Deze maand is het CBOK report Combined Assurance: One Language, One Voice, One View verschenen, onder de vlag van The IIA Research Foundation. Het report is geschreven door Sam Huibers, lid van de IIA Commissie Professional Practices. Huibers noemt hierin onder andere de whitepaper Combining Internal Audit and Second Line of Defense Functions, uitgegeven door IIA Nederland.
In increasingly complex organizations, where more and more players are involved in providing different measures of assurance, how can we prevent management from being overwhelmed by information and reports and succumbing to “assurance fatigue”?
Combined assurance can help solve this problem by integrating and aligning assurance processes so that senior management and audit and supervisory committees obtain a comprehensive, holistic view of the effectiveness of their organization’s governance, risks, and controls to enable them to set priorities and take any necessary actions.
There are multiple benefits to implementing combined assurance, including:
- One voice and taxonomy across all governance bodies and functions in the organization
- Efficiency in collecting and reporting information
- Common view of risks and issues across the organization
- More effective governance, risk, and control oversight
However, the 2015 CBOK survey results show that knowledge and implementation of the combined assurance concept is not yet widespread. Specific guidance on how best to implement combined assurance is still limited, though IIA Standard 2050: Coordination recommends that “the chief audit executive should share information and coordinate activities with other internal and external providers of assurance and consulting services to ensure proper coverage and minimize duplication of effort.”
Additionally, there are different ways of combining assurance. Depending on the specific requirements and desired integration of activities in individual organizations, the type of coordination varies:
- Integrated audits: coordination through audit activities by performing audits jointly
- Integrated planning and reporting: coordination through the planning and reporting processes
- Alignment of activities: coordination through alignment of the activities of separate functions
- Functional integration: coordination through hierarchical lines by combining internal audit and functions within the organization that support management
Download Combined Assurance: One Language, One Voice, One View