帮助开展 SOX 404 控制测试、样本抽取与审计底稿文档编制。
复制安装指令,让 AI 自动完成配置 · 推荐新手
请帮我安装 askskill 上的 "audit-support" 技能: 1. 下载 https://raw.githubusercontent.com/anthropics/knowledge-work-plugins/main/finance/skills/audit-support/SKILL.md 2. 保存为 ~/.claude/skills/audit-support/SKILL.md 3. 装好后重载技能,告诉我可以用了
请根据以下 SOX 关键控制信息,生成一份控制测试底稿模板,包括控制目标、风险描述、测试步骤、样本要求、预期证据、偏差记录和结论栏位:控制名称:应收账款月末对账复核;控制频率:每月;控制执行人:财务主管;控制类型:人工复核。
一份结构清晰、可直接用于审计测试的 SOX 控制测试底稿模板。
我需要对全年 240 笔采购审批记录做 SOX 控制测试,请按控制频率、总体规模和风险等级,建议样本量、抽样方法,并说明样本选择逻辑和需保留的证据清单。
一份包含样本量建议、抽样依据、选样方法和证据要求的审计抽样方案。
请根据以下情况判断属于控制缺陷、重大缺陷还是重大弱点,并说明理由及整改建议:在 25 个样本中有 4 个采购申请缺少二级审批,但金额均未超过授权阈值,且未发现实际财务损失。
一份包含缺陷等级判断、分析依据、风险影响和整改建议的说明。
Important: This skill assists with SOX compliance workflows but does not provide audit or legal advice. All testing workpapers and assessments should be reviewed by qualified financial professionals. While "significance" and "materiality" are context-specific concepts that are ultimately assessed by auditors, this skill is intended to assist professionals in the creation and evaluation of effective internal controls and documentation for audits.
SOX 404 control testing methodology, sample selection approaches, testing documentation standards, control deficiency classification, and common control types.
SOX Section 404 requires management to assess the effectiveness of internal controls over financial reporting (ICFR). This involves:
An account is significant if there is more than a remote likelihood that it could contain a misstatement that is material (individually or in aggregate).
Quantitative factors:
Qualitative factors:
| Account Type | Key Assertions |
|---|---|
| Revenue | Occurrence, Completeness, Accuracy, Cut-off |
| Accounts Receivable | Existence, Valuation (allowance), Rights |
| Inventory | Existence, Valuation, Completeness |
| Fixed Assets | Existence, Valuation, Completeness, Rights |
| Accounts Payable | Completeness, Accuracy, Existence |
| Accrued Liabilities | Completeness, Valuation, Accuracy |
| Equity | Completeness, Accuracy, Presentation |
| Financial Close/Reporting | Presentation, Accuracy, Completeness |
Design effectiveness: Is the control properly designed to prevent or detect a material misstatement in the relevant assertion?
Operating effectiveness: Did the control actually operate as designed throughout the testing period?
When to use: Default method for transaction-level controls with large populations.
Method:
Advantages: Statistically valid, defensible, no selection bias Disadvantages: May miss high-risk items, requires complete population listing
…
帮助团队跟踪合规要求、审计准备进度与相关证明文档。