Public Sector Governance – ERM and Combined Assurance


Combined assurance is about assurance providers (internal and external) working more closely together to ensure the following:

  1. Key outcomes of combined assurance.
  2. Assurance in the right areas is obtained.
  3. Assurance is obtained from the right resources.

The objectives of the combined assurance plan are mainly to: … Link risk management activities with assurance activities. This will also assist the Accounting Authority / Officer to review the effectiveness of the risk management system; and. Provide a basis for identifying any areas of  potential assurance gaps.

King IV™ is structured as a Report that includes a Code, with additional, separate sector supplements for SME’s, NPO’s, State-Owned Entities, Municipalities and Retirement Funds. The King Code™ contains both principles and recommended practices aimed at achieving governance outcomes. King III initially developed a combined assurance model that covered the traditional three lines of defence – management control; risk control and compliance oversight functions; and independent assurance. King IV has changed the focus to “five lines of assurance”, in order to incorporate more role players, with an even greater emphasis on providing combined assurance.

A municipal failure, by implication means there has been a failure of either enterprise risk management (ERM) or combined assurance. Even in the case of fraud, or other malfeasance, this should have been identified as a risk, and strategies devised to mitigate it. The possible failures can be identified as process, application or oversight. The fraud may have gone undetected because there was no process in place to pick up the problem. Or the process was in place, but it was not applied. Finally, there could have been a process, it was applied, but there was a lack of oversight by the audit committee and the board.

An article by Forte and Barac in The South African Journal of Accountability and Auditing Research Journal following research into the uptake of combined assurance, found that there was a dependency on ERM processes as a prerequisite for the implementation of the combined assurance process.

ERM is about identifying risk and opportunities that could impact an organisation’s objectives. Combined assurance on the other hand, maps assurance to the organisation’s risks. So, there is a logic to establishing ERM before embracing combined assurance.

Course Features

  • Lectures 2
  • Quizzes 0
  • Duration 50 hours
  • Skill level All levels
  • Language English
  • Students 24
  • Certificate No
  • Assessments Yes

Leave A Reply

Your email address will not be published. Required fields are marked *

Open chat
Hello 👋
Can we help you? Please send a whatsapp for quick responses