Our EDI/B2B Risk Assessment Expertise
Overview of EDI Specialists Risk Assessment Experience:
| • |
Technical Risk Assessment expertise-including in-depth knowledge of EDI, B2B, and Internet security.
|
| • |
Business Risk Assessment expertise-process improvement, process documentation, project leadership, and culture analysis and management.
|
Proficiency in industry accepted standards and in using related procedures and documents in the assessment process:
| • |
ANSI ASC X12
|
| • |
GS1/GDSN
|
| • |
IETF EDIINT
|
| • |
SEC (Securities and Exchange Commission)
|
| • |
ISO/IEC 17799:2005, the international standard Code of Practice for Information Security Management
|
| • |
Committee on Sponsoring Organizations of the Treadway Commission (COSO)
|
| • |
Control Objectives for Information and related Technology (COBIT)
|
| • |
National Institute of Standards and Technology (NIST)
|
Direct participation in EDI/B2B standards development:
| • |
Chair of the eTG (eCom Technology Group) Committee of GS1 which defines technical requirements on B2B message transport and routing, message architecture, security, and more.
|
| • |
Chaired work group at ANSI ASC X12 that developed a cross-industry guideline for Internet EDI/XML transport.
|
| • |
Chaired the Texas Data Transport Working Group, tasked with the development of the EDI and XML transport standards for the State of Texas Energy Deregulation.
|
| • |
Provided EC/EDI/Internet security training and development for the Data Interchange Standards Association (DISA), the administrative entity that supports ANSI ASC X12.
|
Over 15 years EDI/EC leadership, business development, and technical expertise; and 25 years IT management and technical experience.
Successful implementation of secure traditional EDI and internet EDI, EC, and XML systems for clients in the retail, energy, electronics, and semi-conductor industries, and for governments and associations.
Hands-on experience with technical EDI/Internet security and transport components:
| • |
EDIINT AS1, AS2, AS3
|
| • |
ebXML Message Services
|
| • |
FTP-File Transfer Protocol
|
| • |
Secure FTP-Secure File Transfer Protocol
|
| • |
FTP/SSL-File Transfer Protocol/Secure Socket Layer
|
| • |
HTTP-HyperText Transfer Protocol
|
| • |
HTTPS/SSL-Secure Hypertext Transfer |
| • |
Protocol/Secure Socket Layer
|
| • |
IMAP-Interactive Mail Access Protocol
|
| • |
IPSec-Internet Protocol Secure
|
| • |
L2TP-Layer 2 Tunneling Protocol
|
| • |
PGP-Pretty Good Privacy
|
| • |
OpenPGP/GnuPG
|
| • |
POP3-Post Office Protocol Version 3
|
| • |
PPTP-Point-to-Point Tunneling Protocol
|
| • |
S/MIME-Secure Multipurpose Internet Mail |
| • |
Extensions
|
| • |
SMTP-Simple Mail Transport Protocol
|
| • |
TCP/IP-Transmission Control Protocol/Internet |
| • |
Protocol
|
| • |
TELNET-Network Virtual Terminal Internet Protocol
|
| • |
Tunnels/VPN-Virtual Private Networks
|
| • |
XML Encryption and digital signature
|
« Back to Risk Assessment page
|
800 821 4644
(download .pdf)
