The Institute of Internal Auditors announced today that it will seek public comment between May 28 and July 30 on an updated model of the Three Lines of Defense, a widely used concept designating essential roles and duties in governance, risk management and control.
The IIA set out to update the model as an acknowledgment of changes in stakeholder expectations and increasing complexities of organizations. In collaboration with specialists in governance and risk management, The IIA launched an extensive review of the Three Lines of Defense, weighing the concept’s strengths, application, and usefulness toward ensuring its continued relevance in today’s operational climate.
The IIA released a position paper on the model, “The Three Lines of Defense in Effective Risk Management and Control,” in 2013. While that paper still holds value, there are new concepts to address for the growing world of operational management, risk management and compliance functions, and internal audit.
Details of the public exposure, including how to submit comments, will be announced in the next few months.