This article explores the status of current combined assurance practices as experienced by the chief audit
executives (CAEs) of listed companies in the financial services industry in South Africa. The study aims to
determine the status of combined assurance, to identify critical success factors for the implementation of
combined assurance, to determine the role of internal audit in the implementation of combined assurance, and
to identify limiting factors that may hamper the success of the combined assurance process as described in
the literature and experienced by the chief audit executives (CAEs) of the companies surveyed.
The results of the study indicate that combined assurance implementation is seen as a journey, and that
organisations are still at various levels of maturity in the implementation process. Organisations struggling with
full implementation identified the following as limiting factors: a lack of buy-in from executive management;
immature second line of defence functions; different regulatory environments, and the lack of a combined
assurance champion. Key foundational areas identified as requisite for successful implementation related to
appointing a combined assurance champion and an executive sponsor, mature first and second line of
defence functions, formal statements of roles and responsibilities of assurance providers, and buy-in and
active participation from the audit committee chairperson.