Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.


Status message

Start your free, no obligation 5-day trial to continue exploring with full access.

IIA reviews ‘three lines’ model, plans new paper

Tammy Whitehouse | December 5, 2018

The Institute of Internal Auditors is taking a fresh look at the Three Lines of Defense model it has long embraced as a basis for sound risk management.

The IIA is working with “specialists in governance and risk management” to perform an extensive review of the model, “weighing the concept’s strengths, application and usefulness toward ensuring its continued relevance in today’s operational climate.” The group plans to publish a position paper in the first quarter of 2019, and it will solicit feedback and comment.

The Three Lines of Defense model says operational management is on the front line of the business, carrying out day-to-day functions and owning risk activities, while risk management and compliance functions form the second line of...

Read this single article for $49, or click the subscribe button below to review subscription options.

Enjoy unlimited access to thousands of articles, browse five years of digital magazines, qualify for reduced admission to events, and more.