SOX Section 404 : Compliance Trivia Test! Quiz

18 Questions | Total Attempts: 165

SettingsSettingsSettings
Please wait...
SOX Section 404 : Compliance Trivia Test! Quiz

SOX section 404: compliance trivia test! Do you believe you have a proper understanding of all the guidelines laid down by the SOX and can easily pass the quiz below? To help you see how true that is, we have prepared the amazing quiz below. Be sure to check it out and see if you get all the marks right!


Questions and Answers
  • 1. 
    Manager Approvals must contain:
    • A. 

      Full Name, Userid, Roles, One ticket per Application

    • B. 

      Full Name, Userid, One ticket per Application, Roles, Business Justification

    • C. 

      Full Name, Userid, Roles, Business Justification

  • 2. 
    As an account administrator, which statement applies:
    • A. 

      Establishing access controls

    • B. 

      Documenting application processes

    • C. 

      Managing a variety of operational tasks such as user access audits, new user access requests and quality assurance

  • 3. 
    How many provisioning tools is used in administrating YSM Accounts?
    • A. 

      11

    • B. 

      12

    • C. 

      13

  • 4. 
    All YSM Accounts are SOX Compliant?
    • A. 

      True

    • B. 

      False

  • 5. 
    Which two countries arrive to the GSD bundled and pre-approved access requests from Joe (Yasumoto), Sherry, and Kawamura?
    • A. 

      Japan

    • B. 

      Korea

    • C. 

      Taiwan

  • 6. 
    Bulk Requests must contain the following:
    • A. 

      One ticket per backyard reporting manager

    • B. 

      If there are multiple employees reporting to different managers, requesters are required to organize and group them by reporting manager per ticket

    • C. 

      This can delay access request if this process is not individually broken down

  • 7. 
    GSD handles account re-authorization every:
    • A. 

      Year

    • B. 

      Quarter

    • C. 

      Month

  • 8. 
    Y! SOX 404 requirements in creating a safe, secure and auditable internal controls environment, all user access requests must contain the following?
    • A. 

      Requests must specify the Application and Role name, Business Justification, ManaManager Approval and Additional Approval may be required: Some roles require secondary approval in addition to Manager Approval

    • B. 

      Requests must specify the Application and Role name, Business Justification, Manager Approval and Additional Approval may be required: Some roles require secondary approval in addition to Manager Approval

    • C. 

      Requests must specify the Application and Role name, Secondary Approval

  • 9. 
    What are the penalties for a SOX 404 violation?
    • A. 

      It is a felony to knowingly destroy or create documents to “impede, obstruct, or influence” any existing or contemplated federal investigation. Maximum penalties for willful and knowing violations of this section are of not more than $5 million and imprisonment of up to 20 years.

    • B. 

      Failure to maintain documentation shall attract penalties up to 10 years or fine or both.

    • C. 

      The penalties for violations is up to $500,000 and 10 years in prison.

  • 10. 
    What is your role as an YSM provisioning account administrator?
    • A. 

      Establishing access control

    • B. 

      Training on application usage

    • C. 

      Documenting application processes

  • 11. 
    As an YSM provisioning account administrator, you are required to obtain?
    • A. 

      Manager Approval and Secondary Approval

    • B. 

      Employee Name, Userid, Role, Business Justification, Manager Approval, and Secondary Approval if required

    • C. 

      Business Justification, Manager Approval, and Secondary Approval if required

  • 12. 
    All GSD techs will help with obtaining information and manager approval.  What you will be handling is account provisioning checking on manager approvals, secondary approvals (if necessary) and provisoning access.
    • A. 

      True

    • B. 

      False

  • 13. 
    If an access requests come in with only an application name and without the role names,  we must ask the person requesting access if there is someone else that has the same access they need, so we can compare access or ask the manager to provide the roles.
    • A. 

      True

    • B. 

      False

  • 14. 
    What if the manager approved a ticket prior to any changes to confirmation to the Application,  Role(s) and Business Justification specified in the ticket?
    • A. 

      The objective here is the ensure there is a documented audit trail on what a manager consciously approved. we require the level of access to be explicitly stated in the ticket before managerial approval is considered to be valid.

    • B. 

      The objective here is the ensure there is a documented audit trail on what a manager unconsciously approved.

    • C. 

      The manager can approve the request prior to obtaining all the necessary information.

  • 15. 
    What if a requestor's manager is OOO or unresponsive?
    • A. 

      Employee's coworker can approve the access request

    • B. 

      You can request approval according to the chain of command

    • C. 

      Any manager in the dept can approve the request

  • 16. 
    How many contact attempts for approval do we make before reaching out to the requester informing them of their access request has not yet been approved?
    • A. 

      1

    • B. 

      2

    • C. 

      3

  • 17. 
    How many contact attempts do we make before closing out a ticket for no approval response?
    • A. 

      1

    • B. 

      2

    • C. 

      3

  • 18. 
    How many days do we keep a ticket open after trying to establish contact attempts every 24 hours from the create day?
    • A. 

      3

    • B. 

      6

    • C. 

      14

Back to Top Back to top