarterly/December1989 407

Electronic Data Interchange

SendingMultiple Transaction Sets CommunicationsTransport Protocol Interchange Control Header Functional GroupHeader Transaction Set Header Transaction Set (PurchaseOrder) Transaction Set Trailer Transaction Set Header Transaction Set (Purchase Order) Transaction Set Trailer

Functional GroupTrailer Functional Group Header Transaction Set Header TransactionSet (Invoice) Transaction Set Trailer

Functional GroupTrailer InterchangeControl Trailer CommunicationsTransport Protocol Figure2. EDI-- Transmission GroupNomenclature

7

EDI Interface

ICommunications~ I Interface

/

Application System

EDI Translator Application Interface

Application System

Application System Figure3. EDISystems Architecture -- Inbound Transaction Sets

408

MIS Quarterly~December

1989

ElectronicDataInterchange

Application System

EDI Interface

Application System

Application Interface

Eo, Translator

Application System

l~ommunications Interface

t-7_ -

Figure 4. EDI Systems Architecture-- Outbound TransactionSets Figure5 illustrates the specific controlfunctions that should be performedduring inboundand outboundtransaction processing. For inbound transactionsthe EDItranslator shouldcheckthe EDIformatsfor correctness,thentranslate from that format. Concurrently,a functional acknowledgement should be generatedand transmitted to the transactionoriginator. Thefunctionalacknowledgement is an electronic analogto registered mail. It providesthe senderwith immediate information on whetherthe transactionwas

received,the timeof its receipt, andanyerrors discoveredat the receiving end. If errors do occurandare of sufficient severity,the functional acknowledgement will indicate that the related transactionswererejected. TheEDItranslator canalso checkthe received messages to determine that the appropriatepasswordor authorizationis included. Theapplication interface will parsethe message into the requiredapplicationformat, and it canperform

EDI Interface Communications Interface

Inbound

Outbound

EDI Tran slato r

~

Check Formats Translate from X12 Generate FA Authorization Check FA Match Translate to X12 Build Envelopes Build FA Control Record

ApplicationsI rite rface

Applications

Parse to Application Application Pre-Edit

Gather from Application

Figure5. FunctionsPerformed by EDI Interface

MIS Quarterly~December1989 409

ElectronicDataInterchange

someedit functions(e.g., field checks)on the dataprior to inputting to the appropriateapplication program. For outbound transactionsthe EDItranslator acceptsinput fromthe applicationsystem,converts that data to EDI format, andaddsthe necessary headerandtrailer recordinformation. Themessageis then passedto the communications processor, whichprovidesthe necessarytransmission protocol information before sendingthe message over the transmissionlink. Thetransmissionlink mayconnectdirectly with the trading partner, but mostoften will go to a valueaddednetwork provided (VAN)such as McDonnell-Douglasor GeneralElectric InformationSystems.VANsprovide a goodmeasure of flexibility in termsof addingor deletingtradingpartners. Theyalso providean electronic mailboxservice that allows a trading partner to downloadmessagesat times of convenience.

EDI Control Concerns Thematerial that follows is not intendedto be exhaustive,but it is representativeof concerns that havebeenexpressed by thoseinvolved with implementing or auditingEDIsystems.Thestrategies outlined suggestthat while these are important concerns,appropriate control mechanisms are available. An awarenessof these mechanisms and howthey apply can ensureinclusion of appropriatecontrol strategies in EDI planningand implementation.

Validation of payments Concern In a paper-based transactionsystem,the standardprocedures that are followedin authorizing payments include matchingvendorinvoices with the associatedpurchaseorders and receiving documents. This allows the firm to verify that the goodswereactually ordered,that they were received,and that the invoice includescharges for only thosegoods.Confirmation that this procedure has beenaccomplishedis manifest by the signatureof the personresponsiblefor comparing documentorder information. In an EDI system both the documentand signature may be missing.

410 MIS Quarterly~December1989

EDI Control Strategy Programmed routines that matchcontrol documents(e.g., matchingthe purchaseorder, receivingreport, andinvoicebeforeinitiating payment) before allowing the next transaction . processto begincanactually enhance the validation process, whencomparedto the manual proceduresof a paper-basedsystem. That is, if the proceduresare properly programmed, there will be fewererrors causedby human fallibility. Suchvalidation procedures mustbe developedwith understandingand care, however. Efforts that slip throughvalidation procedures canpropagateloss of data integrity in a short periodof time. Codesand IDs can replace signatures. If the programmed control routine verifies that the amountson the relevant electronic documents match,a codecan be automatically applied to indicate that the appropriate procedureshave beensuccessfully completedand that evidence for payment authorizationis established.

Audit trail Concern A paper-drivensystemnaturally createsa trail of documents that allow tracking of the transaction activities. Thesedocuments are not necessary to processtransactionsin an EDI system. Whatwill the external auditors say? EDI Control Strategy This problemhas arisen in the application of data communications in general. With EDI, data entry is usually accomplished in oneof three ways: 1. Sourcedocuments are batched,then entered via direct entry terminals. 2, Sourcedocuments are entered as received, 3. Transactionsare entered directly without preparation of sourcedocuments. The first case is handledin the samemanner as hatchedinput not entereddirectly. Thebatch numberserves as a batch reference. Thesecondand third casescan easily.be handled by a programmed routine that assignselec-

ElectronicDataInterchange

tronic documents to batchesit numbersautomatically. Underthe secondmethodcomputercreatedsourcedocuments are batchedand filed by entry station. Thethird method differs only becauseit requires a computer-generated substitute for a sourcedocument. Surrogatedocumentstypically indicate the personpreparingor authorizingthe transactions.

Order and payment control Concern Paper-based transactionsystemsrequire signatures in order to authorizeordersandpayments. EDI generally removes signatory authority, and it mayincreaseopportunities for unauthorized access. Whatis to prevent someone from entering an EDI systemand placing an order or authorizingthe payment to himself/herself or a cohort? Vindictive employees or inadequately trained users mayinitiate procedures that were unforeseen.In paper-based systems,the informal checkingperformedby humanworkers has served as a modest check on these contingencies. EDI Control Strategy EDIcan mitigate the abovecontrol problemsby implementing the followingprocedures. A file can be createdto holdpurchase ordersthat, in fact, require managerialapproval-- e.g., unusually largeorders,ordersin excess of credit limit, and so on. Levelsof password control canbe implementedto restrict accessto applications and data files. Encryptionmaybe usedto prevent data or password pirating. Computerized checks can emulate humanjudgement in detecting fraudulent activity. Despite the lack of a paper document with an authorizingsignature, somefirms considerEDI ordersas authenticif thereis a recordof subsequentpayment.If productionlead times or paymentterms render confirmation of subsequent payment difficult, the firm mayconsiderconfirming the existenceof suchEDI-transmitted orders throughindependent confirmations.Whilethis is not a failsafe procedure, it hasbeenappliedwith somesuccess. Specializedapproaches to data encryptionand authenticationhavebeendevelopedthat can be usefulin EDIsystems. A brief overview is provided in the Appendix.

Audit Considerations A role for continuous auditing Continuous processauditing offers capabilities andmethodologies that are appropriateto the nature of EDI systems.Theycan provide evidenceas well as a basis for moreefficient means of transactionprocessing.Thekey characteristics of continuousprocessauditingare: 1. Online monitoring of the major modulesof EDIprocessing. 2. Systemsmetrics for key functions of EDI processing. 3. Systemalarmsto call attention to system problems. 4. Functional acknowledgements to capture data flows anderrors within moments of their occurrence. Functional acknowledgements were noted earlier. Thediscussion that follows addresses points 1-3, above.

Online monitoring of major modules In EDI systemsthe processingcontrols mimic to somedegreethe standardcontrols found in a batch processingsystem.However,in an EDI systemthere is necessarilyan emphasis on programmed controls becauseof concurrent processingandincreasedaccessibility of files and programs.Thebulk of these programmed controls residesin a supervisoryprogram,implying that substantially moreeffort is needed in the development of test data than in a traditional system.Theimplementation of EDI controls requiresclosemonitoringto determine if thosecontrols functionas desired.A failure that goesundetectedfor a length of time canprovedamaging. Methods suchas the integratedtest facility (ITF) havepotential for EDIsystemssince they allowentry of test transactionsinto the system concurrentwith productiontransactions.

Systemsmetrics for key processing functions Softwaremonitorsmaybe useful in collecting performancemeasurement data. The principal decisionto be made whenusinga samplingsoftwaremonitor is howfrequently events should be inspected.Historical data on error typesand

MIS Quarterly/December1989 411

ElectronicDataInterchange

rates of occurrencemayassist in developinga densityfor particulartypesof controlfailure. This tool canbe valuablein the closely coupledsystems of EDI.

Systems alarms Embedded audit modulesare typically designed to monitorall transactionactivity andto notify the auditor of anyactivities havingspecialaudit significance, suchas unauthorizedattemptsto accessthe systemor dollar amountsin excess of specifiedlimits. Typically, the modulewrites all relevant informationconcerningsuchevents on a file called the audit log. Theauditor may at his or her discretionrequesta printout of the audit log for inspection.

System Boundaries and Flow of Transactions EDIsystemsprovide the potential for connecting different organizations into onelarge system. Most current applications of EDI use VANs.In such systems,the VANcan perform compliance checking on transactionformats,store data, maintain security over that data, andmaintaintransactionlogs. A large proportion of EDI systemsuse a thirdparty VANto serve as an intermediateprocessing agentto handlesuchcomplexitiesas transformationof data formatsandholdingelectronic mail until the recipient is readyto receivemessages. VANshave shownsomereluctance to allow auditors, other than their own,accessto their facilities. However, this reluctancehasbeen softenedby a recognition that VANclients are better servedby allowing one reputable audit firm to evaluatetheir operations. Theclient’s auditor (whichmaybe a different firm) thenat least hasthe benefit of a control evaluationthat has beenperformedby professional computer-audit specialists. A companyshould consider seeking the auditor’s report fromthe VAN.This practice is not yet commonplace, but should become so as EDI becomesmorepervasive.

Concluding Remarks Our message has beentwo-fold: 1. EDIsystemschangethe control andaudit environment.Theyintroduceadditionalcomplexities in initiating, recording, andexecuting trans-

412 MIS Quarterly~December1989

actions by various participants in EDI networks. Hard copy evidenceis replaced with electronic documents maintainedon computer-readablemedia.EDI systemsalso transcendthe boundaries of an entity, thuschanging the evaluation of general controls that deal with the organizationand operation of controls. Wherethird-party VANsare used, auditors needto evaluatenetworkapplication features-- either directly or throughthe VAN’sauditor. 2. Thereare means availablefor maintainingadequatecontrolandauditability in this environment. Managers and systemsdesignersneed to be aware of these methodsand proce,duresso that theyare providedfor in the EDI implementation.Wehave attemptedto outline someof these methodsand procedures. If EDIis to attain its potentialas a business strategy, its control issues must be addressedby knowledgeable planningand implementation.

References EI’)I Research, Inc. TheState of EDh1988,EDI IResearch, Inc., 1988. Hoffman,L. Modem Methodsfor ComputerSecurity andPrivacy, Prentice-Hall, Englewood Cliffs, NJ,1977. Peters, T. Thriving on Chaos,Alfred A. Knopf, Inc., NewYork, NY, 1987. Stern, L. andKaufman, P. "EDI in SelectedConsumerGoodsIndustries: An Interorganizational Perspective,"Marketingin an Electronic Age, HarvardBusinessSchoolPress, Boston, MA,1985.

About the Authors NedC. Hill holds the Joel C. PetersonProfessorship in BusinessAdministration at Brigham YoungUniversity and is one of the principals in EDIGroupLimited in OakPark, Illinois. He is editor of EDIForum:TheJournalof Electronic Data Interchange. Heco-authoredShort-Term Financial Management, published in 1988 by Macmillanand Essentials of CashManagement: A Study Guide,publishedby the National Corporate CashManagement Association in 1985. Hehas authoredmorethan 50 articles in the areasof cashmanagement, electronic data interchange,credit policy, andcorporatefinance. Hereceivedhis undergraduate training at the University of Utah and MSand Ph.D. degrees fromCornell University.

ElectronicDataInterchange

,.lamesV. Hansen is professor of computerand information systemsin the Marriott Schoolof Management at BrighamYoungUniversity. He received a BSin mathematicsfrom Brigham YoungUniversity and earnedhis Ph.D. at the University of Washington,Seattle. He was

formerly a faculty member at IndianaUniversity anda seniorresearchscientist at Battelle Institute. His researchinterests focuson the useof artificial intelligencemethods in decisionmaking, data modeling,andelectronic data interchange.

Appendix Dataencryptionis the processof convertinga normalmessage (plaintext) into a non-legiblemessage (ciphertext) that cannotbe readuntil it is decoded (decrypted)into the original plaintext form. There are a large numberof encrypting schemes that havebeenproposed(Hoffman,1977). The DataEncryption Standard(DES)is an ANSI-supported cryptographic algorithm widely used EDI applications. DESallows for 1017possible keys for producingcipher codefrom plaintext. The only party that can decryptthe data is someone whohas the samekey that wasusedfor the encryption. It wouldbe unlikely for the fastest computerto be able to discoverthe specific key usedfor encryptionin anyreasonable timeperiod. Thus,keycontrol is critical. Authenticstionbuilds uponencryptionmethods.Thepurposeof authenticationis not to providefor secrecyof data, however,but to ensurethat data is not altered during transmissionor storage(bank accountnumbers,dollar amounts,quantities order, etc.). Thewayin whichthis worksis summarized below: Examine Figure A. A plaintext message is encryptedto formthe ciphertext version of the message. Thena message authentication code termedMAC-1is formedby subtracting the key from the ciphertext. Theciphertext message and MAC-1 are sent to the receiving party. Theplaintext is then encryptedwith the samekey, and MAC-2 is formedin the samemanneras MAC-1.If MAC-1 and MAC-2 match,then the plaintext receivedmustbe the sameas the plaintext sent. Encryption Key I"EDI EDUCATION" I~-----I ~t I Plain Text

"K6Q9.WBAQ7DBN" Cipher Text Form Message Authentication Code

I MACI Transmit Plain Text and MAC-1to partner I

"K6Q9.WBAQ7DBN" Cipher Text

Form Message Authentication Code

~ Key I Encryption

I"EDI EDUCATION"~ Plain Text

.-~ MAC-214 Identical? Figure A. Data AuthenticationExample

MIS Quarterly~December1989 413