Combined assurance

The objectives of assurance are to assess whether the internal control environment is effective, to assess whether there is sufficient integrity in the information used for internal decision-making and to support the integrity of external reports. The ARCC of Blue Label is responsible for overseeing the effectiveness of combined assurance arrangements within the organisation, which is documented within the Blue Label Integrated Risk Assurance Policy and Framework. The IRCC is responsible for directing and assisting in the co-ordination of the combined assurance arrangements within Blue Label as well as to ensure that a robust integrated risk assurance plan is compiled and executed by the various assurance providers on an annual basis.

Blue Label has adopted a combined assurance model, in line with corporate governance objectives, to optimise assurance obtained from management, corporate functions, and internal and external assurance providers on the risks affecting the business. The combined assurance model is integrated within the risk management process, including reporting to and oversight from the IRCC and ARCC, from which the annual integrated assurance plan is developed in respect of the priority risks for the Group across the four lines of defence (Management, Corporate Functions, Independent Assurance and Oversight Committees) through defined assurance activities. The assurance plan is a key tool to support the ARCC and the Board in making its endorsement on the effectiveness of internal controls in the integrated report and to support the integrity of information that underpins internal decision-making within Blue Label and reporting to its stakeholders.

Effort surrounding the first and second and line of defence included robust subsidiary and Group level finance reviews on a monthly basis as part of oversight and strengthening the overall compliance function.

In conclusion, risk audits are assigned to appropriate assurance providers, who monitor the effectiveness of the action plans and processes developed and implemented by management to mitigate the risks. This model gives the Board the assurance, through the Audit and Risk Committee, that all significant risks and associated opportunities are adequately managed.