The Three Lines of Defense Model

The Three Lines of Defense Model is a framework used to manage risk and ensure effective governance within organizations. The first line consists of operational management, which directly manages risks in their everyday activities. The second line includes risk management and compliance functions that provide guidance and support to the first line, helping to identify and mitigate risks. The third line is the internal audit, which independently evaluates the organization's risk management processes and controls to ensure they are effective. Together, these lines create a comprehensive approach to managing risk and ensuring accountability within the organization.