Read: Does the New Three Lines Model Give Short Shrift to Compliance? — a CCI Exclusive
Lake Mary, FL (June 17, 2019) – The Institute of Internal Auditors (IIA) announced today that it is seeking public comment from June 20 to September 19 on proposed updates to the Three Lines of Defense, a widely accepted and used model that addresses the many issues around organizational risk management and control.
The Three Lines of Defense describes the respective roles of the board/governing body, senior and operational management, risk and compliance functions, and internal auditing. The current model has the benefit of being simple, easy to communicate, and easy to understand. It helps organizations avoid confusion, gaps, and overlaps when they assign responsibilities for risk management and control activities. It also highlights the influence of external audit and regulators.
Despite its widespread acceptance, however, the existing Three Lines of Defense has been criticized as being too limiting and restrictive. As its title conveys, the model emphasizes defensive actions and doesn’t addresses the critical need to take a proactive approach for both opportunities and threats. The existing model also suggests rigid strictures and may reinforce ineffective and inefficient organizational silos.
“The Three Lines of Defense has been a valuable tool for risk and control for more than two decades,” said IIA President and CEO Richard F. Chambers. “Changes proposed by a task force representing audit practitioners, risk and compliance executives, stakeholders, and others are designed to help modernize and strengthen the model to ensure its sustained usefulness and value.”
To access a review copy of The IIA’s exposure document “Three Lines of Defense” and to participate in the public survey, go to www.theiia.org/3LOD.
About The Institute of Internal Auditors
The Institute of Internal Auditors (IIA) is the internal audit profession’s most widely recognized advocate, educator, and provider of standards, guidance, and certifications. Established in 1941, The IIA today serves more than 200,000 members from more than 170 countries and territories. The IIA’s global headquarters are in Lake Mary, Fla.
