- Topics
- Regions
- Events
- Webcasts
- Resources
- CW Exclusives
- Membership
“For tracking litigation, enforcement, and regulatory developments, Compliance Week
should be your prime source.”- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
IIA’s ‘Three Lines of Defense’ updated to stress collaboration
By 
Kyle Brasseur2020-07-20T18:30:00
The Institute of Internal Auditors (IIA) on Monday announced an update to its widely utilized “Three Lines of Defense” model to focus more on defined roles in an effort to boost collaboration.
The new “Three Lines Model,” as it is now referred to by the IIA, “acknowledge[es] that risk-based decision-making is as much about seizing opportunities as it is about defensive moves,” the organization stated in a press release. “The new Three Lines Model helps organizations better identify and structure interactions and responsibilities of key players toward achieving more effective alignment, collaboration, accountability and, ultimately, objectives.”
The original Three Lines of Defense model consisted of the first line (risk owners/managers), the second line (risk control and compliance), and the third line (risk assurance). Each line reported up to senior management, with the third line of internal audit representing the last wall before external audit and regulators.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
ArticleQ&A: IIA president Chambers on Three Lines update, COVID-19, more
In the wake of drastic updates to the “Three Lines Model” for managing risk, IIA President and CEO Richard Chambers catches up with Compliance Week to discuss the changes, how COVID-19 has impacted the internal audit profession, and more.
-
ArticleAnalysis: Comparing the IIA’s new ‘Three Lines Model’ to the old one
The biggest improvement in the IIA’s new “Three Lines Model” of risk management is it allows for greater flexibility between “lines” and is less likely to be interpreted so literally.
-
ArticleIIA CEO Chambers to step down
The Institute of Internal Auditors announced longtime President and Chief Executive Officer Richard Chambers plans to step down at the end of March.
More from Risk Management
-
News BriefPortuguese bank ousts chief risk officer after ‘suspicious’ transactions uncovered
Portuguese bank Novo Banco, S.A., fired Chief Risk Officer Carlos Jorge Ferreira Brandão “with just cause” after an internal probe discovered “suspicious financial transactions” in his sphere.
-
News BriefTop 5 risks for 2025: U.S. uncertainty, global trade war, digital attacks
A prominent risk management firm has issued its predictions for the top five risks for business in 2025, along with guidance for how organizations should prepare and respond.
-
PremiumWorries DOJ is ‘dumping’ AI responsibilities on compliance departments in ECCP update
When the DOJ released its revised Evaluation of Corporate Compliance Programs, it turned some heads. Tucked into a section on risk assessments was a strongly worded series of questions that appeared to shoulder compliance teams with the responsibility for ensuring the safe use of AI tools by their firms.