A COMBINED ASSURANCE MODEL TO PROMOTE INTEGRATED REPORTING IN LIMPOPO PROVINCIAL TREASURY Matshidiso Manabalala WITS Business School The thesis presented in partial fulfilment for the degree of Master of Business Administration to the Faculty of Commerce, Law, and Management, University of the Witwatersrand April 2021 ii DECLARATION I, Matshidiso Manabalala, declare that this research report entitled ‘A combined assurance model to promote integrated reporting in Limpopo Provincial Treasury’ is my own unaided work. I have acknowledged, attributed, and referenced all ideas sourced elsewhere. I am hereby submitting it in partial fulfilment of the requirements of the degree of Master of Business Administration at the University of the Witwatersrand, Johannesburg. I have not submitted this report before for any other degree or examination to any other institution. Matshidiso Manabalala Signed at Johannesburg on 30th April 2021 Name of candidate Matshidiso Manabalala Student number 2289272 Telephone numbers 082 504 6235 Email address 2289272@students.wits.ac.za First-year of registration 2019 June intake Date of proposal submission 15 January 2021 Date of report submission 30 April 2021 Name of supervisor Dr. Jenika Gobind mailto:2289272@students.wits.ac.za iii ABSTRACT Author: Matshidiso Manabalala Supervisor:Dr.Jenika Gobind Thesis title: A combined assurance model to promote integrated reporting in Limpopo Provincial Treasury Organisations expand, and business operations evolve & become more multifaceted; the growth leads to the board and ARC requiring more assurance providers’ functions to oversee achievements of objectives. The multiple uses of assurance providers’ activities in isolation cause the board and audit committees to suffer from effort duplication, leading to assurance fatigue. The purpose of the study is to explore challenges associated with the implementation of the combined assurance model by Limpopo Provincial Treasury (LPT) and develop possible solutions in the form of recommendations for LPT to improve. The study follows the qualitative research method to achieve the research objectives. This research uses unstructured and semi-structured individual interviews to collect primary data from LPT assurance providers, Auditor General South Africa (AGSA) and Departments and Public Entities Chief Financial Officer as LPT’s stakeholders. Interview questions have been developed for use during the primary data collection to interview individual participants. Permission has been requested from the HOD of LPT to interview the research participants. Findings - The challenges for LPT implementation of combined assurance are caused by Ineffective communication, working in silos and lack of collaboration results in duplication of efforts, assurance fatigue, and contradicting reports. Conclusion- Change in organisation culture and promotion of integrated thinking will lead to successfully implementing the combined assurance model. April 2021 iv 3. LIST OF ABBREVIATIONS ARC Audit & Risk Committee AO Accounting Officer AGSA Auditor-General South Africa CAE Chief Audit Executive CFO Chief Financial Officer CAC Central Audit Committee EA Executive Authorities EXCO Executive Council GPG Gauteng Provincial Treasury HOD Head of Department IIA Institute of Internal Auditors in Southern Africa IoDSA Institute of Directors in Southern Africa LPG Limpopo Provincial Government LPT Limpopo Provincial Treasury MEC Member of Executive Council OTP Office of the Premier PE Public Entity PFMA Public Finance Management Act v PC Portfolio Committees PT Provincial Treasury TR Treasury Regulation SCOPA Standing Committee on Public Accounts WCPG Western Cape Provincial Government vi TABLE OF CONTENTS DECLARATION ........................................................................................................................................ ii ABSTRACT iii 3. LIST OF ABBREVIATIONS ........................................................................................................ iv Table of contents ........................................................................................................................................ vi List of tables ix List of figures x List of tables and figures in the appendiceS ........................................................................................... xi ACKNOWLEDGEMENTS ................................................................................................................... xii Definition of key terms and concepts ................................................................................................... xiii 1. Introduction to the research ...........................................................................................................16 1.1. Background and context ......................................................................................................16 1.1.1. Combined assurance model ..................................................................................16 1.1.2. Integrated Reporting ..............................................................................................19 1.1.3. LPT transversal assurance provider structure ...................................................20 1.1.4. LPT assurance providers mandate ......................................................................21 1.1.5. Preface to the research report ..............................................................................22 1.2. Research conceptualisation ..................................................................................................22 1.2.1. The research problem statement .........................................................................22 1.2.2. The research purpose (aim and objectives) statement .....................................25 1.2.3. Research Questions ....................................................................................................25 1.3. Delimitations and assumptions of the research study .....................................................26 1.4. Significance of the research study ......................................................................................28 1.5 Summary ......................................................................................................................................29 2. Literature review ...............................................................................................................................31 2.1. Introduction ...............................................................................................................................31 2.1. Research problem analysis .......................................................................................................33 2.1.1. Combined Assurance benefits ..................................................................................33 2.1.2. Mapping of Assurance Providers .............................................................................35 2.1.3. Combined Assurance Forum ....................................................................................38 2.1.4. Challenges associated with the implementation of Combined Assurance ........39 2.1.5. Manage Assurance Providers Conflict of Interest ................................................40 2.1.6. Combined assurance awareness and buy-in ...........................................................41 2.1.7. Integrated reporting ...................................................................................................42 2.1.8. Organisational Structure ............................................................................................43 2.1.8.1. Provincial Treasuries providing adequate assurance .........................................43 2.1.8.2. Limpopo Provincial Treasury structure review ..................................................44 2.1.8.3. LPT assurance providers’ structures in comparison with best performing Treasuries. ................................................................................................................53 2.2. Research knowledge gap analysis ............................................................................................55 2.3. Framework(s) for interpreting research findings ..................................................................57 2.4. Summary and conclusion .....................................................................................................58 3. RESEARCH STRATEGY, DESIGN, PROCEDURE AND METHODS .........................60 vii Introduction .......................................................................................................................................60 3.1. Research strategy .......................................................................................................................61 3.2. Research design..........................................................................................................................62 3.3. Research procedure and methods ...........................................................................................63 3.3.1. Research data and information collection instrument(s) .................................63 3.3.2. Research target population and selection of respondents ...............................64 3.3.4. Research data and information collection process ...........................................66 3.3.5. Research data and information processing and analysis ..................................66 3.3.6. Description of the research respondents............................................................68 3.4. Research strengthens—reliability and validity measures applied ..................................71 3.5. Research weaknesses—technical and administrative limitations...................................72 3.6 Summary ......................................................................................................................................72 4. PRESENTATION OF RESEARCH RESULTS .......................................................................73 Introduction .......................................................................................................................................73 4.1. Research Question 1 result ......................................................................................................74 4.1.1. Integrating and aligning assurance processes .....................................................75 4.1.2. Stakeholders buy-in and support .........................................................................76 4.1.3. Effective transversal committee...........................................................................77 4.2. Research Question 2 result ......................................................................................................80 4.2.1. Adequacy review of LPT transversal structure ......................................................80 4.2.2. Effectiveness of transversal financial forums ........................................................81 4.2.3. Assurance providers’ skills and capacity to execute combined assurance. ........82 4.3. Research Question 3 result ......................................................................................................86 4.3.1. Ability to enhance value add and decision making ...........................................86 4.3.2. Effort duplication and assurance fatigue. ...........................................................88 4.4. Research Question 4 result ..................................................................................................89 4.4.1. Integrated thinking .................................................................................................89 4.4.2. Report rating systems and report formats ..........................................................91 4.4.3. Review and reporting of AG action plan ...........................................................92 4.5. Summary ..................................................................................................................93 5. DISCUSSION OF RESEARCH FINDINGS ............................................................................94 Introduction .......................................................................................................................................94 5.1. Challenges associated with the implementation of Combined Assurance ......................95 5.1.1. Integrating and aligning assurance processes .....................................................97 5.1.2. Risk Management .................................................................................................... 100 5.1.3. Stakeholders buy-in and support ...................................................................... 101 5.1.4. Effective transversal committee........................................................................ 102 5.1.5. Transversal Structure .......................................................................................... 103 5.2. Summary .................................................................................................................................. 107 6. Summary, conclusions, limitations, and recommendations .................................................... 109 Introduction .................................................................................................................................... 109 6.1. Summary .................................................................................................................................. 109 6.2. Conclusions ......................................................................................................................... 110 6.2.1. Integrating and aligning assurance processes ...................................................... 110 6.2.2. Risk Management .................................................................................................... 111 viii 6.2.3. Stakeholders buy-in and support ...................................................................... 111 6.2.4. Effective transversal committee........................................................................ 111 6.2.5. Transversal Structure and Integrated thinking ............................................... 112 6.3. Limitations .............................................................................................................................. 112 6.4. Suggestions for Further Research.................................................................................... 113 6.5. Recommendations ............................................................................................................. 113 REFERENCES 118 APPENDICES 121 Appendix 1.1: Data collection instruments ...................................................................................... 122 1.1.1. Individual Participant Information Sheet ........................................................................ 122 1.1.2. Participant Consent Form.................................................................................................. 123 1.1.3. Individual Interview Questions ......................................................................................... 124 Appendix 2.1: One-page bio of the researcher including declaration of interest in the research ...................................................................................................................................... 126 Appendix 2.2: Ethic documentation .................................................................................................. 127 Appendix 3.1: Dully filled in data collection instrument(s) ............................................................ 128 ix LIST OF TABLES Table 1: Combined assurance assurers’ criteria--------------------------40 Table 2: List of LPT transversal forums---------------------------------48 Table 3: Individual research participants----------------------------------69 Table 4: Research participants responses----------------------------------78 Table 5: Research participants in agreement (adequate structure, skills, and capacity) (yes)--------------------------------------------------------------83 Table 6: Research participants in disagreement (no)---------------------84 Table 7: Partially adequate research participants (torn between Yes & No)--------------------------------------------------------------------------------84 x LIST OF FIGURES Figure 1: The Three Lines of Defence Model (IIA global, 2013)------------18 Figure 2: Assurance provided by key role players (AGSA, 2017)----------- 38 Figure 3: Governance model (PWC, 2019)--------------------------------------42 Figure 4: Limpopo Provincial Treasury Transversal Organisation structure (student’s own, 2020)----------------------------------------------------------------47 Figure 5: Western Cape Provincial Treasury Transversal Organisation structure (student’s own, 2020)----------------------------------------------------53 Figure 6: Northern Cape Treasury Transversal Organisation structure (student’s own) (2020)---------------------------------------------------------------54 Figure 7: Categorise LPT Assurance providers overall roles and responsibilities (student’s own, 2021)------------------------------------------114 Figure 8: Recommended transversal integrated report structure (student’s own, 2021)---------------------------------------------------------------------------114 Figure 9: Lines of defence(student’s own, 2021)----------------------------- 115 xi LIST OF TABLES AND FIGURES IN THE APPENDICES 1.1.1. Individual Participant Information Sheet----------------------122 1.1.2. Participant Consent Form----------------------------------------123 1.1.3. Individual Interview Questions----------------------------------124 2.1. One-page bio of the researcher including declaration of interest in the research--------------------------------------------------------------------126 2.2. Ethics Clearance----------------------------------------------------------127 Permission to conduct an academic research study at Limpopo Provincial Treasury-------------------------------------------------------------128 xii ACKNOWLEDGEMENTS Father God, you are everything to me, and I know I have come this far by your grace. You have been the pillar of strength and my refuge throughout the MBA journey and my life. Dr Jenika Gobind, thank you for your support and leadership To my uncle, Dr Richard Chauke, When I thought I did not have it in me to continue with the research proposal, you made me understand and appreciate the research process within a day. You brought hope and gave me the courage to soldier on in my darkest days. Thank you! To my mother (Johanna Manabalala), you are a mighty woman of valour. You are the reason I keep pushing even when I do not see hope because you believe in me and support my dreams. I love and appreciate you, mama. To Emmanuel Mokgetwa Mogofe, thank you for your guidance and support in this journey. You were there with me throughout, cheering me up and advising me. May the good Lord bless you. Continue being a blessing to others like you were to me. My sister (Moloko Lisbeth Manabalala), Your prayers, understanding and encouragement have kept me this far, dear sister. I could not have made it without you. I am grateful for every cup of coffee and food you used to make for me while I focused on schoolwork. My brothers (Morris and Zane Manabalala), thank you for your support and encouragement. When I felt like giving up, you always reminded me that I never give up; I am “diehard”. Zane, you even helped me with research for coursework. Thank you for your support and words of encouragement to my fellow supportive MBA students and friends (Tshidi Mashabathakga, Tshidiso Mokgatla, Azeemah Mahomed). To all the academic staff of Wits University (Wits Business School) My employer (Limpopo Provincial Treasury) and all people around me, I truly and wholeheartedly thank you for your contribution to this journey which earned me an MBA. xiii DEFINITION OF KEY TERMS AND CONCEPTS “Board" or “Accounting Authority” means the Board of Directors of the State-Owned Entity, as constituted in terms of the Public Finance Management Act under schedule 3 (C and D). “Cabinet” also means the Executive council of a province. “Executive Authority” means the cabinet member or member of the Executive Council of a province in whose portfolio a government component, statutory council, public entity, or government enterprise falls. “MEC” means a member of a Provincial Executive Council. “Parliament” also means a provincial legislature. “PFMA” means the Public Finance Management Act,1999. "CEO" means the Chief Executive Officer, who is also an Executive Director. "CFO" means the Chief Financial Officer, who is responsible for the finances of the SOE. "Chairperson" means a Non-Executive Director appointed by Executive Authority / Shareholder (Member of Executive Council) to preside Board meetings. "Companies Act" means the Companies Act, 2008 (Act 71 of 2008). "Companies Act Regulations" means the Companies Act Regulations, 2011. “Executive Authority”- unless the context indicates otherwise, Executive Authority in this document refers to the Shareholder/Member of Executive Council responsible for the Public Entity. "King IV" means the King Report on Governance for South Africa 2016. xiv "Members/Directors " means Non-Executive Directors appointed by Executive Authority Shareholder to serve on the Board. "Non-Executive Directors" (NEDs) means a member of the Board who does not engage in the day-to-day management of the state-owned entity, but who is involved in policy making and strategic planning exercises. "Shareholder" means the Provincial Government, represented by the Member of the Executive Council. “Public Entities” (PE) … means company established by Provincial Administration for carrying out a provincial mandate on behalf of a particular department. PEs will be listed in Schedule 3B and 3D of the Public Finance Management Act, including subsidiaries of Schedule 3D entities. “Stakeholder”- A person or group with a direct interest and/or involvement in or affected by the work and operations of the entity. “Combined assurance model”- A combined assurance model incorporates optimises all assurance providers and functions to enable effective control environment and support the integrity of information used for decision making by management, the board, and its committees. “Organisation Culture”- The way members of organisations relate to each other, their work, and the outside world. “Effective or effectively”- The adequate accomplishment of the desired objective or a pursuit with the minimum expenditure of time, resources, waste, and effort. “Independence”- independence generally means the exercise of objectives, unfettered judgement. xv “Information”- includes all data, records, and knowledge in electronic or any other format which forms part of intellectual capital used, transformed, and produced by an organisation “Integrated report”- A concise communication about how an organisation’s strategy, governance, performance, and prospects lead to the creation of value “Clean audit outcome”- “The financial statements are free from material misstatements (in other words, a financially unqualified audit opinion) and there are no material findings on reporting on performance objectives or non-compliance with legislation” (AGSA 2019). 16 1. INTRODUCTION TO THE RESEARCH 1.1. Background and context This research explores challenges associated with implementing the combined assurance model: the case of Limpopo Provincial Treasury. Before getting to the research conceptualisation (Section 1.2), the study introduces the terms and concepts that have been used in conceptualising this research in Section 1.1 generally and broadly—while Chapter 2 has a more specific and detailed discussion on the research context. The research conceptualisation section provides for the research problem statement (Section 1.2) and consequently the purpose of this research (Section 1.2.2) as well as the research questions (Section 1.2.3). The delimitations and assumptions of the research study are in Section 1.3, while the significance of the research study is discussed in Section 1.4 and provide a preface to the research report in Section 1.5. 1.1.1. Combined assurance model The combined Assurance model integrates and coordinates all assurance activities by internal and external assurance providers in a company to maximise risk, governance oversight, control efficiencies and optimising overall assurance to the audit and risk committee (ARC) (IV, 2016). The combined Assurance model foster a common language, one voice and integrated thinking (Huibers, 2015). “Combine assurance assist organisation decision making by integrating and aligning assurance processes so that executive management, audit and board committees obtain a comprehensive, holistic view of the effectiveness of the entity’s governance, risk and controls and mitigate assurance fatigue” (Huibers, 2015, p. 2). 17 The Combined Assurance Framework aims to detail a set of concepts, principles, and a methodology that aims to improve the control environment and promote good governance (NT, 2013). The combined assurance model provides a collaborative method to how the organisation intends to identify critical risks and adequate controls to mitigate risks and how possible duplication of audit and assurance processes will be dealt with. In practical terms, combined assurance is about assurance providers working more closely together to ensure the right amount of assurance, in the right areas, from people with the best and most relevant skills, as cost- effectively as possible and obtaining the trust of management and the Audit & Risk committees (ARC) (Huibers, 2015). The right amount of assurance depends on the risk appetite of the company (Govindarajan, 2011). Guidance on risk appetite is sought from the Board through the Audit & Risk Committee (ARC) (Govindarajan, 2011). Assurance is provided by a broad range of departments, differentiated by the stakeholders served, for example, those who report to management, those who report to the Board / Accounting authority, and those who report to external stakeholders (IODSA, 2016). The institute’s assurance environment components are identified through three lines of defence (Institute of Internal Auditors, 2013). The identification should be supported by risk mapping, a mixture of applicable business model matrices, and defined goals and timelines (IIA, 2013). The maturity of the organisation’s risk management that aligns with the organisation’s strategic objectives will determine the success of the combined assurance model (Barac, 2015). The Three Lines of Defence model provides a holistic and effective way to enhance communications in 18 organisations on governance, risk management and controls by clarifying essential roles and duties (IIA, 2013). Figure 1: The three lines of defence model Source,IIA position paper, the three lines of defence model in effective risk management and controls ( IIA global ,2013, p. 2) The benefit of effectively implemented combined assurance According to Huibers (2015), the benefits of aligning and co-ordinating assurance processes will improve the control environment and support the following organisational objectives: Elimination of assurance fatigue, Resources not misused on preventable duplication, reported information to governance committees is more precise and insightful, as assurance providers view integrates. Facilitation of better decision making through assurance activities, generating value adds, relevant data based on collaboration 19 1.1.2. Integrated Reporting An integrated report is a report that connects detailed information in other reports to give a comprehensive and concise picture of “significant strategic matters that affect the organisation’s ability to create value” (IV, 2016, p. 28). Integrated reporting results from increasing concerns about the fragmented traditional business reporting to various stakeholders (Adams, 2015). Integrated Reporting Council (IIRC) proposed concise, integrated reporting to remedy the problem by providing a report that integrates non- financial and financial value creation information (Cheng, Green, Conradie, Konishi, & Romi, 2014). IIRC designed a principle-based conceptual framework increasing the scope of a business’s reporting using a “six capitals concept” to envision the business model and better understand and “communicate value creation proposition over short, medium and a longer period” (Simnett & Huggins, 2015, p. 23). Integrated reporting is concise and cohesive communication of a company’s short-, medium- and long- term strategy, governance, and performance (Cheng et al., 2014). Integrated thinking and reporting encourage holistic thinking of value creation and business models and promote better internal decision-making (Adams, 2015). 20 Benefits associated with Integrated Reporting Integrated reporting encourages businesses to think combined and holistically, leading to the more precise articulation of strategy and business model, produce an integrated report that is clear and concise, improve identification of risk and opportunities and enhance internal processes leading to a better understanding of the business and improved decision- making process (Roth, 2014). 1.1.3. LPT transversal assurance provider structure The nature of the work of the Provincial Treasury (PT) is to provide information, reports and assurance to critical stakeholders and oversight bodies such as the Provincial Executive Council (EXCO), the Cluster Audit Committees (CAC), Standing Committee on Public Accounts (SCOPA), as well as the relevant Portfolio Committees. Since the Chairperson of the CAC reports directly to EXCO, a benefit can be derived by providing EXCO as well as Executive Authorities (EA) with integrated and consolidated reports of assurance services in respect of governance, risk management, internal control, and compliance processes. 21 1.1.4. LPT assurance providers mandate Provincially, the Premier (OTP) and PT's Office are the two institutions that play a critical role in respect of institutional governance and administration in the province. PT acts as the custodian of the PFMA in the Province. PT have a constitutional mandate through the Public Finance Management Act (PFMA) No. 1 of 1999 as amended to enforce implementation of National and Provincial Treasury norms and standards in the province, including prescribed procurement systems, standards and Generally Recognized Accounting Practice, uniformly classified systems, provisioning, banking, cash management and investment frame-work policies for both the departments and public entities. Treasury Regulations (TR) para 3.2.10 requires, “The internal audit function to coordinate with other internal and external providers of assurance to ensure proper coverage and to minimise duplication of effort”. In addition, the TRs requires that entities conduct internal audits in terms of the Institute of Internal Auditors (IIA) Standards. The Institute of Internal Auditors (IIA) Standard 2050 enacted Chief Audit Executive (CAE) to share information and coordinate activities with other internal and external providers. CAE should develop and implement a combined assurance model to prevent management and governance oversight structures from being overwhelmed with information, reports and succumbing to assurance fatigue. 22 1.1.5. Preface to the research report To this end, the report has six chapters. Following this introductory chapter, Chapter 2 provides a literature review covering the problem, the past studies, the explanatory framework, and the conceptual framework. Chapter 3 discusses the research strategy, design, procedures, reliability, and validity measures as well as limitations. Chapter 4 and Chapter 5 presents and discusses the findings, respectively, to interrogating our research questions, while Chapter 6 summarises and concludes the research. 1.2. Research conceptualisation 1.2.1. The research problem statement The governing bodies or boards of directors of LPG experience the challenges of the effectiveness of risk management, compliance management and internal control systems for all kinds of risks. In LPT, there is a lack of holistic assurance to the boards and governing bodies on the effectiveness and efficacy of risk management and internal control systems by coordinating assurance activities from various sources of assurance. LPT use many assurance providers to help LPG governing bodies or boards fulfil monitoring duties and apply effective governance practices in supply chain, infrastructure, compliance, banking, governance, budget, revenue, assets management and internal audits. Assurance providers perform assurance activities in isolation, auditees, management, and the board suffer from assurance fatigue and assurance gaps that lead to inefficient reporting to governing bodies. They receive multiple opinions, and the governing bodies are therefore not able to exercise their oversight role appropriately. There is a lack of one taxonomy across all functions and governance bodies within the organisations that provides a single source of truth. There are minimally coordinated and relevant assurance efforts that 23 focus on exposure, shortage of comprehensive and prioritised tracking of remedial action on identified improvement opportunities and weaknesses. The collection and reporting of assurance information happen in silos. There is a gap in the standard view of issues, risks, and controls across the organisation and the reporting to the board and committees. There is no comprehensive and holistic view of the effectiveness of governance, risk management, and controls in the organisation that is provided to the senior management, the audit committee, and the board. The availability of such information could enable the organisation to make informed decisions by analysing, aggregating, and reporting information supplied by various assurance providers. The lack of a combined assurance view makes it impossible for management to release a statement on the efficiency and effectiveness of their internal controls as part of their annual report. Reporting is another area of concern that needs to be restructured to ensure that the Executive Committee, the Audit Committee, the Risk Committee, and the board or governing bodies receive the proper assurance at the right time for acquainted decision-making. The Institute of Internal Auditors Standard 2050 enacted Chief Audit Executive (CAE) to share information and coordinate activities with other internal and external providers to prevent management and governance oversight structures from being overwhelmed with information, reports and succumbing to assurance fatigue. However, "The global internal audit common body of knowledge (CBOK) indicated that Special guidance on how best to implement combined assurance is still limited and there are different ways of combining assurance" (Huibers,2015, pg.1). Decaux and Sarens (as cited in Dzomira, 2016) concluded that organisations are still 24 learning through combined assurance implementation because no organisation seems to have achieved an established combined assurance program. LPT has been attempting to develop a combined assurance model suitable for LPDs and PEs to alleviate assurance fatigue. The plan has been to create the model twofold: LPT assurance providers working together to provide assurance oversight to LPDs & PEs and provide a framework for departments and public entities assurance providers to execute functions and report to LPT. However, LPT did not fully succeed in developing the combined assurance model. LPDs and PEs raised concerns about the multiple assurance providers from LPT, which are working in silos. As a result, this creates duplication of efforts and contradicting reports/recommendation that LPDs and PEs must implement. There is no collective effort and commitment to implement combined assurance in LPT, which results in high costs from LPT, LPDs and PEs. Consequently, LPT has governance structures as well as assurance providers to support both the LPDs and PEs. However, it is uncertain whether all the assurance providers are working correctly as per the requirements. 25 1.2.2. The research purpose (aim and objectives) statement The purpose of this study is to explore and determine the challenges associated with the implementation of the combined assurance model by LPT and develop possible solutions in the form of recommendations for LPT to improve. The main criteria to establish the associated challenges are to assess LPT assurance providers' structures with other Provinces reported to be offering adequate assurance within the Republic of South Africa and the National Treasury ideal structure. Lastly, determine if there are duplication of efforts, areas creating assurance fatigue and necessity and/or relevancy of each assurance provider within LPT. 1.2.3. Research Questions 1.2.3.1. Question 1: What are the challenges associated with the aligning and co-ordinating of assurance providers’ s processes? 1.2.3.2. Question 2: Does the coordinating and monitoring role of the LPT assurance providers enabling effective functioning of the combined assurance in Limpopo Province? 1.2.3.3. Question 3: Are the assurance activities incorporated to enable better and improved decision-making that create value add to LPDs and PEs? 1.2.3.4. Question 4: How does the Integrated Reporting in Limpopo assist in identifying weaknesses and/or opportunities in Internal Controls and reporting systems, stakeholder management, other independent assurance services as well as governance, compliance, risk and monitoring? 26 1.3. Delimitations and assumptions of the research study There is no internationally adopted definition and guidance regarding combined assurance and how to implement it, including the different ways of combining assurance and different types of coordination that are possible (Huibers, 2015). Organisations are learning through combined assurance implementation because no organisation seems to have achieved an established combined assurance program (Dzomira, 2016). In another similar study, the study limits the audit committee's role and internal audit role to financial skills (Dzomira,2016), where else King IV (2016) specify that the audit committee is responsible for overseeing the effective achievement of the internal control environment, supporting the integrity of information used for internal decision-making by management, the governing body, and its committees. According to IIA standards, an internal audit is responsible for evaluating the adequacy and effectiveness of governance, risk management and controls in general, not only financial controls. Furthermore, Company regulations Chapter 3, in line with companies act 94 (5), stipulates that at least one–third of the members of a company's audit committee at any time must have academic qualifications, or experience, in economics, law, corporate governance, finance, accounting, commerce, industry, public affairs or human resource management. Other root causes of implementing a combined assurance model might be a lack of support and buy-in from governance structures and management. Lack of commitment by all assurance providers. Assurance providers' 27 competitions and conflict. Lack of required skill to develop and implement the model (Institute of risk management SA, 2014). Limpopo provincial government has adopted a centralised approach regarding establishing the Combined Assurance Model as opposed to a decentralised system. The plan is to create the model twofold: LPT assurance providers work together to provide assurance oversight to LPDs & PEs and provide a framework for departments and public entities assurance providers to execute functions and report to LPT (LPT, 2019). As a result, the model is complex and require skills and in-depth knowledge of government processes and risk. The study will focus only on the LPT assurance providers working together. Matters about independence and objectivity are susceptible within the profession; therefore, assurance providers are unwilling to share information or depend on each other's work. The Assurance Providers are very protective of their independence concerning value add, responsibilities, effectiveness to the Organisations. Similarly, Chief Financial Officers of departments and entities protect the mandate and service delivery models adopted within their respective departments. As a result, this study assumes that both the Assurance Providers and Chief Financial Officers will be biased and protective towards their area of responsibility when responding. Consequently, triangulation will be done by obtaining data from both the AGSA, Audit Committee Chairperson, Provincial Internal Audit, and other Assurance Providers within Limpopo Province. 28 The assumption that LPT transversal assurance providers’ positions/units are appointed/created without first reviewing the current organisational structure, performance contract, and job descriptions to determine the possibility of delegating the required responsibilities to the existing positions or units with related duties or positions. Positions/ Units created to address audit findings and pursue clean audit or better audit outcomes (LPT, 2020). LPT inadequate transversal organisational structure affecting the development and implementation of a combined assurance model. Transversal structure bloated and duplicated reporting line, roles and responsibilities duplicated. 1.4. Significance of the research study The research will help policymakers and combined assurance practitioners implement a combined assurance model from both the public and private sectors. The study will also contribute towards generating a body of knowledge within the field of Governance and Compliance and benefits researchers, policymakers, and academics. The study will also help policymakers and practitioners understand other assurance providers' roles within LPT and collaborate with other assurance providers to add value to departments and public entities. In terms of AGSA (2016), Gauteng, the Northern Cape and the Western Cape consistently provided adequate assurance over the past four years. Where else, all other treasuries provided some assurance to provincial departments and public entities. The multiple uses of assurance providers' activities in isolation cause the board and audit committees to suffer from assurance fatigue and assurance gaps that lead to inefficient reporting to governing bodies (Sarens, Decaux, & Lenz, 2012). As a result, this creates duplication of efforts, contradicting reports/recommendations and high cost. When adequately developed and 29 effectively implemented, a combined assurance model will prevent management and governance oversight structures from being overwhelmed with information, reports and succumbing to assurance fatigue. 1.5 Summary Provincially, the Premier (OTP) and PT's Office are the two institutions that play a critical role in respect of institutional governance and administration in the province. PT acts as the custodian of the PFMA in the Province. PT have a constitutional mandate through the Public Finance Management Act (PFMA) No. 1 of 1999 as amended to enforce implementation of National and Provincial Treasury norms and standards in the province, including prescribed procurement systems, standards and Generally Recognized Accounting Practice, uniformly classified systems, provisioning, banking, cash management and investment frame-work policies for both the departments and public entities. The nature of the work of the Provincial Treasury (PT) is to provide information, reports and assurance to critical stakeholders and oversight bodies such as the Provincial Executive Council, the Cluster Audit Committees, Standing Committee on Public Accounts (SCOPA), as well as the relevant Portfolio Committees. Since the Chairperson of the Central Audit Committee (CAC) reports directly to the Provincial Executive Council (EXCO), a benefit can be derived by providing EXCO as well as Executive Authorities (EA) with integrated and consolidated reports of assurance services in respect of governance, risk management, internal control, and compliance processes. The purpose of this study is to explore and determine the challenges associated with the implementation of the combined assurance model by 30 LPT and develop possible solutions in the form of recommendations for LPT to improve. The Institute of Internal Auditors Standard 2050 enacted Chief Audit Executive (CAE) to share information and coordinate activities with other internal and external providers to prevent management and governance oversight structures from being overwhelmed with information, reports and succumbing to assurance fatigue. For the past five years, LPT has been attempting to develop a combined assurance model suitable for LPDs and PEs to alleviate assurance fatigue. The plan has been to create the model twofold: LPT assurance providers working together to provide assurance oversight to LPDs & PEs and provide a framework for departments and public entities assurance providers to execute functions and report to LPT. However, LPT did not fully succeed in developing the combined assurance model. LPDs and PEs raised concerns about the multiple assurance providers from LPT, which are working in silos. As a result, this creates duplication of efforts and contradicting reports/recommendations that LPDs and PEs must implement. There is no collective effort and commitment to implement combined assurance in LPT, which results in high costs from LPT, LPDs and PEs. Consequently, LPT has governance structures as well as assurance providers to support both the LPDs and PEs. However, it is uncertain whether all the assurance providers are working correctly as per the requirements. The multiple uses of assurance providers' activities in isolation cause the board and audit committees to suffer from assurance fatigue and assurance gaps that lead to inefficient reporting to governing bodies (Sarens, Decaux, & Lenz, 2012). As a result, this creates duplication of efforts, contradicting reports/recommendations and high cost. When adequately developed and 31 effectively implemented, a combined assurance model will prevent management and governance oversight structures from being overwhelmed with information, reports and succumbing to assurance fatigue. 2. LITERATURE REVIEW 2.1. Introduction This chapter has three broad objectives identify the knowledge gap, and to identify the knowledge gap, understand the research problem, identify the knowledge gap, and develop a framework for interpreting the research findings. Specifically, in Section 2.1, we detail the research problem. Then, in Section 2.2, we review the literature on studies that have attempted a similar study or research. Finally, with information arising from Section 2.2, we identify and detail the framework that we will use to interpret our research findings in Section 2.3. The discussion in this study will focus on combined assurance with prominent themes drawn from agency theory. This theory resolves certain problems in the formal two-way agreements or relationships between principals who entrust or delegate work to their agents ( Rossouw & Marais, 2015). The application of agency theory forms the basis of explaining and understanding why certain agents act the way they do (Rossouw & Marais, 2015). According to the principal-agent relationship, theory can be applied to employer-employee, lawyer-client, buyer-supplier and other agency relationships (Adams, 1994) . For the study, the principal would be the board of directors or management, and the agent would be the organisational management. The three problems addressed by agency theory relate to goal asymmetry: perceptions about misalignment of goals due to personal interests; risk asymmetry refers to perceptions about 32 differences in risk perceptions and treatment; and information asymmetry, which deals with the perceptions about the sharing and withholding of information( Rossouw & Marais, 2015). Referring to agency theory, due to perceived differences in the interpretation of goals, risks, and information amongst principles and agents, the principal would not adequately evaluate the agent’s performance (Adams, 1994). It is also that it is perceived that whenever the incentive or opportunity (motivation) arises for the agent to diverge in any of the three factors (goals, risks, information), agency theory predicts that the agent will act and make decisions to maximise its self-interest over that of the principal (Adams, 1994). The agency theory advocates that, because of information asymmetries and self-interest, principals are deficient of reasons to trust their agents and will pursue to resolve these concerns by putting in place mechanisms to bring into line the interests of agents with principals and to reduce the scope for information asymmetries and opportunistic behaviour (Adams, 1994). An agency relationship ascends when one or more principals engage another person as their agent perform the service on behalf of the principal. The performance of these services will result in the delegation of the decision-making authority to the appointed agents ( Rossouw & Marais, 2015). The delegated responsibility by the principal and the resultant division of labour aid to promote an efficient and productive economy. However, the delegation also means that the principal desires to trust an agent to act in the principal’s best interests. So what happens when concerns arise over agents' motives and cause principals to question the trust they place in them? (Adams, 1994). 33 Combined assurance serves a fundamental purpose in promoting confidence and reinforcing trust in financial information (Decaux & Sarens,2015).As depicted in agency theory, the principal-agent relationship is significant in understanding how the combined assurance has developed. Agency theory is a sound economic theory of accountability, which helps explain the combined assurance’s development. However, along with this, it is evident that other stakeholders, such as regulators interested in the audit and agency theory, do not provide a complete or straightforward explanation of their expectations. 2.1. Research problem analysis 2.1.1. Combined Assurance benefits Institutions expand, and business operations evolve and become more multifaceted; the growth leads to the board and ARC requiring more assurance providers’ functions to oversee the achievement of objectives and mitigate risks (Huibers, 2015). However, according to Dmitrenko (2017), institutions have always used different assurance providers to help boards and ARC oversee the effectiveness of risks, control, and governance. The multiple uses of assurance providers’ activities in isolation cause the board and audit committees to suffer from assurance fatigue and assurance gaps that lead to inefficient reporting to governing bodies (Sarens, Decaux, & Lenz, 2012). Adequate implementation of combined assurance eradicates redundant and unnecessary assurance in organisations, provided the board, and its committees appreciate the subject matter. 34 Combined assurance is a process to incorporate and optimise all assurance services and functions so that, “taken as a whole, these should enable an effective control environment. As a result, it enhances the integrity of information used for internal decision-making by management, the governing body, and its committees (Dmitrenko, 2017). According to Forte & Barac (2015), combined assurance in most organisations constitutes financial risks processes and activities, regulators, operational and strategic risks. However, Decaux & Sarens (2015) concluded that organisations are still learning through combined assurance implementation because no organisation seems to have achieved an established combined assurance program. In a similar study, Vera-Muñoz (as cited in Dzomira, 2016) concludes that the influential audit committee and the internal audit must be informed and observant of the financial reporting process whose members should have financial literacy. Internal Audit Function (IAF) is responsible for adding value to the Organisations through providing independent assurance and consulting services on the control environment, risk management and governance by evaluating its adequacy and effectiveness (Dmitrenko, 2017). The maturity of the organisation’s Enterprise Risk Management (ERM) process is the precursor to a combined assurance model (Dmitrenko, 2017). Controls are designed to mitigate risks that might hinder the organisation’s objectives; therefore, combined assurance and risk management are linked (Decaux & Sarens, 2015). According to Decaux &Sarens (2015), risks are everywhere in organisations; therefore, there is a need for a holistic value-add assurance approach to mitigate the risks and foster decision-making. 35 According to Masegare (2018), the benefits of aligning and co-ordinating assurance processes will improve the control environment and support the following organisational objectives: Elimination of assurance fatigue. Resources are not misused on preventable duplication. Assist with prioritising high-risk assurance efforts, promoting an identical view of risks and approaches across the organisation. Reported information to governance committees is more precise and insightful, facilitating better decision-making through assurance activities, generating value add, and relevant data based on collaboration. The use of one language helps to enable value-added deliberations. 2.1.2. Mapping of Assurance Providers The institute’s assurance environment components are identified through three lines of defence (Decaux & Sarens, 2015). The identification should be supported through risk mapping, a mixture of applicable business model matrices, and defined goals and timelines (Decaux & Sarens, 2015). However, Dmitrenko (2017) argues that the organisation should depend on its operations in choosing the appropriate model for the entity. Organisations can use the defence model or assurance model. The defence model is the three lines of defences. The assurance model is implementable by ensuring that assurance providers are part of a single team on the structure. 36 Lines of defence: Management is the first line of defence as the process owners and is responsible and accountable for monitoring and controlling operations. Management is responsible for risk identification and mitigating controls within their operation line (Dmitrenko, 2017). Management ‘s role is to implement remedial actions by implementing prescribed procedures to address control deficiencies daily (Decaux & Sarens, 2015). The second line of defence is dedicated functions designed to support management in its monitoring activities by assisting with developing, facilitating, and reviewing management processes (Dmitrenko, 2017). The second line of defence functions is established to enhance the first line of defence and assure that the first line of defence operates as intended (Decaux & Sarens, 2015). The second line of defence possesses some level of independence since there is a management function that sometimes contributes to the development and implementation of processes (Dmitrenko, 2017). Internal Audit is the third line of defence that provides independence assurance on the first and second defence activities line (Dmitrenko, 2017). Internal audit activity is responsible for providing the Board/ Executive authorities and senior management with a comprehensive independent assurance on the adequacy and effectiveness of governance, risk, and control within the organization (Dmitrenko, 2017). Sometimes the fourth line of defence is used for external assurance providers such as external auditors, regulators, and external bodies (Masegare, 2018). “External auditors, regulators, and other external bodies reside outside the organization’s structure, but they can have an important 37 role in the organization’s overall risk, governance and control structure” (IIA, 2013, page 6). Regulators set requirements anticipated to reinforce the control environment in an organization and, on other occurrences, perform an independent function to review compliance of first, second, or third line of defence concerning the set requirements. According to the Institute of Internal Auditor (2013), “external auditors, regulators, and other groups outside the organization can be considered as additional lines of defence, assuring the organization’s shareholders, including the governing body and senior management’(IIA, 2013, page 6). The public sector three lines of defence identified by AGSA (2017) include senior management, HOD, and MEC as the first line of defence. Internal Audit, Audit Committee and Monitoring & Coordination departments as the second line of defence. Lastly, SCOPA and Portfolio Committee as the third line of defence. AGSA (2017) argues that MECs monitor and provide oversight tasks in their portfolios and therefore play a direct role at departments and have particular oversight responsibilities towards their departments in terms of the PFMA. PT play a coordinating and monitoring role at the provincial level as mandated in section 18 of the PFMA and forms part of the overall assurance providers. 38 Figure 2: Assurance provided by key role players Source: General report on the national and provincial audit outcomes of 2016-17 (AGSA, 2017,p.144) 2.1.3. Combined Assurance Forum Combined Assurance Forum execute and “embed the combined assurance framework principles as approved by the Audit Committee" (Masegare, 2018, page 139). The Combined Assurance Forum's main objective is to facilitate the implementation of the Board / Accounting Authority desired level of assurance prerequisite in each space (Decaux & Sarens, 2015). Furthermore, quarterly evaluate proper execution of the planned assurance activities and "ensure coordination, reporting and communication to stakeholders; Lastly, develop a common view of the risk themes" and conduct awareness of the expected Board desired level of assurance (Masegare, 2018, page 139). 39 2.1.4. Challenges associated with the implementation of Combined Assurance The root cause for the delay in implementing the combined assurance might be a lack of buy-in from governance structures and management. Other times, lack of commitment by all assurance providers. Assurance providers’ competitions and conflict. Lack of required skill to develop and implement the model lacks collaborations (Decaux & Sarens, 2015). Not evaluating the combined assurance model continually, identify an area of improvement and process to execute the improvement. (Huibers, 2015). Assurance providers do not utilise common focus to understand their organisations and fail to develop an integrated assurance model (NT, 2013). Organisational structure and culture not supporting integrated reporting and integrated thinking (IV, 2016). “Assurance providers working in silos, duplicate functions and issue multiple reports to both the Departments and Public Entities” (Huibers, 2015, page 1). Assurance providers use different methodologies, Lack or inactive combined assurance forums, Lack of software solution, and a burdensome manual process to organise assurance activities (Lindeque, 2014). 40 2.1.5. Manage Assurance Providers Conflict of Interest According to Masegare (2018), independence and objectivity are susceptible within the assurance providers’ profession, resulting in assurance providers unwilling to share information or depend on each other’s work to protect quality requirements set by their professional bodies. Therefore, possibilities of conflicts of interest should be managed in order to remain significant and achieving quality requirements as assurance providers; the following measurements in Table 1 should be observed: Table 1: Combined Assurance assurers’ criteria Source: Masegare (2018, page. 139) 41 2.1.6. Combined assurance awareness and buy-in According to Decaux & Sarens (2015), the first imperative component is that combined assurance is a comprehensive concept that requires tone at the top and organisational culture to be implementable. Therefore, buy-in and support of top management are vital as executives will commit resources to the initiative. Combined assurance is efficient when steered from the highest level of authority within an organisation. The second imperative component in setting the groundwork for execution is enlightening stakeholders and creating mindfulness of combined assurance. A well-defined model and mutual understanding will drive the success of the model execution. The third vital component is to elect a Combined assurance champion to coordination the combined assurance process. A lack of a dedicated champion causes Thirty-four per cent of combined assurance implementation failure in organisations to coordinate assurance activities. CAE/IAF could effectively fulfil this role because IAF is the only independent assurance provider responsible for the overall assurance of governance, risk, and controls. 42 Figure 3: Governance model (2019) Source: Combined assurance (including governance) (PWC,2019,p8) 2.1.7. Integrated reporting Integrated reporting required various assurance practitioners skills and expertise, a broad understanding of value creation transversely, and appreciation of integrated thinking (Simnett, Zhou, & Hoang, 2016). The assurance providers function is responsible for assuring the Board of directors of the reliability, accuracy and completeness of reporting depending on the area of speciality (Maroun & Prinsloo, 2020). The IR Framework (Reporting, 2013, p. 10) identifies "internal control and reporting systems, stakeholder management and internal audit and other independent assurance services as mechanisms to enhance the reliability of an integrated report". According to Adams (2015, p. 2), proper implementation of the integrated reporting requires “new accounting and management processes”. Implementing integrated reporting depends on the change in management's thinking pattern and the organisation at large to integrated thinking (Adams,2015). 43 2.1.8. Organisational Structure 2.1.8.1. Provincial Treasuries providing adequate assurance PFMA no 29 of 1999 instructs every provincial treasury to be headed by MEC. PFMA further outline the functions and powers of the Provincial Treasury (PT) as follows: Preparations of the provincial administration budget; exercise control over the implementation of the provincial budget, promotion and enforcement of transparency in the spending of budget, revenue collection, assets management in departments and public entities, ensuring that fiscal policies do not materially and unreasonably prejudice national economic policies and monitoring of the implementation of national and provincial norms and standards (Rambiyana, 2016). PT have the constitutional mandate through PFMA No. 1 of 1999 as amended to support both the Departments and Public Entities governance, risk, and controls. As a result, multiple assurances providers’ units support and monitor provincial departments and public entities’ governance, risk and control processes and structures. Masegare (2018) argues that government entities' difficulty to achieve clean audit results from the boards and ARC's inability to manage risks effectively and efficiently; a combined assurance model could assist in this regard. According to AGSA (2017), Gauteng, Northern Cape, and Western Cape PTs consistently provided adequate assurance over the past four years. Where else, all other treasuries provided some assurance to provincial departments and public entities. AGSA (2019) National and Provincial Audit Outcomes reported that Gauteng and Western Cape have the highest numbers of clean audits and good financial health, with Northern Cape achieving average rate. 44 PT transversal assurance providers during the financial year contribute to the credibility of financial, performance information and compliance with legislation by monitoring the implementation of internal controls (AGSA, 2017). HODs and MECs use the annual report to report on an organisation's spending and performance against predetermined financial year targets (AGSA, 2017). SCOPA and PC depend on the assurance providers to ensure that the annual report's information is creditable (AGSA, 2017). 2.1.8.2. Limpopo Provincial Treasury structure review Limpopo Provincial Treasury (LPT) has multiple assurances providers’ classified as Branches, Chief Directorates and Directorates responsible for monitoring and evaluating Limpopo provincial departments and public entities’ governance, risk, and control processes. Assurance providers are composed of the following four branches: Sustainable Resources Management (SRM); Assets, Liabilities and Supply Chain Management (AL&SCM); Financial Governance & Systems (FGS) and Shared Internal Audit Services (SIAS). All four branches have sections and sub-sections that report independently to eleven LPDs and five PEs from other sections and sub-sections. 45 LTP assurance providers primarily issue reports to PE and LPD’s CFOs and ARC through DDGs for respective branches in the department. In PEs, not all reports serve at ARC and the Board; the following reports are discussed at PE audit committees SCM, Risk management, and GMC compliance reports. Treasury official represented at the ARC and Board only present Governance Monitoring & Compliance (GMC) compliance report. LPT assurance providers advise and support LPDs and PEs by evaluating Auditor General Action plan reports. LPT analyses root causes, strengthen controls, and monitors AG action plan implementation. LPT have fourteen transversal forums from different transversal units to monitor and support departments and PEs. LPT uses institutional arrangements to manage LPTs activities efficiently and effectively through the various governance structures to fulfil the department’s mandates, vision and strategic objectives. The institutional arrangements are monitored and evaluated quarterly, with various Chairpersons reporting to the EXCOM to ensure that the intended outcomes of these structures are realized. Most of the forum’s reports to respective DDG’s, the Provincial technical committee on finance (PTCF) and LPT HOD. Most of the assurance providers in LPT evaluate Auditor General action plan reports and findings to advice and support department and public entities in root cause identification, strengthening controls and monitoring implementation of AG action plan within their area of speciality; however, the results of the evaluation are reported by each unit without integrating the report which sometimes leads to contradicting advice or analysis given by LPT different units. The following units’ analysis auditor general reports GMC PFMA, GMC Public entities, SCM, Financial reporting, financial training, Assets Management, Banking, Revenue and Budget. 46 47 Figure 4: Limpopo Provincial Treasury Transversal Organisation structure (student’s own,2020) 48 Table 2: LPT Transversal forums Transversal Forums Frequency of meetings per annum (quarterly, monthly etc) Office expected to be part of the meetings Role of the committee Forum reporting line Provincial technical committee on finance (PTCF) 2 meetings per quarter CFO -To ensure that all new initiatives around good financial management of the province’s finances are communicated and discussed technically before being presented to the Heads of --Departments (HOD) Forum. -To share best practice on good financial management in the province -To ensure that the PFMA, MFMA and their regulations are being implemented as required. The Committee will report to HOD’s Forum via HOD LPT with recommendations for consideration for approval by the HOD’s Forum. A report will also be presented at EXCOM. PFMA Coordinators Forum quarterly (4 times per annum) CFO -Standardization and improvement of internal control and compliance practices -Knowledge and information sharing on best practices on internal control and compliance -Coordination and monitoring of internal control and compliance activities. The Committee will report to DDG: FG with recommendations for consideration for approval by the PTCF. The Forum is accountable to the Head of Department of Provincial Treasury. 49 Infrastructure Technical Management Committee Monthly (12 times per annum) Infrastructure -Monitoring and evaluation of the effectiveness of IDMS-related and consolidated reporting to the Infrastructure Cluster. The Committee will report to PTCF via Chief Director: Infrastructure with recommendations for consideration for approval by the PTCF. A report will also be presented at the Executive Management Meeting. Financial Accounting and Reporting Forum Quarterly (4 times per annum) CFO -To ensure effective implementation of accounting and reporting principles, and compliance with prescripts on financial accounting and reporting requirements. The forum will submit a report to the PTCF quarterly through the Chairperson. The Forum is accountable to the Head of Department of Provincial Treasury. Provincial Financial Training Forum Quarterly (4 times per annum) CFO -To discuss and address training issues/challenges relating to transversal systems and financial management. -To promote uniformity in training procedures and processes within Departments and Public Entities. The forum will submit a report to the PTCF quarterly. The Forum is accountable to the Head of Department of Provincial Treasury. PERSAL Forum Quarterly (4 times per annum) Human Resource -Standardisation in the utilisation of transversal financial systems. -Sharing of information and best practices from National System Forum. -Identify and find solutions to common systems related challenges. -A central forum where external stakeholders can present and clarify systems related issues (National Treasury, SARS, Provincial Banker, Auditor-General, etc.), -Achieve common understanding to new initiatives related to systems enhancements. The forums will report to Provincial Accountant General through CD: Financial Systems with recommendations for consideration for approval by the PTCF. The Forum is accountable to the Head of Department of Provincial Treasury 50 LOGIS Forum Bi- monthly (6 times per annum) CFO - Standardization in the utilization of transversal financial systems. -Sharing of information and best practices from National System Forum. -Identify and find solutions to common systems related challenges. -A central forum where external stakeholders can present and clarify systems related issues (National Treasury, SARS, Provincial Banker, Auditor-General, etc., -Achieve common understanding to new initiatives related to systems enhancements The forums will report to Provincial Accountant General through CD: Financial Systems with recommendations for consideration for approval by the PTCF. The Forum is accountable to the Head of Department of Provincial Treasury BAS Forum Bi- monthly (6 times per annum) CFO - Standardization in the utilization of transversal financial systems. -Sharing of information and best practices from National System Forum. -Identify and find solutions to common systems related challenges. -A central forum where external stakeholders can present and clarify systems related issues (National Treasury, SARS, Provincial Banker, Auditor-General, etc., The forums will report to Provincial Accountant General through CD: Financial Systems with recommendations for consideration for approval by the PTCF. The Forum is accountable to the Head of Department of Provincial Treasury. Provincial Risk Management Forum Quarterly (4 times per annum) CFO -Standardization and improvement of risk management practices -Knowledge and information sharing on best practices on risk management -Coordination and monitoring of risk management -The Committee will report to DDG: FG with recommendations for consideration for approval by the PTCF. The Forum is accountable to the Head of Department of Provincial Treasury. -The Forum shall report on a quarterly basis to the Audit Committee (based in the LPT) and to the National Treasury on its activities. -The Heads of Departments, the Audit Committee 51 and the National Treasury shall provide the Forum with feedback on its effectiveness on an annual basis. Provincial Revenue Management, Budget, and Expenditure Forum Quarterly (4 times per annum) CFO -Identify risk areas in budget, expenditure, and revenue collection, and ensure departments institute corrective measures. -Facilitate and co-ordinate sound financial management information systems in departments and take steps to ensure that departments play an active role in development of such system The Forum reports to the PTCF Cash Management Forum Quarterly (4 times per annum) CFO -Forecasting cash requirements of the departments over long, medium, and short-term. -Analysis and interpretation of the provincial cash flows vs Actual Expenditure. -Monitoring compliance with financial prescripts. -Sharing/benchmarking best practices to enhance provincial cash management. -Resolving/recommending solutions for technical banking challenges. Reporting to the PTCF Provincial Supply Chain Management Forum Quarterly (4 times per annum) CFO -To capacitate SCM officials within the province -Sharing best practices and generating a pool of knowledge on SCM issues for the province. -Ability for Treasury to develop realistic and user-friendly policies which are best understood and easy to implement while addressing relevant issues and concerns. -Effective implementation of Supply Chain Management in all the Departments and Public Entities. The Forum reports to the PTCF on all SCM related matters 52 Inventory Management Forum Quarterly (4 times per annum) CFO Monitor’s performance of asset management units in the departments and public entities The Committee will submit report to the PTCF monthly. Asset Management Forum Monthly from April to November (8 times per annum) CFO Monitor’s performance of asset management units in the departments and public entities The Committee will submit report to the PTCF monthly. 53 2.1.8.3. LPT assurance providers’ structures in comparison with best performing Treasuries. a. Comparison of Western Cape (WCPT), Gauteng, Northern Cape, and Limpopo provincial treasuries WCPT structure is more of a liner structure, especially at the Senior Management Services level (SMS) with only two transversal branches the Office of the Premier. NCPT and GPPT organisational structures are like LPT structure; the difference is that the NCPT structure shared audit committee falls under shared internal audit, and on GPPT, municipal financial governance is a branch on its own. Just like LPT Departments and Public Entities are monitored and supported by four transversal branches. Figure 5: Western Cape Treasury Transversal Organisation structure (student’s own,2020) 54 Northern Cape Cape Treasury Transversal Organisation structure Figure 6: Northern Cape Treasury Transversal Organisation structure (student’s own,2020) 55 2.2. Research knowledge gap analysis Dzomira (2016) has discussed combined assurance in the public sector, specifically focusing on scrutinising the combined assurance model's support in South Africa's public sector. The study beach on the stewardship theory developed by Donaldson and Davis (as cited in Dzomira, 2016). The research study followed a qualitative research approach in analysing qualitatively based data (Maree, 2013) from Auditor general provincial audit outcomes for 2014-2015. Decaux & Sarens (as cited in Dzomira, 2016) concluded that organisations are still learning through combined assurance implementation because no organisation seems to have achieved an established combined assurance program. In a similar study, Vera-Muñoz (as cited in Dzomira, 2016) concludes that the influential ARC and the internal audit must be informed and observant of the financial reporting process whose members should have financial literacy. However, the study limits the ARC's role and IAF's role to financial skills, where else King IV (2016) specify that the audit committee is responsible for overseeing the effective achievement of the internal control environment, supporting the integrity of information used for internal decision-making by management, the governing body, and its committees. According to IIA standards, an internal audit is responsible for evaluating the adequacy and effectiveness of governance, risk management and controls in general, not only financial controls. Furthermore, Company regulations Chapter 3, in line with companies act 94 (5), stipulates that at least one–third of the members of a company's audit committee at any time must have academic qualifications, or experience, in economics, law, corporate governance, finance, accounting, commerce, industry, public affairs or human resource management. 56 According to Dzomira (2016), the first level of defence assurance providers consists of senior management, accounting officers and MECs of the Departments. Second-level assurance consists of IAF, ARC and monitoring and coordinating departments. The third-level assurance providers are public accounts committees, portfolio committees and Auditor General, providing combined assurance in most public sector institutions in South Africa. As a result, the model is not implementable as it is too high level and omit functions designed to support management in its monitoring activities by assisting with developing, facilitating, and reviewing management processes. The study analyses AG reports and governance structures not necessarily how the different governance structures' assurance processes integrate and align so that senior management, ARC, and supervisory committees obtain a comprehensive, holistic view of the effectiveness of their organization's governance, risks, and controls to enable them to set priorities and take any necessary actions (Huibers, 2015). King III introduced the combined assurance model, and King IV illustrated that the model incorporates all assurance services and functions to enable an effective control environment and support the integrity of information used for decision making; however, King IV only recommend the model but do not prescribe the design of the model. Exceptional guidance on how best to implement combined assurance is still limited. Although there is no specific standard in the IPPF on how combined assurance should be provided, IIA standard 2050 by Internal Audit enact CAEs to coordinate and facilitate the work of other internal and external assurance providers Huibers (, 2015). Huibers (2015) further outlined that awareness and implementation of combined assurance seem low according to the survey results. There is no internationally adopted definition and guidance 57 regarding combined assurance and how to implement it, including the different ways of combining assurance and different types of coordination that are possible (Huibers, 2015). Decaux & Sarens (2015) concluded that organizations are still learning through combined assurance implementation because no organization seems to have achieved an established combined assurance program. According to the global internal audit common body of knowledge (CBOK) 2015 survey, there is only 59% of reflected awareness of the combined assurance model (Huibers, 2015). 2.3. Framework(s) for interpreting research findings A framework is a set of wide conceptions that guide the study (Anfara Jr & Mertz, 2014). Qualitative research commences with research questions, the main purpose of research questions is to learn about the subject matter and discover new ideas and perception or produce fresh theories. The researcher informs questions by collecting relevant data. ,When arranged and analysed, data becomes information, which, when applied, turns out to be knowledge (Rossman & Rallis, 2003). Qualitative research is generally based on interpretative, biased, and contextual data. In interpretation and analysis, the researcher brings intellectual philosophies and experiences, consequently, the researcher should retain the set of scales between order and intuition (Rossman & Rallis, 2003). The researcher should make certain that the study's outcomes are reliable and valid to achieve the study and answer questions accompanying research findings. The relationship between the researcher’s perspective and multiple other contexts is imperative (Croker, 2009). As a result, the researcher will triangulate the results of the research findings with other reliable sources of information such as the National Treasury, 58 Institute of Internal Auditors, and IOD, AGSA audit reports and the available academic articles and journals. Furthermore, triangulation will be done by obtaining data from both the AGSA, Audit Committee Chairperson, Provincial Internal Audit, and other Assurance Providers within Limpopo Province. 2.4. Summary and conclusion Huibers (2015) argues that the efficiency level of the governance structure of the organisations will determine the complexity of the design of the combined assurance model. Therefore, the governance structure needs to support the alignment of different assurance providers’ activities, classifications, and rating systems. IIA Implementation guide 2050 guides Internal Audit to coordinates assurance efforts with the second line of defence functions by synchronizing the nature, scope, and scheduling of work, and ensure a shared appreciation of assurance systems, methods, and terminology and relying on one another’s work to minimize duplication of effort. Most assurance providers in LPT evaluate Auditor General action plan reports and findings to advice and support department and public entities in root cause identification, strengthening controls and monitoring implementation of AG action plan within their area of speciality however the results of the evaluation are reported by each unit without integrating the report which sometimes leads to contradicting advice or analysis given by LPT different units. For example, the following units’ analysis auditor general reports GMC PFMA, GMC Public entities, SCM, Financial reporting, financial training, Assets Management. 59 Western Cape reporting line seems to be straightforward with fewer reporting lines; it might be easier for the department to issue an integrated report to the client department and public entities (Annual Performance Plan, 2020) with a linear structure. 60 3. RESEARCH STRATEGY, DESIGN, PROCEDURE AND METHODS Introduction The qualitative research method was followed to achieve the research objectives. This study used unstructured and semi-structured individual interviews to collect primary data. Academic articles and journals, government literature, books, and LPT transversal organisational structure and Departmental annual reports were regarded as secondary data used for literature review. The University Library and google scholar have been used to access secondary data such as academic journals and articles. Interview questions were developed for use during the primary data collection to interview individual participants. Permission was granted from the HOD of LPT to interview the research participants. According to Leedy and Ormrod (2001, p. 14), research methodology is the step-by-step plan of action the researcher takes in carrying out the research project". A research methodology is fundamental in guiding the researcher to achieve the research's desired objectives by systematically conducting research and producing quality and detailed reports. The purpose of this study was to explore and determine the challenges associated with the implementation of the combined assurance model by LPT and develop possible solutions in the form of recommendations for LPT to improve implementation of combined assurance by using Limpopo Province as a case study. The research aims to establish whether assurance providers are working correctly as per the requirements of the PFMA to support both the Departments and Public Entities. Most assurance providers work in silos, same functions, and issue multiple reports to both the Departments and Public Entities. As a result, this study's research methodology enables 61 the researcher to accomplish the research objectives. Moreover, this chapter will further clarify different methods applied to certify the validity and reliability of the research findings (Neuman, 2006). 3.1. Research strategy The qualitative research method was followed to achieve the research objectives. Bryman (2012, p. 37) defines qualitative research as a "research strategy that usually emphasises words rather than quantification in the collection and analysis of data". Qualitative research focuses on engendering new theory than testing the existing theory. As a result, the aims of the qualitative research are aligned to this study as it seeks to investigate challenges associated with the implementation of combined assurance model in Limpopo Provincial Treasury' and develop possible solutions in the form of recommendations for LPT to improve implementation of combined assurance by using Limpopo Province as a case study. Neuman (2006, p. 151), argues, "qualitative researchers depend primarily on interpretative or critical social science wherein they apply logic in practice and follow a nonlinear research path". This explains why researchers using the qualitative approach frequently adopt case studies in their research to thoroughly evaluate and explore the cases to produce a new theory. This study mainly generate data to investigate challenges associated with implementing the combined assurance model in the Limpopo Provincial Treasury. Williams (2007, p. 67) argues that "qualitative research is conducted within a poststructuralist paradigm with five areas underpinning this approach namely: case study, ethnography study, phenomenological study, grounded theory study, and content analysis". The qualitative research approach aims to decisively define, clarify, and interpret the collected data from the above. As a result, qualitative research is less structured as it formulates and builds on new theories. In qualitative, the 62 researcher naturally interacts with the respondents, which is why the researcher interacted with LPT Assurance providers, Audit committee chairperson, AG and Provincial departments, and Public Entities CFOs (Williams, 2007). The researcher collected the data for this study using a qualitative approach that adopted a case study and a nonlinear path. Due to this study's nature, nonlinear is more appropriate as it enables the researcher to move in numerous directions, sideways and backward, which is more appropriate to achieve the objective of this study (Neuman, 2006). 3.2. Research design Bryman (2012, p. 66) argued, "the basic case study involves comprehensiveness and thorough examination of a single case". A case study best achieves this research design, with Limpopo Provincial Treasury (LPT) being a case in subject for the study. Williams (2007, p. 68) defines a case study as a process whereby the "researcher explores in depth a program, an event, an activity, a process, or one or more individuals". Hence, a case study can take a solo event or a case restricted to a period and a specific place. A case study permits a wide range of data collection from diverse sources, including interviews, corporal articles, records, observations, and audio-visual resources. As a result, the researcher invested more time directly interacting with individuals being studied to allow the research report to integrate lessons learned and patterns exposed that connects with the theories. Briefly, the above argument aligns with this study's objectives in that direct interaction through an interview with the assurance providers is critical for this study (Bryman 2012). There are different types of cases, but this study representative or typical case will be adopted as the most appropriate for this study for conciseness. 63 Representative or typical cases encompass a demonstrative role in a specified broader classification where its membership originates. This study's results may not be generalised to other cases, but this will lay a foundation for scholars, policymakers, and potential researchers to learn or improve. LPT was selected as a case study out of concern of the department struggling with developing and implementing a combined assurance model. Since LPT have the constitutional mandate through the Public Finance Management Act (PFMA), No. 1 of 1999 as amended to support both the Departments and Public Entities governance, risk, and controls. The case study helped the researcher directly interact with the research participants and collect the required data. 3.3. Research procedure and methods This section documents the actual procedure and the methods employed in this research to collect, collate, process, and analyse empirical evidence. 3.3.1. Research data and information collection instrument(s) According to Bryman (2012), data collection is the most crucial research process stage. Bryman (2012) further indicated that the most extensively used data collection methods are interviews and questionnaires. As a result, this study used unstructured and semi-structured focus groups and individual interviews to collect primary data. Academic articles and journals, books, AGSA audit reports, LPT transversal organisational structure, and Departmental annual reports have been regarded as secondary data used for literature review. The University Library and google scholar were used to access secondary data such as academic journals and articles. Interview questions have been developed for use during the primary data collection to interview individual participants. Permission have been requested from 64 the HOD of LPT to interview the research participants. Moreover, research participants were not pressured to participate after obtaining approval to interview them; each respondent was approached individually to request their consent to participate in the research process. Purposive and haphazard sampling was used to identify interviewees (Bryman, 2012). 3.3.2. Research target population and selection of respondents 3.3.2.1. Research target population LPT is a case study for this research from the foundation for the population in this study. The population represents all the individuals in transversal branches as the complete division of interest for the study. LPT has the constitutional mandate through the Public Finance Management Act (PFMA) No. 1 of 1999 as amended to support both the Departments and Public Entities governance, risk and controls and the custodian of the shared provincial internal audit service and shared audit committee. (Hanlon & Larget, 2011). 3.3.2.2. Sampling or selecting respondents from the target population Hanlon and Larget (2011, p. 7) define a sample as a "subset of the individuals in a population". A sample should be selected carefully for the study to ensure that the sample represents the overall population of the data collected to accomplish the study's objectives. Sampling aims to collect precise actions and cases, which expand understanding of the collective life. According to Neuman (2006, p. 61), "qualitative researchers focus less on a sample's representativeness than on how the sample or small collection of cases, units, or activities illuminates social life". This study used non- 65 probability sampling wherein representativeness is unnecessary but focuses mainly on the sample that is much relevant for this research. The quantitative researcher's approach does not always examine the population; instead, uses non-random samples that do not focus on the research population. As a result, purposive sampling was used for this study, which is found to be more relevant for case studies. According to Bryman (2012, p. 94), purposive sampling can be defined as a "non- probability sampling". Purposive sampling enables a researcher to sample participants appropriate to the research question and is mainly suitable for the research participants who are knowledgeable about the research area Neuman (, 2006). 3.3.3. Ethical considerations when collecting research data The data collection procedure includes an audiotape recorder for the respondents that have concurred with its usage to collect adequate data. Respondents have been afforded a chance to consent for the use of an audiotape recorder. In circumstances where the respondents do not consent to using an audio tape recorder. Permission have been requested from the HOD of LPT to interview the research participants. Moreover, research participants were not pressured to participate after obtaining approval to interview them; each respondent was approached individually to request their consent to participate in the research process. The researcher has not interfered with the respondents' views and permit a sensible extent of independence to the respondents to express their views on the subject matter. 66 3.3.4. Research data and information collection process Individual interviews have been conducted to collect the required data in addressing the two main objectives of this study. The first research objectives seek to determine challenges associated with implementing the combined assurance model by LPT within the Departments and Public Entities. Lastly, this study aims to establish if the LPT transversal structure is appropriate to enable all the assurance providers to carry out their combined assurance mandate smoothly and adequately within the Departments and Public Entities. The two research objectives will be accomplished using unstructured interviews to collect the req