Combined assurance is the process of internal, and potentially external parties, working together and combine activities to reach the goal of communicating information to management. To implement combined assurance, CAEs should first evaluate where they are today with regard to: conformance with the Standards; communication and coordination; reporting; and second line of defense functions.