Enterprise Risk Management - Three Lines of Defense: A New Principles-Based Approach

Across industries and time, the “three lines of defense” has been a cornerstone of operationalizing risk management programs. The Institute of Internal Auditors (IIA) provided valuable guidance regarding the three lines of defense initially in 2013, followed by updated guidance in July 2020 (called the “Three Lines Model”).

The three lines of defense represent an approach to providing structure around risk management and internal controls within an organization by defining roles and responsibilities in different areas and the relationship between those different areas. GARP has provided a detailed breakdown of the new approach. 

Get all the details here - Three Lines of Defense: A New Principles-Based Approach