Risk-Based Combined Assurance
and the New Normal 2021

14 - 16 July 2021

Register Now! Few Seats Available!

Public R15,999.00

Online R9,999.00

Online R9,999.00

Overview:

The ‘right amount of assurance’ depends on the risk appetite of the organisation. There should be alignment of control validation/assurance approaches and efforts across the organisation, driving efficiency and the right levels of comfort. Risk management is the foundation of the combined assurance process and organisations should establish risk-based criteria for dealing with control failures on a consistent and strategically aligned basis to ensure organisational objectives and goals are achieved.
An effective way for companies to mitigate risk; is Combined Assurance. Combined assurance is the process of internal, and potentially external parties, working together to ensure that risks are well managed so that organizations can achieve their objectives.
Combined Assurance can enhance a company’s profitability and reassure the board that the controls meant to manage risk are adequate and effective. Meaning are they designed and working properly.
This training seeks to look at the role and contribution that effective risk management plays in ensuring the effectiveness of a combined assurance model and provide guidance on how to develop a model that is truly risk-based.

Benefits of combined assurance:

  • Coordinated and relevant assurance efforts are directed to the risks that matter most.
  • Commitment to enhance controls is demonstrated.
  • Dashboards that provide an integrated, insightful view.
  • Assurance activities produce valuable, integrated data, based on collaboration and not silos.
  • Reduction in assurance costs through elimination of duplication and better resource allocation.
  • Resources are not wasted on unnecessary duplication.
  • A reduction in the repetition of reports by different committees, resulting in improved and more efficient reporting.
  • A comprehensive and prioritized approach in tracking of remedial actions on identified opportunities/weaknesses.
  • Clarity on risk and audit.

Specific learning outcomes of this short learning program are to:

  • Describe the concept of combined assurance;
  • Understand and identify the various role players and assurance providers in a combined assurance environment;
  • Specify the role of internal audit in combined assurance
  • Benefits, Barriers, and Challenges
  • Critical Steps and Factors for Implementation
  • What is the single biggest factor that enabled you to implement a combined assurance model?
  • The Need to Coordinate Assurance Functions
  • Developing your governance design skills whilst supporting your organisation in maximizing the value of its IT investments
  • Understanding how COBIT 5® and other associated IT governance standards go hand in hand with the application of the King IV™ combined assurance approach
  • Building an effective assurance model aligned with your GRC and assurance functions
  • Empowering collaboration between cross functional stakeholders and diverse areas of management with a unified insight into the purpose and desired outcomes of their inputs
  • Use the tools / templates available to structure a combined assurance framework, model and structure within an organisation; and
  • Compile a combined assurance report.

Targeted Audience:

  • Chief Risk Officers,
  • Risk Managers,
  • Risk Champions,
  • Internal Audit/Auditors
  • Board Audit Committee and
  • Board Risk Committee Members,
  • Executive Risk Management.
  • All participants in the organisational assurance processes including risk practitioners.
  • Executive directors,
  • non-executive directors,
  • Exco members,
  • Heads of Departments,
  • General Managers,
  • Senior Managers,
  • Managers,
  • Supervisors,
staff:
  • Audit, Risk, Governance and Compliance
  • IT, Information / Data
  • Business Continuity, Business Recovery and Crisis Management Strategy

Course Outline:

What is Combined Assurance
The Growing Need for Risk Management

  • Organizational Failures
  • New Risks
  • Stakeholder Expectations

Identifying Key Players in Organizational Governance

  • Stakeholders
  • Board of Directors
  • Audit Committee
  • Management
  • Assurance Providers

The Need to Coordinate Assurance Functions

  • Varied Assurance Providers
  • Three Lines of Defence

 

Combined Assurance as a Solution

  • Aspects of Definition
  • Benefits of Combined Assurance
  • Who Plays an Important Role in Combined Assurance?
  • Board of Directors
  • Audit Committee
  • Internal Assurance Providers
  • External Assurance Providers

Research Methodology and King Code Inclusion

  • Interviews
  • Description of the Case Studies
  • Context of the King Codes
  • King Code Revisions

Understanding Combined Assurance

  • Organizational versus Project Level
  • Functions Providing Assurance
  • Combined Assurance Beyond Internal Auditing

Reasons to Implement Combined Assurance

  • The Governance Factor
  • The Risk Factor
  • The Efficiency Factor
  • Combined Assurance as a Way to Reduce Assurance Fatigue
  • Combined Assurance as a Way to Avoid Assurance Gaps
  • Combined Assurance as a Way to Reduce Silos
  • Combined Assurance as a Way to Reduce Assurance Costs

Benefits, Barriers, and Challenges

  • Benefits of Combined Assurance
  • Benefits for the Business
  • Benefits for the Assurance Process
  • Barriers and Challenges When Implementing Combined Assurance
  • Trial and Error
  • No One-Size-Fits-All Approach
  • Progress Through Sharing
  • Creating an Integrated View
  • Misunderstanding the Concept
  • Misunderstandings of the Meaning of Assurance
  • Maturity of Risk Management

Critical Steps and Factors for Implementation

Critical Steps

  • An Illustration of a Top-down Combined Assurance Approach
  • Critical Factors in Implementing Combined Assurance
  • Tone from the Top and Executive Buy-in
  • Management Buy-in
  • Mature Risk Management Process
  • Clearly Understanding Accountabilities
  • Common Language, Data Depository, and Methodologies
  • Importance of Communication Among Assurance Providers

The Role of Internal Audit in the Combined Assurance Model

  • Internal Audit as Champion of Combined Assurance
  • Internal Audit as Quality Control for Combined Assurance

Potential Challenges for Internal Audit

  • Risk Management
  • Potential Audit for the Future
  • From Traditional to Participative
  • Strategic Direction
  • Assurance versus Consulting
  • Evolution of Skills

Setting the scene for Combined Assurance in IT Governance

  • Combined assurance and the greater governance scheme
  • The evolution of combined assurance from King III to King IV
  • Decision-design vs. decision-support
  • Management control and the model
  • Your combined assurance model and fulfilling governance goals
  • Supporting business drivers using an IT-CAM (Combined Assurance Model)

The changing roles of Risk Management and Internal Audit

  • The role of Enterprise Risk Management and the risk-based approach
  • Relating business risk to IT risk in the context of the Combined Assurance Model
  • The changing role of Internal Audit
  • Case studies: (High-profile governance crises and operating example)

Developing the Combined Assurance Model for IT Governance

  • Establishing readiness and constructing the CAM for IT
  • Maintaining and continually improving the IT-CAM
  • General ‘Dos and Don’ts’
  • Recognising the influence of digital transformation and disruption
  • Common challenges, lessons learnt and success factors

End of the workshop

IN HOUSE AND ONLINE TRAINING

While both In-House and Online training can present with cost-effectiveness and time-efficacy, there are some very specific differences between in-house courses and those based online.
The demand for additional courses by individuals or groups of people is increasing. Still, it depends entirely on the preferences of a person what type of training he or she wants to receive. Online courses and in-house training carry some similarities but they are considered to exhibit some very pivotal differences too. Despite that, both types of learning can be really beneficial for attendees.

For Registration and other Training arrangements,
contact us on the detail below.
SOUTH AFRICA Tel: +27 11 057 6001
KENYA Tel: +254 11 353 1082
WhatsApp +27 79 574 0389
info@bmktraining.co.za / www.bmktraining.com