Wednesday, January 20, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home GRC Vendor News

IA Launches Global Review of “Three Lines of Defense”

by Corporate Compliance Insights
December 5, 2018
in GRC Vendor News
view of feet of military men in formation

Study focuses on ensuring widely used model continues to meet needs in a changing organizational climate

Lake Mary, FL (December 5, 2018) – For more than 20 years, organizations around the world have turned to the “Three Lines of Defense” model to navigate ever-evolving business challenges toward achieving and sustaining success.

Read: Does the New Three Lines Model Give Short Shrift to Compliance? — a CCI Exclusive

A widely used concept designating essential roles and duties in governance, risk management and control, the Three Lines of Defense is rooted in financial services but has come to serve a broader range of industries concerned with myriad issues around governance and risk management.

Acknowledging changing stakeholder expectations and increasing complexities of organizations, The Institute of Internal Auditors (IIA), in collaboration with specialists in governance and risk management, launched an extensive review of the Three Lines of Defense, weighing the concept’s strengths, application and usefulness toward ensuring its continued relevance in today’s operational climate.

Key to the study, and an updated position paper planned for release in 2019, is how the Three Lines of Defense model may be adaptable and tailored to organizations of all sizes and sectors, said Jenitha John, CIA, QIAL, Vice Chairman of Professional Certifications and leader of the Three Lines of Defense task force.

“The model must be flexible to allow for a diversity of users, and it must take into account the ever-changing nature of organizations and organizational environments,” John said. “Those charged with governance must be able to engage the Three Lines of Defense model and concept so that they may decide the most appropriate way to establish structure and resources within their organizations. Three Lines is fully capable of serving this need, but it also must address situations that exist where the three distinct lines are not in place.”

The current Three Lines of Defense model is delineated by:

  • Operational management (first line)
  • Risk management and compliance functions (second line); and
  • Internal audit (third line), which provides an organization’s governing body and senior management with comprehensive assurance based on its enterprise-wide independence and objectivity.

The IIA study is considering roles and responsibilities and the need for “horizontal coordination” and communication in the approach to risks and opportunities, John said. “Our focus is around coordination and collaboration, and on alignment and integration of the approach used across the model.”

IIA Global Chairman Naohiro Mouri, CIA, said the model is ideally situated to address a complex world. “There is a shared responsibility and accountability for the execution and assurance of governance, risk management and internal control,” Mouri said. “Our aim is not to replace Three Lines of Defense or invent a new model, but to ensure it can accommodate the nuances and dynamics we see across different organizations, so that they may leverage and learn from each other more effectively and strategically.”

“We also must embrace the concept that risk goes beyond defense,” Mouri said. “Uncertainty creates risks and it creates opportunities. Consideration must be given to both sides in decision making and planning at all levels. Organizations must decide the most appropriate way to allocate and structure resources and responsibilities within their organizations, using the Three Lines of Defense to their advantage.”

Based on input from working and advisory groups engaged by The IIA, an updated position paper will be presented for public comment in the first quarter of 2019. Details of this exposure will be announced in January. The IIA’s existing position paper, “The Three Lines of Defense in Effective Risk Management and Control,” was last updated in 2013.

For further insight on The IIA’s review of the Three Lines of Defense, see IIA President and CEO Richard Chambers’ latest blog post.


Tags: GRCinternal audit
Previous Post

Common Pitfalls in Third-Party Due Diligence

Next Post

TRACE: Update – The UK Bribery Act and Enforcement Trends

Corporate Compliance Insights

Related Posts

yellow job search box speech bubble

Fortune 500 Job Descriptions Are Still Biased Toward Men

January 12, 2021
cash

Banks Worldwide Amass $15B in Fines in 2020, U.S. Banks Account for 73%

January 11, 2021
cyber attack malware encrypted files and lock on cloud

Telos Announces Latest Version of its Next-Generation Cyber Risk Management Platform

January 7, 2021
Hologram of whatsapp logo over smartphone

Shield and TeleMessage to Deliver Direct Capture of Mobile and WhatsApp Communications

January 5, 2021
Next Post
businessman passing bribe on table

TRACE: Update – The UK Bribery Act and Enforcement Trends

Access realtime data

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management culture of ethics cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security internal audit KYC/know your customer machine learning monitoring regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights