Three Lines of Defence Model

From ACT Wiki
Revision as of 21:59, 13 November 2016 by imported>Doug Williamson (Create the page. Source: CIIA https://www.iia.org.uk/threelines)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Financial services - risk management

The Three Lines of Defence Model is designed to assure the effective management of risk.

First line of defence

Under the first line of defence, operational management has ownership, responsibility and accountability for directly assessing, controlling and mitigating risks.

Second line of defence

The second line of defence consists of activities covered by several components of internal governance including compliance, risk management, and other control departments.

This line of defence monitors and facilitates the implementation of effective risk management practices by operational management and assists the risk owners in reporting adequate risk related information.

Third line of defence

Internal audit forms the organisation’s third line of defence.


See also

Retrieved from ‘https://wiki.treasurers.org/w/index.php?title=Three_Lines_of_Defence_Model&oldid=47668