The three lines of defense represent an approach to providing structure around risk management and internal controls within an organization by defining roles and responsibilities in different areas and the relationship between those different areas. GARP has provided a detailed breakdown of the new approach.
Get all the details here - Three Lines of Defense: A New Principles-Based Approach