Appendix B – Risk Ranking of Recommendations and Audit Opinion

Appendix B – Risk Ranking of Recommendations and Audit Opinion

The following definitions are used to classify the ranking of recommendations and the audit opinion presented in this report.

Audit Recommendations

Critical
Relates to one or more significant weaknesses for which no adequate compensating controls exist. The weakness results in a high level of risk.
Essential
Relates to one or more significant weaknesses for which no adequate compensating controls exist. The weakness results in a moderate level of risk.

Audit Opinion

Well Controlled
Only insignificant weaknesses relating to the control objectives or sound management of the audited activity are identified.
Generally Acceptable
Identified weaknesses, when taken individually or together, are not significant or are compensated by mechanisms in place. The control objectives or sound management of the audited activity are not compromised.
Requires Improvement
Identified weaknesses, when taken individually or together, are significant and may compromise the control objectives or sound management of the audited activity.
Unsatisfactory
The resources allocated to the audited activity are managed without due regard to most of the criteria for efficiency, effectiveness, and economy.