Material weakness

Definitions[]

Financial reporting[]

A material weakness is

“

a deficiency, or combination of deficiencies, that results in more than a remote likelihood that a material misstatement of the financial statements will not be prevented or detected.^[1]

”

Information system controls[]

A material weakness is

“

a deficiency, or combination of deficiencies, in internal control such that there is a reasonable possibility that a material misstatement of the entity’s financial statements will not be prevented, or detected and corrected on a timely basis.^[2]

”

Overview[]

"Weakness in control is considered ‘material’ if the absence of the control results in failure to provide reasonable assurance that the control objective will be met. A weakness classified as material implies that: — Controls are not in place and/or controls are not in use and/or controls are inadequate — Escalation is warranted There is an inverse relationship between materiality and the level of audit risk acceptable to the IS audit or assurance professional, i.e., the higher the materiality level, the lower the acceptability of the audit risk, and vice versa."^[3]

References[]

↑ Cybersecurity: Actions Needed to Address Challenges Facing Federal Systems]], at 9 n.7.
↑ Information Security: Federal Deposit Insurance Corporation Has Made Progress, but Further Actions Are Needed to Protect Financial Data, at 2 n.4.
↑ ISACA, Interactive Glossary & Term Translations (full-text).

[1] Cybersecurity: Actions Needed to Address Challenges Facing Federal Systems]], at 9 n.7.

[2] Information Security: Federal Deposit Insurance Corporation Has Made Progress, but Further Actions Are Needed to Protect Financial Data, at 2 n.4.

[3] ISACA, Interactive Glossary & Term Translations (full-text).

[1]

[2]

[3]