MYCPE ONE

SOX Access Reviews: Common Pitfalls and Audit Findings 1 Credit

SOX Access Reviews: Common Pitfalls and Audit Findings 1 Credit

  • Jen Nelson

    | CISA, CIA

  • Rating

    5

  • Published on

    July, 2026

  • Subject Area

    Auditing

Select your learning mode

  • Access the course at your convenience
  • Take the assessment test
  • Get your certificate
  • Attend the live interactive session
  • Answer the polling questions
  • Get your certificate

Access to this course is included with a MYCPE ONE subscription.

See how subscription works

Learning Objectives

  • Identify common access review pitfalls that lead to SOX deficiencies.
  • Evaluate access review design against SOX expectations.
  • Understand why access reviews fail despite appearing complete.
  • Improve access review documentation, evidence, and reviewer independence.
  • Analyze common weaknesses related to scoping, privileged access, and review execution.
  • Assess practical approaches for strengthening access review controls and reducing audit risk.

Course Overview

Access reviews are a foundational IT general control relied upon in SOX environments to support internal control over financial reporting. Although many organizations perform periodic user access reviews, weaknesses in scoping, reviewer independence, documentation, and execution often reduce the effectiveness of these controls and increase the risk of audit findings. Understanding how access reviews are evaluated is essential for maintaining a strong control environment and supporting audit readiness.

This course examines the common pitfalls that lead to ineffective SOX access reviews and recurring audit deficiencies. Participants will explore issues involving system scoping, incomplete user populations, privileged access, segregation of duties considerations, reviewer accountability, review execution, and evidence retention. The course also explains how auditors assess access review controls and why reviews that appear complete may still fail under inspection.

Major Topics:

  • SOX Access Review Fundamentals
  • System Scoping and Population Risks
  • Privileged Access Reviews
  • Segregation of Duties Considerations
  • Reviewer Independence and Accountability
  • Access Review Execution Pitfalls
  • Documentation and Evidence Requirements
  • Common SOX Audit Findings
  • Risk-Based Access Reviews
  • Audit Readiness and Control Effectiveness

Attendees will gain practical insight into strengthening access review programs through risk-based scoping, effective review procedures, clear documentation, and independent oversight. By understanding common review weaknesses and auditor expectations, participants will be better prepared to improve control effectiveness, reduce audit risk, and support successful SOX compliance efforts.

For more SOX-related Courses, Click Here.

On Demand Credits for All Qualifications

License details Credits Status
Auditing for Certified Public Accountants (CPA-US) 1 CPE Approved
Governance, Risk Management, and Control for Certified Internal Auditors (CIA) 1 CPE Eligible
Information Asset Security and Control for Certified Information Systems Auditor (CISA) 1 CPE Eligible
Auditing for Certification in Risk Management Assurance (CRMA) 1 CPE Eligible
IT Risks, Process, Controls and Assessment for Certified Information Technology Professionals (CITP) 1 CPD Eligible
Auditing for Delaware Licensed Public Accountant (DE-LPA) 1 CPE Approved
Governance, Risk Management, and Control for Internal Audit Practitioner (IAP) 1 CPE Eligible
Auditing for Certified Internal Controls Auditor (CICA) 1 CPE Eligible
Auditing for Qualification in Internal Audit Leadership (QIAL) 1 CPE Eligible
Auditing for Iowa Licensed Public Accountant (IA-LPA) 1 CPE Approved
Auditing for Certified Controls Specialist (CCS) 1 CPE Eligible
Auditing for Maine Licensed Public Accountant (ME-LPA) 1 CPE Approved

Additional Information

Credit

1

Course Level

Intermediate

Instructional Method

QAS Self Study

Group Internet Based

NASBA APPROVED

MY-CPE LLC, 1600 Highway 6 south, suite 250, sugar land, TX, 77478

MY-CPE LLC is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org.

Take charge of your career with MYCPE ONE’s online CPE courses designed for CIA professionals. Earn essential CIA CPE credits while expanding your expertise, all from the convenience of your schedule and location. Our courses dive into a variety of relevant topics, keeping you updated on the latest trends and developments in your field. With flexible scheduling and content led by industry experts, MYCPE ONE makes professional learning easy and impactful. Join us today to access powerful resources that help you grow and achieve your career goals. At MYCPE ONE, we’re here to be your trusted partner in success. 

 

About Instructor

Jen Nelson

Jen Nelson | CISA, CIA

Dunkin Consulting

  • 4.7
  • rating
  • rating
  • rating
  • rating
  • rating

Jen Nelson, CISA, CIA, is an accomplished IT audit and compliance consultant with more than 17 years of experience, including nine years in Big 4 public accounting. She operates her own consulting practice dedicated exclusively to IT SOX (U.S. and UK) and SOC 1/SOC 2 compliance, where she helps organizations design, assess, and strengthen effective IT control environments across diverse industries and systems.


Jen has successfully guided clients through audits, readiness projects, and control remediation. She also contracts in quality control and training, helping audit teams refine their workpapers and elevate audit quality. Renowned for her clear, practical advice and deep technical knowledge, Jen holds both the CISA and CIA credentials.

On Demand FAQs

What is Self Study (QAS)?

Self Study QAS (Quality Assurance Service) is a NASBA and other regulatory bodies approved program designed for Professionals to complete their Continuing Professional Education credits through self-paced, interactive courses that meet the highest standards of quality and compliance. Our courses qualify for credits with NASBA, IRS, CFP Board, HRCI, SHRM, Payroll Org, FP Canada, and 25+ other professional organizations.

How do I earn CPE credits through self-study?

To earn CPE credits, you must complete the self-study course, pass the required assessments, and submit the necessary documentation. Credits are awarded based on the completion of course hours and successfully passing the assessments.

Are the self-study courses accepted by NASBA and other professional organizations?

MY-CPE LLC courses are accepted for continuing education credit by various professional certification programs, including NASBA, IRS, CFP Board, and HRCI. MY-CPE LLC is also recognized by SHRM to offer Professional Development Credits (PDCs) for SHRM-CP® and SHRM-SCP® recertification activities.

What are the requirements to maintain compliance with self-study courses?

To maintain compliance, you must follow the guidelines set by NASBA and other regulatory bodies, which include completing the course within the specified timeframe, passing the assessments, and keeping accurate records of your learning activities.

How can I access my course completion certificates?

After successfully completing a self-study course and passing the assessments, you can access and download your course completion certificates from your account dashboard on our platform. These certificates are recognized by NASBA, IRS, CFP Board, HRCI, SHRM, Payroll Org, FP Canada, and 25+ other professional organizations for compliance and reporting purposes.

How are credits reported to governing bodies?

We issue instant credit certificates, ensuring they are valid for presentation to governing bodies. Typically, we report IRS, CTEC, CFP, IDFP, IWI, VBOA Ethics credits within 7 days – the fastest in the industry.

Reviews and Ratings

out of 5

Excellent (100%)

Very Good

Average

Poor

Terrible

Recommended Courses

Cash Cycle Walkthrough: Key Audit Steps Explained

Jul 06, 09:30 AM EDT

  • CPA (US)
  • CIA
  • CFE
  • CMA
  • CGMA
  • CRMA
  • CPA/CFF
  • CGFM
  • CGAP
  • DE LPA
  • IAP
  • CICA
  • QIAL
  • IA LPA
  • CCS
  • ME LPA

Special Audit Considerations: Ensuring Compliance and Accuracy

Jul 06, 03:00 PM EDT

  • CPA (US)
  • CIA
  • CFE
  • CMA
  • CPA/CFF
  • CGFM
  • CGAP
  • DE LPA
  • IAP
  • Yellow Book
  • CICA
  • QIAL
  • IA LPA
  • CCS
  • ME LPA

Government Benefits Fraud: Current Regulatory Landscape Update

Jul 06, 03:00 PM EDT

  • CPA (US)
  • CIA
  • CFE
  • CRMA
  • CPA/CFF
  • CGFM
  • CGAP
  • DE LPA
  • IAP
  • CICA
  • MAFF
  • QIAL
  • IA LPA
  • CCS
  • ME LPA

Audit Testing Failures and Quality Review Findings

Jul 07, 09:30 AM EDT

  • CPA (US)
  • CIA
  • CFE
  • CMA
  • CRMA
  • CPA/CFF
  • CGFM
  • CGAP
  • DE LPA
  • IAP
  • CICA
  • QIAL
  • IA LPA
  • CCS
  • ME LPA

Audit Walkthrough for Internal Controls and Risk Detection

Jul 07, 10:00 AM EDT

  • CPA (US)
  • CIA
  • CFE
  • CMA
  • CGMA
  • CRMA
  • CPA/CFF
  • CGFM
  • CGAP
  • DE LPA
  • IAP
  • CICA
  • QIAL
  • IA LPA
  • CCS
  • ME LPA

ITGCs Supporting Automated and IT Dependent Controls

Jul 07, 11:30 AM EDT

  • CPA (US)
  • CIA
  • CFE
  • CMA
  • CISA
  • CGMA
  • CRMA
  • CPA/CFF
  • CGFM
  • CGAP
  • DE LPA
  • IAP
  • CICA
  • QIAL
  • IA LPA
  • CCS
  • ME LPA
SOX Access Reviews: Common Pitfalls and Audit Findings

Inclusions

  • Multiple Credits

    Multiple Credits

    Earn continuing education credits with flexibility. Choose from live webinars, on-demand courses, e-books, or podcasts to fit your learning style and schedule.

  • Certifications & Reporting

    Certifications & Reporting

    We issue instant credit certificates, ensuring they are valid for presentation to governing bodies. Typically, we report IRS, CTEC, CFP, IDFP, IWI, VBOA Ethics credits within 7 days - fastest in the industry.

  • Credit Tracker

    Credit Tracker

    Track and manage your compliance across all 50 states and over 100 designations. Our Credit Tracker keeps your CPE credits and compliance requirements always up-to-date.

  • Certificate Vault

    Certificate Vault

    Certificate Vault to upload, manage, and access certificates earned from various sources and an integrated credit tracker, allowing users to monitor and manage their credits conveniently for compliance.

  • Compliance Reminders

    Compliance Reminders

    Stay current with our automated reminder system. Receive timely alerts for your CPE requirements, ensuring you never miss a deadline.

  • Mobile App Access

    Mobile App Access

    The MYCPE ONE Mobile App allows you to learn on the go, providing access to educational content on Android and Apple iOS devices. You can learn anytime and anywhere, making it convenient for busy schedules.

  • Live Support

    Live Support

    Our support team is available via live chat, email, and phone from 9 AM to 5 PM ET. We're here to help with any questions or issues, ensuring you have a seamless experience.

Exclusive mobile
app for our unlimited
access subscribers

Get Started with Unlimited Learning

Select your plan, complete your payment, and access a world of knowledge.

Get Started Today

Start your journey towards learning and compliance.

card

$299$199 For 12 Months

Your information is securely encrypted using SSL

Get Started Today

Click Here

More Reasons to Subscribe

  • true true

    80% of Content Rated 4.5+ Stars

    High-quality content rated by professionals.
  • true true

    4X More Content at 1/3rd the Price

    Serious value compared to your regular provider!
  • true true

    Non-Sponsored Content

    Purely educational, unbiased content for your learning.
  • true true

    Monthly & Quarterly Updates

    Keeping you ahead of trends and changes.
  • true true

    Podcasts with Industry Leaders

    Learn and Earn CPE from experts on the go.
More Reasons