Systems
SOX Testing
Math is hard :(
Workpapers
Deloitte
100

This system is used for credit card exceptions.

What is CCE?

100

The two regulators that monitor compliance with SOX ICFR requirements. 

What is the SEC and PCAOB?

100

18 + 15 = ??

What is 33?

100

The frequency of your control if your population for the year is 9.

What is Monthly?

100

DTE stands for this.

What is Deloitte Time & Expense?
200

The three applications used as change management tools (development and deployment). 

What are GitHub, Dimensions and Jenkins? 

200

The two factors we consider when evaluating a control performer.

What is competency and authority?  

200

11 x 12 = ??

What is 132?

200

The number of samples you reperform testing over if Internal Audit tested 12 samples. 

What is 3 reperformance samples? 

200

Your snapshots should cover this percentage of your total client hours.

What is 80%?

300

RMSA contains these two modules.

What is Retail Sales Audit (ReSA) and Retail Management System (RMS)?

300

The Sarbanes-Oxley Act passed in this year.

What is 2002?

300

The square root of 169 is ??

What is 13?

300

The following test attribute is a part of this control:
Review was properly documented and performed at the appropriate level of detail to ascertain that Segregation of duties between implementer and change reviewer functions.

What is 7.5 control?

300

This is the number of CPE credits required for staff every year. 

What is 40 credits? 

400

Oracle RGBU (also known as NAM SaaS) stands for this.

What is Oracle Retail Global Business Unit?

400

The number of tests you need to perform for an automated control that has configured 4 edit checks.

What is 5 tests (4 negative and 1 positive)?

400

4 * (13 - 5) = ??  (using order of operations)

What is 32? 

400

This is Gap's audit period (entire period XX/XX/2022 - XX/XX/2023).

What is 1/30/2022 - 1/28/2023?

400

These are the four types of Business Chemistry. 

What are Guardian, Driver, Integrator and Pioneer?

500

Tririga contains these two modules/systems.

Hint: 1 of them is not in-scope.

What is TELMS and REDEX?

500

Name three of five COSO framework components.

What is (1) control environment, (2) control activities, (3) risk assessment, (4) information and communication, (5) monitoring activities.

500

Name five prime numbers (only divisible by 1).

What are 2, 3, 5, 7, 11, 13, 17, 19, 23, 29? 

500

Your sample size for a control that is Higher RAIT, Higher RAWC and a population of 15.

What is a sample size of 8?

500

The names for the two ways to view your schedule on MySource. 

What are Forecast View and Calendar View? 

M
e
n
u