What Critics Say on Three Lines of Defense
The Three Lines of Defense model for risk oversight—business units in the first line, compliance in the second, internal auditors in the third—has been hugely popular in recent years. Proponents love it, and regulators have come to expect it. Critics, however, say the Three Lines model is too simplistic a ...
Related articles
-
Article
Deloitte: financial institutions reengineer risk management
Financial institutions are beginning new efforts to reengineer their risk management programs and tap into emerging technologies, according to a survey conducted by Deloitte Global.
-
Article
Where Internal Audit Can Help in Cyber-Security
Image: With yet another huge data breach hitting Corporate America—add insurance giant Anthem to the Hall of Shame—internal audit departments are trying to pinpoint what expertise they can bring to the company’s cyber-security risk assessment. Plenty, many audit executives say. “There are technical aspects of these projects, but regardless of ...
-
WebcastSept 11 | How to Build Holistic Risk and Resilience Management
Risk, compliance, and business continuity teams often run in parallel, but what if they worked better together? As risks become more interconnected and the pressure to respond quickly grows, companies are realizing that a siloed approach doesn’t cut it anymore.