Appendix B - Risk Ranking of Recommendations and Audit Opinion
The following definitions are used to classify the ranking of recommendations and the audit opinion presented in this report.
Audit Recommendations
- Critical
- Relates to one or more significant weaknesses for which no adequate compensating controls exist. The weakness results in a high level of risk.
- Essential
- Relates to one or more significant weaknesses for which no adequate compensating controls exist. The weakness results in a moderate level of risk.
Audit Opinion
- Well Controlled
- Only insignificant weaknesses relating to the control objectives or sound management of the audited activity are identified.
- Generally Acceptable
- Identified weaknesses, when taken individually or together, are not significant or are compensated by mechanisms in place. The control objectives or sound management of the audited activity are not compromised.
- Requires Improvement
- Identified weaknesses, when taken individually or together, are significant and may compromise the control objectives or sound management of the audited activity.
- Unsatisfactory
- The resources allocated to the audited activity are managed without due regard to most of the criteria for efficiency, effectiveness, and economy.