CISA Certified Information Systems Auditor – Question2927 - CISA Certified Information Systems Auditor

When evaluating the controls of an EDI application, an IS auditor should PRIMARILY be concerned with the risk of:

A. excessive transaction turnaround time.
B. application interface failure.
C. improper transaction authorization.
D. no validated batch totals.

Correct Answer: C

Explanation:

Explanation:
Foremost among the risks associated with electronic data interchange (EDI) is improper transaction authorization. Since the interaction with the parties is electronic, there is no inherent authentication. The other choices, although risks, are not as significant.