This report uses the following definitions to classify the ranking of recommendations and the audit opinion presented in this report.
Audit recommendations
Critical
Relates to one or more significant weaknesses for which no adequate compensating controls exist. The weakness results in a high level of risk.
Essential
Relates to one or more significant weaknesses for which no adequate compensating controls exist. The weakness results in a moderate level of risk.
Audit opinion
Well-controlled
Only insignificant weaknesses relating to the control objectives or sound management of the audited activity are identified.
Generally acceptable
Identified weaknesses when taken individually or together are not significant, or compensating mechanisms are in place. The control objectives or sound management of the audited activity are not compromised.
Requires improvement
Identified weaknesses, when taken individually or together, are significant and may compromise the control objectives or sound management of the audited activity.
Unsatisfactory
The resources allocated to the audited activity are managed without due regard to most of the criteria for efficiency, effectiveness, and economy.