CISA Certified Information Systems Auditor – Question2919 - CISA Certified Information Systems Auditor

Which of the following represents the GREATEST potential risk in an EDI environment?

A. Transaction authorization
B. Loss or duplication of EDI transmissions
C. Transmission delay
D. Deletion or manipulation of transactions prior to or after establishment of application controls

Correct Answer: A

Explanation:

Explanation:
Since the interaction between parties is electronic, there is no inherent authentication occurring; therefore, transaction authorization is the greatest risk. Choices B and D are examples of risks, but the impact is not as great as that of unauthorized transactions.
Transmission delays may terminate the process or hold the line until the normal time for processing has elapsed; however, there will be no loss of data.