NCJ Number
150264
Journal
Security Journal Volume: 4 Issue: 2 Dated: (April 1993) Pages: 97-104
Date Published
1993
Length
8 pages
Annotation
The implementation of electronic data interchange (EDI) to create a paperless purchasing environment presents new security challenges that require both small and large businesses to increase their vigilance toward the possibility of fraud and ensure effective security measures.
Abstract
Purchasing is a basic function for all businesses. Clerical functions are one of the most visible parts of purchasing activity, involving quotation requests, supplier surveys, specifications, statements of work, correspondence, and many kinds of forms. EDI is a comparatively new technology but is not in use worldwide in purchasing functions. Like every other financial process, purchasing is vulnerable to internal and external fraud. A fraud prevention plan should be a team project involving security, network, accounting, and purchasing management. Crucial areas of a prevention plan include authority and responsibility for supplier selection; the procedures for controlling supplier information and order entry; the controls for both manual and EDI purchasing; the physical setting of the purchasing department; computer, network, and communications security; and purchasing staffing. Specific measures should include clear definition and documentation of authority, strict control and verification procedures, sophisticated passwords, encryption, physical security of the purchasing area, and staffing by qualified personnel. Tables and 33 references