Appendix B - Risk Ranking of Recommendations and Audit Opinion
The following definitions are used to classify the ranking of recommendations and the audit opinion presented in this report.
| Critical | Relates to one or more significant weaknesses for which no adequate compensating controls exist. The weakness results in a high level of risk. |
|---|---|
| Essential | Relates to one or more significant weaknesses for which no adequate compensating controls exist. The weakness results in a moderate level of risk. |
| Well Controlled | Only insignificant weaknesses relating to the control objectives or sound management of the audited activity are identified. |
|---|---|
| Generally Acceptable | Identified weaknesses, when taken individually or together, are not significant or are compensated by mechanisms in place. The control objectives or sound management of the audited activity are not compromised. |
| Requires Improvement | Identified weaknesses, when taken individually or together, are significant and may compromise the control objectives or sound management of the audited activity. |
| Unsatisfactory | The resources allocated to the audited activity are managed without due regard to most of the criteria for efficiency, effectiveness, and economy. |