Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.


Status message

Start your free, no obligation 5-day trial to continue exploring with full access.

Effective Governance and the Three Lines of Defense

Jose Tabuena | December 16, 2014

Some pundits would say that battles have steadily been brewing between the risk and control assurance functions. Should compliance report to legal, or be separate? Should compliance and internal audit be combined? Should audit take on risk management, or vice-versa? These are some of the simmering debates on how best to structure governance-related functions at a large enterprise.

Lately I’ve been getting inquiries about the value of combining risk and control functions. While efficiencies can be gained, organizations should heed whether integrating these areas can impair the ability of...

Read this single article for $49, or click the subscribe button below to review subscription options.

Enjoy unlimited access to thousands of articles, browse five years of digital magazines, qualify for reduced admission to events, and more.