Audit Support
Skill ActiveSupport SOX 404 compliance with control testing methodology, sample selection, and documentation standards. Use when generating testing workpapers, selecting audit samples, classifying control deficiencies, or preparing for internal or external audits.
To support professionals in achieving SOX 404 compliance by providing a structured methodology for control testing, sample selection, and documentation.
Features
- SOX 404 control testing methodology
- Sample selection approaches (random, targeted, haphazard, systematic)
- Testing documentation standards and workpaper requirements
- Control deficiency classification (deficiency, significant deficiency, material weakness)
- Guidance on common control types (ITGC, manual, automated, entity-level)
Use Cases
- Generating testing workpapers for SOX compliance
- Selecting appropriate audit samples for control testing
- Classifying control deficiencies based on severity
- Preparing for internal or external financial audits
Non-Goals
- Providing audit or legal advice
- Replacing the assessment of qualified financial professionals
Practical Utility
- warning:Usage examplesWhile the SKILL.md provides detailed methodologies, sample selection approaches, and documentation standards, it lacks concrete, ready-to-use examples of invocations and their observable outcomes.
Trust
- warning:Issues AttentionThere are 29 open issues and 4 closed issues in the last 90 days, indicating a low closure rate and slow maintainer response.
Installation
First, add the marketplace
/plugin marketplace add anthropics/knowledge-work-plugins/plugin install finance@knowledge-work-pluginsQuality Score
Trust Signals
Similar Extensions
TradeMemory Protocol
100Domain knowledge for the Evolution Engine — LLM-powered autonomous strategy discovery from raw OHLCV data. Covers the generate-backtest-select-evolve loop, vectorized backtesting, out-of-sample validation, and strategy graduation. Use when discovering trading patterns, running backtests, evolving strategies, or reviewing evolution logs. Triggers on "evolve", "discover patterns", "backtest", "evolution", "strategy generation", "candidate strategy".
Gdpr Dsgvo Expert
100GDPR and German DSGVO compliance automation. Scans codebases for privacy risks, generates DPIA documentation, tracks data subject rights requests. Use for GDPR compliance assessments, privacy audits, data protection planning, DPIA generation, and data subject rights management.
Ship Gate
100Pre-production audit that scans a codebase for security, database, deployment, code quality, AI/LLM, dependency, frontend, and observability issues. Intercepts deploy commands and blocks until critical items pass. Stack-agnostic. Use for "run ship gate", "am I ready to ship", "pre-launch audit", "can I deploy", "push to production", "go live checklist", "preflight check". Not for CI/CD setup or infra provisioning.
Refactor Plan
100Prioritized redesign action plan covering quick wins, medium effort, major rework
Type Audit
100Typography-only audit covering font selection, type scale, readability, hierarchy, performance
Component Audit
100Component consistency audit covering state coverage, hierarchy, patterns