
This sample helps to determine the severity of any deficiencies cited during the SOX documentation and testing process.
Evaluation criteria includes evidence deficiencies, potential impact to financial statements, safeguarding of assets and antifraud controls, likelihood that an error could occur, compensating controls, and multiple similar control deficiencies. This assessment is separated into three parts: inconsequential, significant and material. Evidential deficiencies include those deficiencies that are solely evidentiary in nature.