When evaluating the controls of an EDI application, an IS auditor should PRIMARILY be concerned with the
risk of:

A.
excessive transaction turnaround time.

B.
application interface failure.

C.
improper transaction authorization.

D.
nonvalidated batch totals.

Explanation:
Foremost among the risks associated with electronic data interchange (EDI) is improper transaction
authorization. Since the interaction with the parties is electronic, there is no inherent authentication. The other
choices, although risks, are not assignificant.