Auditing E-commerce Systems

ELECTRONIC COMMERCE (E-COMMERCE) includes all commercial activities performed through various electronic sources such as the Internet, Information Technology (IT) networks, ATM machines, electronic funds transfer (EFT), and electronic data interchange (EDI). One of its distinct characteristics is the use of computers to perform the transactions.


E-commerce involves the real-time processing of business transactions with full contractual liability either on a business-to-business (B2B) or business-to-customer (B2C) basis. This normally involves an individual entering data directly into another individual’s or organization’s computer systems. This is in contrast to electronic data interchange (EDI) where it may be considered as the computer-to-computer, application-to-application exchange of business data in a structured format. Effectively it replaces business forms such as invoices, purchase orders, checks, and so forth, with electronic transmissions.

Degrees of implementation may vary from the basic reception of a transmission on a micro computer and printing it, to a complex management of “distribution pipelines” integrating accounting and operational systems and effectively replacing paper audit trails with electronic signals.

EDI is not electronic mail, fax, or video text, although all of these may have a part in the overall network. To function effectively, EDI requires three ...

Get Auditor's Guide to IT Auditing, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.