Audit of the Regional Operations Shared Service Center

Audit Rating Definition

 

Effective - The assessed governance arrangements, risk management practices and controls were adequately designed and operating effectively to provide reasonable assurance that the objectives of the audited entity/area should be achieved. The issue(s) and improvement opportunities identified, if any, did not affect the achievement of the audited entity or area's objectives.

Some improvement needed - The assessed governance arrangements, risk management practices and controls were adequately designed and operating effectively but needed some improvement to provide reasonable assurance that the objectives of the audited entity/area should be achieved. The issue(s) and improvement opportunities identified did not significantly affect the achievement of the audited entity/area objectives. Management action is recommended to ensure that identified risks are adequately mitigated.

Major improvement needed -  The assessed governance arrangements, risk management practices and controls were generally established and functioning but need major improvement to provide reasonable assurance that the objectives of the audited entity/area should be achieved. Prompt management action is required to ensure that identified risks are adequately mitigated.

Not effective - The assessed governance arrangements, risk management practices and controls were not adequately established or functioning to provide reasonable assurance that objectives of the audited entity/area should be achieved. The issues identified could seriously compromise the achievement of the audited entity or area's objectives. Urgent management action is required to ensure that the identified risks are adequately mitigated.