The Three Lines of Defense: Who, What, Why and Where

Seminar Overview

The Three Lines of Defense methodology outlines essential governance elements built upon key governance principles. The model is designed to help practitioners in all industries to install risk management and oversight structures, which ultimately create a strong foundation for managing risk while achieving organizational goals and objectives. This course will cover the roles and responsibilities for all three lines of defense and assist participants in identifying key model elements to consider when performing audit engagements in the second line of defense.

Who Should Attend:

Auditors who would like to learn more about three lines model, the roles and
responsibilities of risk management and elements to consider when performing audits of the second line
of defense (risk management). (NASBA Field of Study: Auditing).

  • Learn and understand the Three Lines Model
  • Discuss the roles and responsibilities of each line of defense
  • o Management
    o Risk Management
    o Internal Audit

  • Discuss the structure and role of governance committees
  • Discuss traditional Risk Management functions applicable to most industries such as
  • o Enterprise Risk Management
    o Operational Risk Management, including
         Fraud Risk Management (Internal and External)

         Third Party Risk Management
         Information Risk Management
         Business Continuity/Disaster Recovery

  • Compare and contrast independence and objectivity expectations between Risk Management and Internal Audit
  • Discuss methods to coordinate and align risk management and internal audit objectives
  • Discuss opportunities to leverage risk management for internal audit coverageSurvey