MEASURING COMBINED ASSURANCE: A HOLISTIC APPROACH TO ORGANIZATIONAL GOVERNANCE AND RISK MANAGEMENT

Abstract

Combined Assurance is an emerging global concept aimed at enhancing board risk oversight by integrating and aligning silo-based assurance processes across the organization. This study develops an instrument to measure the organizational maturity to adopt Combined Assurance in a two-stepped approach. First, a survey questionnaire was developed based on an extensive literature review. Second, the questionnaire was administered among over 30 respondents engaged in risk, internal audit, and finance to assess the reliability and validity of the instrument. The findings further collaborated through case studies of four leading organizations in Sri Lanka. The study finds that the organizational maturity to adopt Combined Assurance that could be assessed using two dimensions: ‘Holistic Approach to Risk Management’ and coordinating assurance among ‘Three Line of Defense’. The findings also revealed that Enterprise Risk Management is a prerequisite for the successful implementation of combined assurance and Internal Audit Function can potentially play a championing role in the implementation with close collaboration among the Three Line of Defense. These findings provide opportunities for future research from an Internal Organizational Governance perspective. Further, from a regulatory perspective, the study emphasizes the need to revisit the existing corporate governance practices in relation to the application of combined assurance