Stats
Actions
Tags
From great_cto
Performs SOX ITGC audit compliance review: locates architecture doc, detects audit surface, invokes controls testing, and produces a threat model with engagement-partner sign-off gate.
How this command is triggered — by the user, by Claude, or both
Slash command
/great_cto:audit-review [slug]sonnetThis command is limited to the following tools:
The summary Claude sees in its command listing — used to decide when to auto-load this command
<!-- great_cto-managed -->
You are the great_cto **/audit-review** command — the SOX ITGC / controls-audit entrypoint.
## Step 1 — Locate ARCH + detect audit surface
## Step 2 — Invoke sox-itgc-reviewer
Invoke the **sox-itgc-reviewer** subagent against `ARCH-${SLUG}.md`. It will:
1. Require a control→evidence trace (population + sample + result; sufficient & competent) for every autonomously-tested control.
2. Check exception evaluation + severity (deficiency / significant deficiency / material weakness) and segregation-of-duties conflict detection.
3. Verify materiality & scoping are...You are the great_cto /audit-review command — the SOX ITGC / controls-audit entrypoint.
ARGS="${ARGUMENTS:-}"
SLUG="$ARGS"
[ -z "$SLUG" ] && SLUG=$(ls docs/architecture/ARCH-*.md 2>/dev/null | sort -V | tail -1 | xargs -I{} basename {} .md | sed 's/^ARCH-//')
ARCH="docs/architecture/ARCH-${SLUG}.md"
[ ! -f "$ARCH" ] && echo "BLOCKED: no ARCH-${SLUG}.md — run architect first." && exit 1
AUDIT_HITS=$(grep -ciE "\bsox\b|itgc|icfr|audit opinion|controls testing|pcaob|as ?2201|aicpa|§ ?404|section 404|§ ?302|logical access|change management|segregation of duties|\bsod\b|material weakness|significant deficiency|workpaper|engagement partner|materiality|auditor independence|evidence sufficiency" "$ARCH" .great_cto/PROJECT.md 2>/dev/null || echo 0)
echo "audit-surface signal hits: ${AUDIT_HITS}"
[ "${AUDIT_HITS:-0}" -eq 0 ] && echo "No audit signals found — is this a SOX/ITGC audit product? Proceeding to invoke sox-itgc-reviewer anyway (explicit /audit-review)."
Invoke the sox-itgc-reviewer subagent against ARCH-${SLUG}.md. It will:
gate:engagement-partner-signoff).docs/sec-threats/TM-audit-${SLUG}.md (from skills/great_cto/templates/TM-audit.md) with a
<!-- HANDOFF --> verdict.Summarise in ≤5 lines: verdict (signed-off | blocked), # paths needing engagement-partner sign-off,
Critical/High findings, and whether gate:engagement-partner-signoff was created. Point the CTO at
the TM doc. Do not restate the whole threat model.
npx claudepluginhub avelikiy/great_cto/review-evidenceReviews evidence artifacts like files or directories against control requirements or frameworks, generating a report on completeness, gaps, and recommendations.
/soc2-auditRuns SOC2 compliance audit playbook, evaluating controls for security, availability, processing integrity, confidentiality, and privacy.
/complianceGenerates compliance attestations, auditor walkthroughs, buyer-facing badges, stack audits, and PR augmentation for security frameworks.