II.
Workflow overview
Reference · liveworkflow:sox-controls-review
SOX Controls Review overview
Evaluates IT general controls for SOX compliance — change management evidence, access review attestations, segregation of duties validation, and automated control testing results. Excludes financial statement audit procedures.
Attributes
displayName
SOX Controls Review
workflowKind
governance
triggerType
scheduled
typicalCadence
quarterly
complexity
cross-team
description
Evaluates IT general controls for SOX compliance — change management
evidence, access review attestations, segregation of duties validation,
and automated control testing results. Excludes financial statement audit
procedures.
Outgoing edges
applies_to_domain2
- domain:security·DomainSecurity
- domain:software-engineering·DomainSoftware Engineering
involves_role3
- role:security-reviewer·RoleSecurity Reviewer
- role:engineering-manager·RoleEngineering Manager
- role:staff-engineer·RoleStaff Engineer
performed_by_org_unit2
- org-unit:security-team·OrgUnitSecurity Team
- org-unit:engineering·OrgUnitEngineering
requires_skill_area2
- skill-area:k8s-rbac·SkillAreaKubernetes RBAC
- skill-area:secrets-rotation·SkillAreaSecrets Rotation
triggers_responsibility2
- responsibility:security-review·ResponsibilitySecurity review
- responsibility:run-security-scans·ResponsibilityRun security scans
Incoming edges
None.