Intermediate
SOX risk-control matrix (RCM) generator for a process
Creates a SOX RCM with risks, controls, evidence, and testing attributes. Useful for building or refreshing SOX documentation efficiently.
Generate a SOX RCM for the {process_name} process.
Inputs:
- Process description: {process_description}
- Key risks: {key_risks}
- Control activities (existing/proposed): {control_activities}
- Systems and reports: {systems_reports}
- Frequency and owners: {frequency_owners}
Output:
1) RCM table: Risk, Control, Control type (prevent/detect), Frequency, Owner, Evidence, Key report dependencies, COSO component.
2) Testing attributes and suggested sample size by frequency.
3) Gaps and recommended new controls.
4) Change log for updates since last year.
Make it easy to paste into a SOX tool.Related Prompts
Compliance & Regulatory
AdvancedCybersecurity Incident Response Plan (Firm)
A step-by-step guide for what the firm must do if client data is breached.
GPT-4oClaude 3.5 Sonnet
0
0
24
Compliance & Regulatory
AdvancedSEC Comment Letter Response Draft
Drafts a professional response to inquiries from the SECโs Division of Corporation Finance.
Claude 3.5 SonnetGPT-4o
0
0
23
Compliance & Regulatory
AdvancedSOX scoping memo: in-scope locations, systems, and accounts
Drafts a scoping memo for SOX including in-scope entities, systems, accounts, and rationale. Useful for annual SOX planning and auditor alignment.
GPT-5.2 Thinking; GPT-4.1; o3-mini
0
0
18