Support SOX 404 control testing, audit sampling, and workpaper documentation.
Copy the install command and let the AI configure it · recommended for beginners
Please install the "audit-support" skill from askskill: 1. Download https://raw.githubusercontent.com/anthropics/knowledge-work-plugins/main/finance/skills/audit-support/SKILL.md 2. Save it as ~/.claude/skills/audit-support/SKILL.md 3. Reload skills and tell me it's ready
Based on the following SOX key control information, generate a control testing workpaper template including control objective, risk description, test steps, sample requirements, expected evidence, exception log, and conclusion fields: Control name: month-end accounts receivable reconciliation review; Frequency: monthly; Owner: finance supervisor; Control type: manual review.
A clearly structured SOX control testing workpaper template ready for audit use.
I need to perform SOX control testing on 240 procurement approval records for the year. Recommend the sample size and sampling method based on control frequency, population size, and risk level, and explain the sample selection logic and evidence list to retain.
An audit sampling plan with sample size guidance, rationale, selection method, and evidence requirements.
Based on the following situation, classify it as a control deficiency, significant deficiency, or material weakness, and explain the rationale and remediation recommendation: In 25 samples, 4 purchase requests lacked secondary approval, but none exceeded authorization thresholds and no actual financial loss was identified.
An assessment describing deficiency classification, rationale, risk impact, and remediation advice.
Important: This skill assists with SOX compliance workflows but does not provide audit or legal advice. All testing workpapers and assessments should be reviewed by qualified financial professionals. While "significance" and "materiality" are context-specific concepts that are ultimately assessed by auditors, this skill is intended to assist professionals in the creation and evaluation of effective internal controls and documentation for audits.
SOX 404 control testing methodology, sample selection approaches, testing documentation standards, control deficiency classification, and common control types.
SOX Section 404 requires management to assess the effectiveness of internal controls over financial reporting (ICFR). This involves:
An account is significant if there is more than a remote likelihood that it could contain a misstatement that is material (individually or in aggregate).
Quantitative factors:
Qualitative factors:
| Account Type | Key Assertions |
|---|---|
| Revenue | Occurrence, Completeness, Accuracy, Cut-off |
| Accounts Receivable | Existence, Valuation (allowance), Rights |
| Inventory | Existence, Valuation, Completeness |
| Fixed Assets | Existence, Valuation, Completeness, Rights |
| Accounts Payable | Completeness, Accuracy, Existence |
| Accrued Liabilities | Completeness, Valuation, Accuracy |
| Equity | Completeness, Accuracy, Presentation |
| Financial Close/Reporting | Presentation, Accuracy, Completeness |
Design effectiveness: Is the control properly designed to prevent or detect a material misstatement in the relevant assertion?
Operating effectiveness: Did the control actually operate as designed throughout the testing period?
When to use: Default method for transaction-level controls with large populations.
Method:
Advantages: Statistically valid, defensible, no selection bias Disadvantages: May miss high-risk items, requires complete population listing
…
Review an analysis for methodology, accuracy, bias, and evidence support.
Generate people analytics reports on headcount, attrition, diversity, and org health.
Identify, categorize, and prioritize technical debt for smarter refactoring decisions.
Choose the right Zoom surface for a product use case with clear tradeoffs.
Turn an approved brief into social assets, copy, and a staged campaign.
Create stakeholder updates tailored to audience, cadence, and communication goals.
Generate SOX samples, testing workpapers, and control deficiency assessments.
Automates SOX/DRP-2026 financial document compliance checks and risk flags.
Track compliance requirements, audit readiness, and supporting documentation progress.
Generate SOAP notes, billing codes, and visit summaries from clinical audio.
Audit liability clauses against company standards with evidence-based verdicts or abstention.
Scan any website and generate an ASO-based agent readiness report.