3 lines of defense model

The Three Lines of Defense model is a way organizations manage risk and ensure they operate effectively. The first line includes managers and staff who directly handle day-to-day activities and identify risks. The second line involves functions like risk management and compliance teams that set policies and monitor adherence. The third line is internal audit, which independently reviews and assesses whether the organization controls are effective. Together, these three layers provide a structured approach to prevent, detect, and address issues, promoting accountability and improving organizational resilience.