Integrated Assurance : A practice or a wish ?

There has been many calls  over the years to coordinate internal audit ,risk management, compliance and other assurance work and align it with the strategic objectives of the organization ,not only to simplify reporting ,but also to streamline oversight.

Integrated assurance is also referred to as "coordinated" or "combined " assurance . Regardless of the name, those who support the notion of integrated assurance believe that it provides the following benefits:

- Elimination of duplication of efforts
- Cost Synergies
- Focus on important risks
- Better and simplified reporting to the Board
- Maximize control efficiencies

But, what is really meant by integrated assurance ? In researching the web for definitions , I kept finding references to the King III guidance in South Africa ,which provides the following definition :

 

"Integrating and aligning assurance processes in a company to maximize risk and governance oversight and control efficiencies, and optimize overall assurance to the audit and risk committee, considering the company’s risk appetite."

 

I have not seen any other source of definition !

 

Some people believe that Internal Audit should lead the integrated assurance . They base this on the requirement of IPPF standard 2050 which stipulates:

 

"The chief audit executive should share information and coordinate activities with other internal
and external providers of assurance and consulting services to ensure proper coverage and
minimize duplication of efforts."

 

Have your company integrated assurance activities ,or have you heard of any other company that did so ? How was it done and what role did internal audit play?

 

Please share your experience and thoughts !