Espousal of combined assurance model in South Africa ’ s public sector

The study seeks to examine the espousal of the combined assurance model in South Africa’s public sector, since there is not solitary autonomous unit that offers assurance in seclusion but various units add to the assurance progression. The study is grounded on stewardship theory in which various concepts of stewardship imply it to be a function of governments’ accountability for the wellbeing of citizens. This research study followed a qualitative research approach in which data were analyzed qualitatively based on an interpretative philosophy which examined meaningful and symbolic content of qualitative data from general reports on the provincial audit outcomes for the period (2014-2015). It was concluded that the level of appreciation of the combined assurance model and assurance provision in South African public sector is commendable, although there is still a need to improve and fully implement the model so as to attain good governance through stewardship advance. To that end, the governing body in South Africa’s public sector needs to augment its monitoring of harmonized and all inclusive approach in internal control systems, risk management and compliance issues. This serves in the best legitimate interests and expectations of the “inclusive stakeholders” via embracing of stewardship approach.


Introduction
Good corporate governance principles have been recently advocated for in the public sector and the key role players have been given the major challenge to uphold and steer its passable espousal.These chief role players in the public sector are expected to give total assurance on the addressing of significant risk matters.George (2005) highlighted that governance in the public sector deserves the same consideration as governance in the corporate sector, since unethical behavior in the corporate sector impacts the shareholders of a company, unethical behavior in the public sector adversely affects citizens.
According to the King Report (2009), combined assurance model aspires to optimize the assurance exposure obtained from management, internal assurance providers and external assurance providers on the risk areas affecting an institution.The report recommends that audit committee should be responsible for monitoring the aptness of an organization's combined assurance model and ensuring that significant risks facing the company are adequately addressed.The King Report (2009) further recommended that internal and external assurance providers and management should be sufficient to convince the audit committee that noteworthy risk areas within an organization have been sufficiently addressed and fitting controls subsist to allay and reduce these risks.The external assurance providers may well consist of the external auditor, regulators (inspectorate) or any other external assurance providers such as sustainability assurance providers.Basically, combined assurance means that there is not solitary autonomous party that offers assurance in seclusion, but various parties add to the assurance process (Dobie & Plant, 2014).In relation to assurance services connected to ethics management, a combined assurance tactic is encouraged to certify correct coverage against principal ethics risks.Management, internal assurance providers (such as internal audit) and external assurance providers (such as the Auditor General) are chief role-players in providing assurance to the councils over risks in public sector entities.According to PWC (2009) a combined assurance model, in point of fact, coordinates the efforts of management, internal and external assurance providers, augments their alliance and develops a collective and more holistic scrutiny of the organization's risk profile.
In corporate governance, an independent audit committee satisfies a crucial responsibility, as it ensures the integrity of integrated reporting and internal financial controls, and classification and management of financial risks.It is, therefore, highly necessary for the audit committee to be aptly skilled and qualified in dealing with oversight responsibilities of the various assurance providers to the utmost extent.The audit committees in South Africa's public sector have their mandate through the Public Finance Management Act (PFMA) since 1999, the Municipal Finance Management Act (MFMA) since 2003 and also the Treasury regulations issued in terms of the PFMA give effect to provisions of the Act dealing with audit committees (PWC, 2010).Van der Nest (2008) noted that audit committees can get better their effectiveness in their performance of certain key functions in the areas of oversight over risk management, governance, financial reporting, internal control and support for the external audit function.The audit committee is a legislated responsibility instrument in the public sector and it is argued that if this committee performs effectively, it will add to enhanced corporate governance (Van der Nest, Thornhill & de Jager, 2008).
It is a fundamental issue for the state agencies audit committees' competence to rate their game and meet the wide range of challenges posed by the current environment, since it is a central part of an organization's public accountability and governance (O/Higgins, & Carver, 2010).Audit committees have a task to weigh up the performance of the internal audit function, appoint heads of internal audit, support and promote the audit function within the organization (Davies, 2009).Internal audit function has always been acknowledged as one element of good corporate governance, being a fundamental part of the control mechanism in both public and private organizations (Arif, Zainal, Othman, Aris & Embi, 2013).
In the public sector, management is increasingly required to warrant application of an effective system of internal control and sound governance in their responsibility areas (Van Der Nest, Thornhill & de Jager, 2008).The PFMA tries to generate a culture of performance by having managers manage, but concurrently holding them liable for their deployment of resources in service delivery (Erasmus, 2008).Erasmus (2008) further noted that within this endeavor to get better performance, there are still many instances of poor financial management causally associated to poor service delivery.
Against this background, the study seeks to scrutinize the championship of the combined assurance model in South Africa's public sector.The rest of the paper covers the contribution of the study, theoretical framework, literature review, methodology, findings and discussion, conclusion, and implications of the study.

Contribution of the study
The study contributes to the body of knowledge in that it is directed in the South African context concerning part of governance issues in the public sector on the espousal of the combined assurance model using content analysis.Although studies using data across different countries may provide more leading insights, a study in the environment of one nation is of the fundamental nature, since one specific nation has its exceptional national physiognomies which allow adoption of the implications.Consequently, probing studies on combined assurance model in the public sector of South Africa, focused on information provided by Auditor General on provincial audit outcomes are comparatively rare in the literature.

Theoretical framework
This study is grounded on stewardship theory, as developed by Donaldson and Davis (1991Davis ( , 1993)).According to Cribb (2006), the origin of the notion of stewardship is biblical mentioned both in Old and New Testaments, and the stewards are valued employees who are entrusted with running households.Stewards were viewed as servants of someone or something greater than themselves, committed to their work, and had the prudence to take risks on behalf of their masters (Cribb, 2006).The Western concept of stewardship has religious pedigree, since, in Genesis, God appoints humanity as the steward of creation (Saltman & Ferroussier- Davis, 2000).Nevertheless, from the public administration viewpoint, stewards are public servants serving the desires of citizens in the most economic, efficient and effective manner (Jordaan & Fourie, 2013).Stewards recognize that there is a trade-off between personal and organizational needs, and prefer to work for organizational needs (Cribb, 2006;Davis, Schoorman & Donaldson, 1997) and seek to attain organization's objectives.This behavior, in turn, will benefit principals such as citizens (through good service delivery), because their objectives are advanced by the steward (Davis, Schoorman & Donaldson, 1997).
Stewardship theory realizes the significance of structures that empower the steward and offers maximum independence built on trust (Jordaan & Fourie, 2013).Stewardship theory examines relationships and behaviors often discounted in organizational economic theories, emphasizing collective, pro-organizational, contractual behavior in which an upper value is positioned on goal union than on agent self-interest (Slyke, 2006).According to Jordaan & Fourie (2013), the surfacing of a novel thinking about public administration and the idea of stewardship underline the call for a shift from longestablished and inflexible public administration practices and procedures to alliance with possible best practices in the business environment.The various concepts of stewardship imply it to be a function of governments accountable for the wellbeing of citizens and concerned about the trust and legitimacy with which its activities are viewed by the general public (Saltman & Ferroussier- Davis, 2000).
Government need to make public agencies accountable for taxpayers' money.The mechanisms of external control, such as monitoring and reporting, can be seen to provide the needed assurance to all involved stakeholders and the public that taxpayers' money is being used effectively (Davis et al., 1997).Thus, stewardship theory holds that performance variations arise from whether the structural situation, in which the executive is located, facilitates effective action by the executive (Donaldson & Da-vis, 1991).A steward who fruitfully improves the performance of the organization usually satisfies most groups, since most stakeholder groups have interests that are well served by increasing organizational wealth (Davis, Schoorman & Donaldson, 1997).Stewardship theory assumes that managers want to do a good job and will act as valuable stewards of an organization's resources and, as a result, senior management, internal audit and audit committee units, external assurers and citizens are better seen as partners (Cornforth, 2003).Consequently, the main role of the members of executive council is not to ensure managerial compliance or conformance, but to perk up organizational performance.The function of the members of the executive council is principally strategic, to work with management, internal and external assurance providers to improve strategy and add value to top decisions and, ultimately, applying combined ideas to governance.

Empirical literature review
The PFMA Section 38 outlines the general responsibilities of accounting officers for a department, trading entity or constitutional institution.The accounting officers "must ensure that that department, trading entity or constitutional institution has and maintains effective, efficient and transparent systems of financial and risk management and internal control; a system of internal audit under the control and direction of an audit committee complying with and operating in accordance with regulations and instructions prescribed".Similarly, MFMA, Section 62 outlines the responsibilities of an accounting officer of a municipality.The accounting officer of a municipality "is responsible for managing the financial administration of the municipality, and must for this purpose take all reasonable steps to ensure that the resources of the municipality are used effectively, efficiently and economically; that full and proper records of the financial affairs of the municipality are kept in accordance with any prescribed norms and standards; that the municipality has and maintains effective, efficient and transparent systems of financial and risk management and internal control; and of internal audit operating in accordance with any prescribed norms and standards; that unauthorised, irregular or fruitless and wasteful expenditure and other losses are prevented".These are part of the key role players in the public sector who should assist in the provision of the first level assurance.
Effective audit committees afford copious public benefits including better financial reporting and abridged corporate fraud (Rupley, Almer & Philbrick, 2011).In a study by Ghafran & O'Sullivan (2013), they found that internal auditors view certain audit committee characteristics, specifically independence, expertise and frequency of meetings, as leading to more effective audit committee performance and this implies that their assurance is heightened.In another study, Beasley, Carcello, Hermanson & Neal (2009) found that scores of audit committee members endeavor to provide effective monitoring of financial reporting and seek to avoid serving on ceremonial audit committees.Nonetheless, consistent with agency theoretic viewpoint of monitoring they found that high quality auditors, and, to some extent, leverage have a positive association with audit committee activity (Collier & Gregory, 1999).Ghafran & O'Sullivan (2013) found that audit committees with financial expertise are more likely to seek a higher level of external audit coverage and assurance.
In a combined assurance model, the possession of accounting expertise and skills of audit committee members and internal audit staff warranties high level of assurance.The results from another study suggest that accounting experience have a harmonizing impact on audit committee relations with internal audit in which accounting experience is related with the extent that the audit committee reviews the work of the internal audit function (Goodwin, 2003).In a similar study, Vera-Muñoz (2005) concludes that the audit committee must be informed and observant overseer of the financial reporting process whose members should have financial literacy, a broad awareness of the interrelationship between an organization's operations and its financial reporting, and the aptitude to devise and ask probing questions.More so, Adel & Maissa's (2013) results suggest that expertise of audit committee have a positive impact on audit committee interaction with internal audit.According to Ellwood & Garcia-Lacalle (2016), audit committees assure (vertical) financial accountability, and also provide assurance along horizontal lines of accountability to local communities, professional bodies and other stakeholders.
Using an experimental design, Stewart & Munro (2007) found that the audit committee's frequency of committee meetings and the auditor's attendance at meetings are significantly associated with a lessening in perceived audit risk.The impact on audit efficiency and audit testing seems to be nominal.According to Alzeban & Gwilliam (2014), their results suggest that management support for internal audit effectiveness drives perceived efficacy of the internal audit function from both management's and the internal auditors' perspective.However, Ahmad, Othman, Othman & Jusoff (2009), in their study, concluded that the internal audit function in the public sector in Malaysia is laden by insufficient support from top management, while the auditors rarely extend their full cooperation.Also the audi-tors themselves lack fitting knowledge and training on effective auditing approaches.The negative perception accorded to internal audit led to inaction by management on recommended remedies which only serve to invalidate the positive input internal audit potentially holds to bump up the service delivery quality of the public sector.Internal auditing becomes obligatory in numerous public finance sector units, thus, it is indispensable and efficient for the public finance sector operation (Szczepankiewicz, 2010).In addition to that, the impact of internal audit in the public sector is strongly influenced by the quality of internal audit mission and also by early and accurate identification of the risks (Lucan, Hlaciuc & Zaiceanu, 2015).
Therefore, a combined assurance model targets to optimize the assurance exposure acquired from management, internal assurance providers and external assurance providers on the risk areas heartrending the organization.Combined assurance should be concentrated on noticed risks and how assurance is attained and reported to the audit committee (PWC, 2010).Amongst the numerous control tools of risk management, internal audit is chiefly used as an effective tool to manage operational, financial, legal and regulatory risks (Vijayakumar & Nagaraja, 2012).Decaux & Sarens (2015) concluded that organizations are still learning through combined assurance implementation, because no organization seems to have achieved an established combined assurance program.

Methodology
This research study followed a qualitative research approach in which data were analyzed qualitatively based on an interpretative philosophy which examined meaningful and symbolic content of qualitative data (Maree, 2013) from general reports on the provincial audit outcomes for the periods 2014-2015.This was best attained through a process of inductive analyses of qualitative data where the main purpose was to allow research findings to emerge from the frequent inherent in raw data (Maree, 2013).In the study the sample size was made up of 8 out of the 9 provinces in South Africa owing to the availability of data.The Auditor General of South Africa by the time this research was done had only uploaded 8 provincial audit reports excluding KwaZulu-Natal.The sample size, however, was considered to be a representative sample, as it represents almost 89% of the total population (du-Pooley-Cilliers et al., 2014).General reports on the provincial audit outcomes for the periods 2014-2015 were used as primary documents for data analysis.The Auditor General is recognized in terms of the Constitution to audit and report on the accounts, financial statements and financial management of all national and provincial departments, municipalities, or any other institutions compulsory by national legislation to be audited by them.As the exceptional audit institution of South Africa, it qualifies oversight, responsibility and good governance in the public sector.According to de Renzio (2006), superlative audit institutions have the role to communicate information to public authorities and the general public through the publication of objective reports concerning proper and effective use of public funds; the proper execution of administrative activities; the development of sound financial management (DF-ID, 2005).The information involving the public sector performance against encoded objectives is subject to audit by the Auditor General in terms of Section 20(2)(c) of the Public Audit Act, 2004 (Act No. 25 of 2004).Data analysis and scoring of the findings for each province was conducted through content analysis using Atlas-ti qualitative research data analysis software.Scoring of the items was basically bipartite, where an item scores 1 if the findings by Auditor General were positive and 0 if it is unfavorable, without any consequence for each unidentified item.

First level assurance.
It is expected that the management and leadership of the public sector institution and those that perform an oversight or governance function should work towards improving the key controls, addressing the root causes and ensuring that there is an improvement in the key risk areas.This assurance will improve and maintain the quality of the financial statements and performance reports, as well as compliance with legislation.Senior management form the foundation of the combined assurance model as the first line of defence.It should, therefore, ensure that the fundamental disciplines of control activities are implemented, monitored and institutionalized as a backbone of running the public sector business.Stability at senior management level is crucial for ensuring accountability for implementation and sustainability of the control activities.
The findings from Fig. 1 below suggest that 6 out of the 8 provinces under study have first level assurance in place and have been improving.Only Eastern Cape Province has a 0% score meaning that accounting officers, MEC and senior management are not providing assurance, and Mpumalanga province also has 33% showing MEC as the only provider of first level assurance.Free state, Gauteng and Limpopo provinces have 100% each meaning that all the identified arms of first level assurance are providing assurance.Overall, the first level assurance in South Africa's public sector is above satisfactory level with a 76% score.

Second level assurance.
Internal audit units assist accounting officers and authorities in the execution of their duties by providing independent assurance on the internal controls, financial information, risk management, performance management and compliance with legislation.The effectiveness of the internal audit unit exists if audit committees oversee and support their operations and accounting officers and senior management take the findings gravely, cooperate and respond to their recommendations.An audit committee is an independent body that advises the MEC, accounting officer or authori-ty and senior management on matters such as internal control, risk management, performance management; as well as the evaluation of, and compliance with, legislation.The committee is required to provide assurance to the accounting officer or authority on the adequacy, reliability and accuracy of financial reporting and information.The findings from Table 1 below propose that all the provinces have second level assurances, that is, all the 8 provinces under study have audit committees, internal audit, and monitoring and coordinating departments providing assurance with a 100% score.The findings concur with Van der Nest's (2008) conclusion that the majority of audit committees in the South African public service are not perceived as ineffective in the performance of the required functions of committees.This implies that they contribute to the provision of assurance level.This study's findings are also supported by Mihret & Yismaw's (2007) findings which highlight that internal audit effectiveness is strongly influenced by internal audit quality and management support in Ethiopia's public sector.Nevertheless, in Malaysia Ahmad, Othman, Othman & Jusoff, (2009) from their findings concluded that the internal audit function in the public sector is weighed down by inadequate support from top management while, the auditors not often extend their full cooperation therefore implying inadequacy of combined assurance.

Third level assurance.
The provincial public accounts committee, as a standing committee of the legislature, is expected to oversee the provincial gov-

Scores
First level assurance ernment to certify discreet financial management, the accountability exploitation of resources and to make recommendations to the governing body.Whilst the portfolio committees provide oversight of the provincial executive's performance by endorsing the yearly performance plans and related budgets, and, then, eva-luating the actual performance and expenditure in accordance with these plans.The Auditor General must share key message on the actions needed to improve audit outcomes with accounting officers and authorities, MECs, the premier and the legislature through reports and interactions with them.

Fig. 2. Third level assurance
The findings shown in Fig. 2 above suggest that only 2 provinces (Eastern Cape and Free State) have the lowest external assurance of 33% of the three external assurance providers, namely, Auditor General, portfolio committee and public accounts committee.Portfolio committee and public accounts committees are not providing assurance in these two provinces.In the other 6 provinces the results show that there is 100% provision of assurance by all the three assurance providers.The overall third level assurance is above satisfactory level with total score of 83%.

Overall combined assurance.
By and large, the results propose that only one province Eastern Cape has got combined assurance level score of 44% (see Appendix) which is below reasonable point, whilst Gauteng and Limpopo have 100% combined assurance provision and the other 5 provinces are above satisfactory level.The results also reflect that audit committee, Auditor General, internal audit and monitoring and coordinating departments have 100% score on provision of assurance in all the 8 provinces under study and all the other assurance providers were above the reasonable level with the MECs with 63% score.The overall score (83%) on combined assurance provision in South Africa's public sector is above satisfactory level.The results from this study are supported by Alzeban & Gwilliam's (2014;2010) results which suggest that management support for internal audit effectiveness drives perceived effectiveness of the internal audit function from both management's and the internal auditors' perspective.However, Ahmad, Othman, Othman & Jusoff (2009), in their study concluded that the internal audit function in the public sector in Malaysia is laden by insufficient support from top management, while the auditors rarely extend their full cooperation.However, given that the overall score is above satisfactory level, Decaux & Sarens (2015), in their study, suggested that organizations are still learning through combined assurance implementation, because no organization seems to have attained a mature combined assurance program.

Conclusion and implications
Generally, it is concluded that first level assurance providers (senior management, accounting officers and MECs), second level assurance (internal audit function, audit committees and monitoring and coordinating departments) and third level assurance providers (public accounts committees, portfolio committees and Auditor General) are providing combined assurance in most of the public sector institutions in South Africa.The exceptional case is on first level assurance in Free State, where the providers are not executing their duties to improve and maintain the quality of the

Scaores
Third level assurance financial statements and performance reports, as well as compliance with legislation as first line of defence.The level of appreciation of the combined assurance model in the public sector is commendable, although there is still a need to improve and fully implement the model so as to attain good governance through stewardship approach.
To that end, the governing body in South Africa's public sector needs to augment its monitoring of harmonized and all inclusive approach in internal control systems, risk management and compliance issues.This serves in the best legitimate interests and expectations of the "inclusive stakeholders" through adoption of stewardship approach.