Control enhancement through combined assurance.
Combined assurance is about assurance providers (internal and external) working more closely together to ensure the following:
The 'right amount of assurance’ depends on the risk appetite of the organisation. There should be alignment of control validation/assurance approaches and efforts across the organisation, driving efficiency and the right levels of comfort. Risk management is the foundation of the combined assurance process and organisations should establish risk-based criteria for dealing with control failures on a consistent and strategically aligned basis to ensure organisational objectives and goals are achieved.